prosím o kontrolu logu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

Uživatelský avatar
KamilaS
Level 3.5
Level 3.5
Příspěvky: 694
Registrován: červen 13
Bydliště: Praha
Pohlaví: Žena

Re: prosím o kontrolu logu

Příspěvekod KamilaS » 09 čer 2019 13:05

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-06-2019
Ran by PaK (09-06-2019 13:03:19)
Running from C:\Users\PaK\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2018-11-14 10:57:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1058406970-3274726358-2704053483-500 - Administrator - Disabled)
Guest (S-1-5-21-1058406970-3274726358-2704053483-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1058406970-3274726358-2704053483-1002 - Limited - Enabled)
PaK (S-1-5-21-1058406970-3274726358-2704053483-1000 - Administrator - Enabled) => C:\Users\PaK

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.11 - GIGABYTE)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.192 - Adobe)
Aegisub 3.2.2 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
Aktualizace NVIDIA 31.1.10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.1.10.0 - NVIDIA Corporation) Hidden
AutoGreen B10.1021.1 (HKLM\...\{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE) Hidden
AutoGreen B10.1021.1 (HKLM\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
Avira (HKLM\...\{07641669-3466-4C2E-BA95-256AEA825533}) (Version: 1.2.134.23796 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM\...\{b7f9e12f-ca78-4964-9ffc-54acebd17675}) (Version: 1.2.134.23796 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.1905.1271 - Avira Operations GmbH & Co. KG)
CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
Easy Tune 6 B11.0309.1 (HKLM\...\{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Hidden
Easy Tune 6 B11.0309.1 (HKLM\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
FastStone Image Viewer 6.7 (HKLM\...\FastStone Image Viewer) (Version: 6.7 - FastStone Soft)
FormatFactory 4.5.5.0 (HKLM\...\FormatFactory) (Version: 4.5.5.0 - Free Time)
Free One Click ZIP & RAR Wizard (HKLM\...\Free One Click ZIP & RAR Wizard2.0) (Version: 2.0 - Simply Free Software)
Icecream PDF Converter verze 2.86 (HKLM\...\{6811A286-E9F4-4035-9738-7721C087E500}_is1) (Version: 2.86 - Icecream Apps)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219.473 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219.473 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.12.25810 (HKLM\...\{7FED75A1-600C-394B-8376-712E2A8861F2}) (Version: 14.12.25810 - Microsoft Corporation)
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.12.25810 (HKLM\...\{828952EB-5572-3666-8CA9-000B6CE79350}) (Version: 14.12.25810 - Microsoft Corporation)
Mozilla Firefox 67.0.1 (x86 cs) (HKLM\...\Mozilla Firefox 67.0.1 (x86 cs)) (Version: 67.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.1.7088 - Mozilla)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
ON_OFF Charge B11.0110.1 (HKLM\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenOffice 4.1.6 (HKLM\...\{8DADDDBF-EB36-4D00-9291-8C281F1755A6}) (Version: 4.16.9790 - Apache Software Foundation)
Ovládací panel NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6307 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.6 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.6 - VS Revo Group, Ltd.)
Skype verze 8.34 (HKLM\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
Skype™ 7.41 (HKLM\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 7.41.101 - Skype Technologies S.A.)
Smart 6 B10.1221.1 (HKLM\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Splashtop Connect for Firefox (HKLM\...\{D2BF4F2C-BDF3-41C3-8D38-185F6342EC47}) (Version: 1.1.6.3 - Splashtop Inc.)
Splashtop Connect IE (HKLM\...\{418D77E2-7B60-48F8-B016-30A32699EE74}) (Version: 1.1.10.4 - Splashtop Inc.)
Spotify (HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\...\Spotify) (Version: 1.1.2.285.ga97985ef - Spotify AB)
Spotify (HKU\S-1-5-21-1058406970-3274726358-2704053483-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019125309118\...\Spotify) (Version: 1.1.2.285.ga97985ef - Spotify AB)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VSO Media Player 1.6.19.528 (HKLM\...\{59F1E8E6-60EC-4CC1-8C72-E0F38E585215}_is1) (Version: 1.6.19.528 - VSO Software)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Zemana AntiMalware verze 3.1.210 (HKLM\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.210 - Zemana)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [CopyToCD] -> {39F0FA09-4451-4477-9D23-4B9ADDEEF838} => C:\Program Files\VSO\common\CTShell.dll [2013-06-05] (VSO-SOFTWARE -> VSO Software SARL)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_105.dll [2018-11-29] (Free Time) [File not signed]
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2019-05-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [CopyToCD] -> {39F0FA09-4451-4477-9D23-4B9ADDEEF838} => C:\Program Files\VSO\common\CTShell.dll [2013-06-05] (VSO-SOFTWARE -> VSO Software SARL)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_105.dll [2018-11-29] (Free Time) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [CopyToCD] -> {39F0FA09-4451-4477-9D23-4B9ADDEEF838} => C:\Program Files\VSO\common\CTShell.dll [2013-06-05] (VSO-SOFTWARE -> VSO Software SARL)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2019-05-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\PaK\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Games.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c "start hxxp://socialgames.splashtop.com/redire ... em=gbbcu01^&os=Windows^&p=H61M-D2-B3^&pv=1.1.10^&v=4^&flv=^&c=1029^&t=d41d8cd98f00b204e9800998ecf8427e^&l=cs-CZ"

==================== Loaded Modules (Whitelisted) ==============

2018-11-14 13:08 - 2010-11-06 00:50 - 000058880 _____ () [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2019-05-21 18:43 - 2019-05-21 18:43 - 000169984 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1236939c581ddfd4a223ef05a487476b\IsdiInterop.ni.dll
2018-11-14 13:08 - 2010-10-05 21:43 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2018-11-26 20:21 - 2018-05-14 23:34 - 000023040 _____ (Copyright (c) Code Industry Ltd ) [File not signed] C:\Windows\System32\mpelocalmon.dll
2018-11-29 02:55 - 2018-11-29 02:55 - 000154112 _____ (Free Time) [File not signed] C:\Program Files\FormatFactory\ShellEx_105.dll
2018-11-14 13:13 - 2010-08-12 15:38 - 001841504 _____ (Giga-Byte Technology -> Gigabyte Technology CO.) [File not signed] C:\Program Files\GIGABYTE\SMART6\Recovery\RPMDaemon.exe
2018-11-14 13:13 - 2010-08-05 11:33 - 000166400 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\GIGABYTE\Smart6\Recovery\RescuePlan.dll
2018-11-14 13:13 - 2010-08-05 11:33 - 000608256 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\GIGABYTE\Smart6\Recovery\srpCore.dll
2018-11-14 13:13 - 2010-04-22 16:05 - 001011712 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\GIGABYTE\Smart6\Timelock\AlarmClock.exe
2018-11-14 13:13 - 2010-10-19 19:30 - 000249856 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\GIGABYTE\Smart6\Timelock\BPassDLL.dll
2018-11-14 13:13 - 2009-10-13 17:35 - 000204800 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\GIGABYTE\Smart6\Timelock\slmDB.dll
2018-11-14 13:13 - 2009-10-13 17:35 - 000122880 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\GIGABYTE\Smart6\Timelock\slmSecret.dll
2018-11-14 13:13 - 2009-10-13 17:35 - 000110592 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\GIGABYTE\Smart6\Timelock\slmWeekCtrlRule.dll
2018-11-14 13:13 - 2009-10-13 17:35 - 000155648 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\GIGABYTE\Smart6\Timelock\SmartLock.dll
2018-11-14 13:13 - 2009-10-13 17:39 - 000114688 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
2019-05-21 18:43 - 2019-05-21 18:43 - 000014336 _____ (Intel Corp.) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\0c56ff8fdb2ca57486836ef213aa161a\IAStorCommon.ni.dll
2018-11-14 13:08 - 2010-10-05 21:38 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2018-11-14 13:08 - 2010-11-06 00:50 - 000006656 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorDataMgr.resources.dll
2018-11-14 13:08 - 2010-11-06 00:50 - 000032768 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorIcon.resources.dll
2018-11-14 13:08 - 2010-11-06 00:50 - 000004608 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IntelVisualDesign.resources.dll
2018-11-14 13:08 - 2010-11-06 00:50 - 000164864 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUIHelper.dll
2018-11-14 13:08 - 2010-11-06 00:50 - 001109504 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IntelVisualDesign.dll
2018-11-14 13:08 - 2010-11-06 00:46 - 000275456 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI.dll
2019-05-21 18:43 - 2019-05-21 18:43 - 000219136 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\ad816797bbf67310948231ce351ccd44\IAStorDataMgr.ni.dll
2019-05-21 18:43 - 2019-05-21 18:43 - 000019968 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\3815277dcd5086221d15d8e580bbd1c0\IAStorDataMgrSvc.ni.exe
2019-05-21 18:43 - 2019-05-21 18:43 - 000475648 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ae6921cb4abb593427cd4cbfbd11cd89\IAStorUtil.ni.dll
2018-03-26 12:58 - 2018-03-26 12:58 - 000112128 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2018-11-23 12:08 - 2018-11-23 12:08 - 000626688 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\MSVCR80.dll
2018-11-20 20:25 - 2018-11-20 20:25 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2018-11-17 18:01 - 2018-03-24 01:05 - 000320032 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2019-06-06 22:24 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PaK\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1058406970-3274726358-2704053483-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019125309118\Control Panel\Desktop\\Wallpaper -> C:\Users\PaK\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6C92522A-6825-493A-9F42-804FE785273D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4654F474-B8DE-4129-9F8D-754AE51C06E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2B4D2EDF-B47E-426C-93A3-74236EBC5F90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6F3C5CF9-5D42-49EF-88BC-ED7D74430B80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{603F0336-9B40-41AA-B04F-36733DFB9272}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B73056E2-DDA6-4F27-BD85-B03D2CEA23DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5B2CB128-9F01-42DA-89C4-FC39AEB1D456}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BF563E69-7E2D-4032-9F6A-AC88016628A7}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{52D3E268-1795-44FC-B7EE-08AB788C126D}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{CA8D5882-9460-49E7-BCDB-68FDD3C24BAA}C:\users\pak\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pak\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{961C8A60-5CD3-4113-96C4-CA5E1FFC21EF}C:\users\pak\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pak\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{9A428622-27B8-4F52-B852-79797BD5F997}C:\users\pak\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\pak\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{7C064A8F-1465-4629-9F38-D1F0BBF5EFAD}C:\users\pak\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\pak\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{95FD47F2-FCC3-49A3-9E00-6B3D929F9F21}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{15A19FD8-00B5-41A4-AD17-BFC3B17F8CFC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{3BE52E95-B99E-49DA-9043-47CFA4A480B4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{B0E80F14-E159-49EA-BB93-B58EAFED2440}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{82A3619B-290E-46AF-8636-82E7DF68D209}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{69244321-E1FF-4C0C-BC8D-4F43D38E6316}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{D2E16D62-9F1C-4F3A-AF97-38D6160FE340}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [TCP Query User{DF81666F-DE00-478B-B972-DEB9A75ADE73}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{9B67E84E-5B67-4E8A-877D-124E99891F6D}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{2FFB8E6D-80DF-4C9A-9853-E55766F888D7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CA1494AB-3FA1-46FE-B00B-D839A5D8E7E5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

==================== Restore Points =========================

07-06-2019 20:04:43 ComboFix created restore point

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/09/2019 12:58:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error: (06/09/2019 12:58:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (06/09/2019 12:58:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (06/09/2019 12:52:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/08/2019 07:26:20 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error: (06/08/2019 07:26:20 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (06/08/2019 07:26:20 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (06/08/2019 07:20:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (06/09/2019 12:58:01 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (06/09/2019 12:58:01 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (06/09/2019 12:54:01 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (06/09/2019 12:54:01 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (06/09/2019 12:51:53 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (06/09/2019 12:51:53 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (06/08/2019 10:22:41 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (06/08/2019 10:22:41 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.


==================== Memory info ===========================

BIOS: Award Software International, Inc. F6 ZA 05/26/2011
Motherboard: Gigabyte Technology Co., Ltd. H61M-D2-B3
Processor: Intel(R) Pentium(R) CPU G620 @ 2.60GHz
Percentage of memory in use: 61%
Total physical RAM: 3319.42 MB
Available physical RAM: 1273.67 MB
Total Virtual: 6637.21 MB
Available Virtual: 3911.53 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:824.84 GB) NTFS

\\?\Volume{bab403c5-e7fa-11e8-ac51-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: AF6E1142)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


Jsem Lama ale jsem snaživá : D

Reklama
Uživatelský avatar
KamilaS
Level 3.5
Level 3.5
Příspěvky: 694
Registrován: červen 13
Bydliště: Praha
Pohlaví: Žena

Re: prosím o kontrolu logu

Příspěvekod KamilaS » 09 čer 2019 13:06

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-06-2019
Ran by PaK (administrator) on PAK-PC (ATComputers COMFOR BOXER I+) (09-06-2019 13:01:56)
Running from C:\Users\PaK\Desktop
Loaded Profiles: PaK & (Available Profiles: PaK)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Giga-Byte Technology -> Gigabyte Technology CO.) [File not signed] C:\Program Files\GIGABYTE\SMART6\Recovery\RPMDaemon.exe
(Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\GIGABYTE\SMART6\timelock\AlarmClock.exe
(Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\GIGABYTE\SMART6\timelock\TimeMgmtDaemon.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(NVIDIA Corporation -> Node.js) C:\Program Files\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Splashtop Inc. -> Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
(Splashtop Inc. -> Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [STCAgent] => C:\Program Files\Splashtop\Splashtop Connect IE\STCAgent.exe [776064 2010-11-24] (Splashtop Inc. -> Splashtop Inc.)
HKLM\...\Run: [ZyngaGamesAgent] => C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe [841544 2010-11-15] (Splashtop Inc. -> Splashtop Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10025576 2011-02-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2019-05-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe [1750528 2010-08-24] (Gigabyte Technology CO., LTD.) [File not signed]
HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1058406970-3274726358-2704053483-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019125309118\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04D44055-6624-4134-9661-F026A42F8250} - System32\Tasks\AMHelper => C:\Program Files\Zemana\AntiMalware\AntiMalware.exe [644672 2019-05-23] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {0FA11C0F-50C0-42D2-8545-8F5EDEF8DF52} - System32\Tasks\{ED6F97A0-14F7-4F63-861F-FB5FD1230DFF} => C:\Users\PaK\Desktop\zoek.exe
Task: {153F8875-EB76-4A56-8D75-C276EBCF4CFB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {194A7AFF-2E53-487A-ACCB-7971ECFD7E9A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2055EDDB-7E8E-4AC2-8182-0CB94F1ECEFA} - System32\Tasks\{BB1854C4-A8BF-4286-ABCD-6159EF9A455C} => C:\Users\PaK\Desktop\zoek.exe
Task: {23363D22-5826-4737-97EA-751E1A569760} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [554944 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {293D963D-1BE7-4231-AA68-975A19EAE70A} - System32\Tasks\{9D2A46FA-6AD6-48A9-B375-3D366FACDA8F} => C:\Users\PaK\Desktop\zoek.exe
Task: {2AA341A3-8852-44DE-9D9E-4725117919AB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {35F3638A-462F-44A8-A5A8-7E1EBDF6EA73} - System32\Tasks\{E0B05C0C-9B87-443C-8156-1B2D3B4C16E2} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Duplicate Files Finder\uninstall.exe" -d "C:\Program Files\Duplicate Files Finder"
Task: {44B0340C-87EC-4841-B9D5-222D88D65FD5} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {45B3055F-7AE1-4B27-82F1-BBEA58190D73} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4C7E6AE9-53E4-43B3-9568-3BAA5E5B12B0} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files\Avira\Antivirus\avgnt.exe [2873016 2019-05-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {4E69D7DD-F799-4B3A-A221-377D1D8D81B0} - System32\Tasks\{E02A8F61-C05A-4C5E-A3A6-3736066049A5} => C:\Users\PaK\Desktop\zoek.exe
Task: {4F62069D-D049-4B94-B70F-9A155B83196E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe [1457208 2019-05-24] (Adobe Inc. -> Adobe)
Task: {7A50E66E-6EFF-4777-ADAF-7C81693AE7F7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {88135125-A28F-45AF-9795-5DA589BB7C0C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {966AFD09-6C2A-48BB-B136-035939A44D48} - System32\Tasks\{8CEF33F8-41F4-49DC-A439-A9E20159AE9E} => C:\Users\PaK\Desktop\zoek.exe
Task: {9785FB06-B2F5-42FC-833F-62E41B47F90D} - System32\Tasks\{02EB4B8E-4CEB-4018-ADA0-C0963D714F44} => C:\Users\PaK\Desktop\zoek.exe
Task: {9A6BE27A-18AF-4CDD-AD46-78BB5266F7C2} - System32\Tasks\{B7450093-7FDE-4374-ACBB-DE9D3287385C} => C:\Users\PaK\Desktop\zoek.exe
Task: {B2C60060-B36E-4324-B3F5-C7F82699E9ED} - System32\Tasks\{AFCF4D10-BE58-4F93-A404-8DC9BA1B2D57} => C:\Users\PaK\Desktop\zoek.exe
Task: {BCA12C00-8A34-4306-9B78-120D40B66D4F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C8ADE8DC-A04F-44BF-B7E4-D01941412E9C} - System32\Tasks\{FA1EF5CB-A759-4F29-8319-AB3388D6AB9D} => C:\Users\PaK\Desktop\zoek.exe
Task: {D29EEE62-45E3-4ECE-A6E2-9C4C261E6776} - System32\Tasks\{603048A8-B27F-4D03-8F14-65370DF0AE8A} => C:\Users\PaK\Desktop\zoek.exe
Task: {D3CB0874-3F45-4F9B-9D35-4371BE9843FC} - System32\Tasks\{7D26F68D-B406-4AD6-ABA5-6909A49BFB78} => C:\Users\PaK\Desktop\zoek.exe
Task: {E42F1F28-E4D1-410C-87EE-FC9947E522C7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [554944 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ECD9A24F-E7F3-4784-84AC-CC02ACC3BD1D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{4646D015-37E7-450E-94B7-370C1808AD96}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1058406970-3274726358-2704053483-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019125309118\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000 -> DefaultScope {5688C4ED-E227-4840-9A2B-7AC106EAC299} URL = hxxp://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000 -> {5688C4ED-E227-4840-9A2B-7AC106EAC299} URL = hxxp://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000 -> {83490B88-4762-4bbc-9982-8C1160848A91} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000 -> {B56AC1C9-FF2B-4f88-863A-96BB47B553EA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019125309118 -> DefaultScope {5688C4ED-E227-4840-9A2B-7AC106EAC299} URL = hxxp://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019125309118 -> {5688C4ED-E227-4840-9A2B-7AC106EAC299} URL = hxxp://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019125309118 -> {83490B88-4762-4bbc-9982-8C1160848A91} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019125309118 -> {B56AC1C9-FF2B-4f88-863A-96BB47B553EA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
Toolbar: HKLM - Smart Recovery 2 - {a011d643-4a67-4934-a775-46139847d7f2} - C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: gwv8564l.default
FF ProfilePath: C:\Users\PaK\AppData\Roaming\Mozilla\Firefox\Profiles\gwv8564l.default [2019-06-09]
FF Homepage: Mozilla\Firefox\Profiles\gwv8564l.default -> hxxps://www.google.com/webhp?authuser=1
FF Extension: (Youtube to MP3 Free Converter) - C:\Users\PaK\AppData\Roaming\Mozilla\Firefox\Profiles\gwv8564l.default\Extensions\@youtubemp3free.xpi [2019-06-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-24] (Adobe Inc. -> )
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [1202216 2019-05-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [483232 2019-05-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [483232 2019-05-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1765472 2019-05-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> )
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [455424 2019-05-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5247944 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Smart TimeLock; C:\Program Files\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
R2 WCUService_STC_FF; C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [493384 2010-11-30] (Splashtop Inc. -> Splashtop Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2016-03-25] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [208824 2019-06-05] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [18544 2011-01-10] (Giga-Byte Technology -> )
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2016-03-25] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [47976 2019-02-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [142784 2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [169016 2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36688 2019-02-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [60360 2019-02-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [33280 2019-02-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128552 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R3 gdrv; C:\Windows\gdrv.sys [17488 2019-06-09] (Giga-Byte Technology -> Windows (R) 2000 DDK provider)
S3 GVTDrv; C:\Windows\system32\Drivers\GVTDrv.sys [24944 2018-11-17] (GIGA-BYTE TECHNOLOGY CO., LTD -> )
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [173512 2019-06-07] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [107168 2019-06-09] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [64088 2019-06-09] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [241760 2019-06-09] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [87280 2019-06-09] (Malwarebytes Corporation -> Malwarebytes)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28608 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [53616 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [51136 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-09 13:01 - 2019-06-09 13:02 - 000021983 _____ C:\Users\PaK\Desktop\FRST.txt
2019-06-09 13:01 - 2019-06-09 13:01 - 000000000 ____D C:\FRST
2019-06-09 13:00 - 2019-06-09 13:00 - 001770496 _____ (Farbar) C:\Users\PaK\Desktop\FRST.exe
2019-06-09 12:52 - 2019-06-09 12:52 - 000107168 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-06-09 12:52 - 2019-06-09 12:52 - 000087280 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-06-09 12:52 - 2019-06-09 12:52 - 000064088 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-06-09 12:51 - 2019-06-09 12:51 - 000241760 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-06-08 20:48 - 2019-06-08 20:48 - 000000000 ____D C:\Users\PaK\AppData\Local\Adobe
2019-06-08 20:47 - 2019-06-08 20:47 - 000037272 _____ C:\Users\PaK\Desktop\Szabová-životopis-2019.pdf
2019-06-08 20:47 - 2019-06-08 20:47 - 000000000 ____D C:\Users\PaK\AppData\Local\CrashRpt
2019-06-08 20:47 - 2019-06-08 20:40 - 000020790 _____ C:\Users\PaK\Desktop\Szabová-životopis-2019.odt
2019-06-07 12:44 - 2019-06-07 12:44 - 000173512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-06-06 22:16 - 2019-06-06 22:24 - 000000000 ____D C:\Windows\erdnt
2019-06-06 12:02 - 2014-10-29 22:39 - 000000000 ____D C:\Users\PaK\Downloads\Zuzana Navarova - Zelene Album (2000)
2019-06-06 11:54 - 2019-06-06 11:58 - 081340917 _____ C:\Users\PaK\Downloads\zuzana-navarova-zelene-album-2000 pres MultiLoad.cz.rar
2019-06-06 11:54 - 2012-04-25 22:32 - 000000000 ____D C:\Users\PaK\Downloads\KOA Zuzana Navarová d.t. § Koa - Barvy všecky
2019-06-06 11:50 - 2019-06-06 11:53 - 062377166 _____ C:\Users\PaK\Downloads\koa-zuzana-navarova-d-t-koa-barvy-vsecky pres MultiLoad.cz.rar
2019-06-06 11:43 - 2019-06-06 11:46 - 000000000 ____D C:\Users\PaK\Desktop\mobile
2019-06-06 11:19 - 2019-06-06 19:31 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-06-06 11:09 - 2019-06-06 11:09 - 000000000 ____D C:\Users\PaK\AppData\Local\CrashDumps
2019-06-05 23:41 - 2019-06-09 13:02 - 000047225 _____ C:\Windows\ZAM.krnl.trace
2019-06-05 23:41 - 2019-06-06 11:10 - 000000000 ____D C:\Users\PaK\AppData\Local\AMSDK
2019-06-05 23:41 - 2019-06-05 23:41 - 000208824 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2019-06-05 23:41 - 2019-06-05 23:41 - 000002000 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2019-06-05 23:41 - 2019-06-05 23:41 - 000000000 ____D C:\Users\PaK\AppData\Local\Zemana
2019-06-05 23:41 - 2019-06-05 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2019-06-05 23:41 - 2019-06-05 23:41 - 000000000 ____D C:\Program Files\Zemana
2019-06-05 23:38 - 2019-06-05 23:38 - 012471128 _____ (Zemana Ltd. ) C:\Users\PaK\Desktop\AntiMalware_Setup.exe
2019-06-05 22:38 - 2019-06-05 22:38 - 000000182 _____ C:\Users\PaK\Desktop\1234.txt
2019-06-04 19:42 - 2019-06-04 20:01 - 000000000 ____D C:\ProgramData\RogueKiller
2019-06-02 22:09 - 2019-06-02 22:09 - 000000000 ____D C:\ProgramData\Sophos
2019-06-02 22:08 - 2019-06-02 22:08 - 000002699 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2019-06-02 22:08 - 2019-06-02 22:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2019-06-02 22:06 - 2019-06-02 22:06 - 000002150 _____ C:\Users\PaK\Desktop\JRT.txt
2019-06-02 13:34 - 2019-06-02 13:34 - 000002024 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-06-02 13:34 - 2019-06-02 13:34 - 000000000 ____D C:\Users\PaK\AppData\Local\mbamtray
2019-06-02 13:34 - 2019-06-02 13:34 - 000000000 ____D C:\Users\PaK\AppData\Local\mbam
2019-06-02 13:34 - 2019-06-02 13:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-06-02 13:34 - 2019-06-02 13:34 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-06-02 13:34 - 2019-06-02 13:34 - 000000000 ____D C:\Program Files\Malwarebytes
2019-06-02 13:34 - 2019-01-08 16:32 - 000128552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2019-06-02 13:27 - 2019-06-02 21:58 - 000000000 ____D C:\AdwCleaner
2019-06-01 22:16 - 2019-06-01 22:18 - 000000000 ____D C:\Users\PaK\Downloads\Private.Eyes.S02.1080p.AMZN.WEBRip.DDP5.1.x264-ViSUM[rartv]
2019-06-01 21:52 - 2019-06-01 21:52 - 000000000 ____D C:\Users\PaK\Downloads\Private.eyes.S01.BDRip.x264-DEMAND[rartv]
2019-06-01 21:43 - 2019-06-01 21:43 - 000000000 ____D C:\Users\PaK\Downloads\Private.Eyes.S01E09.HDTV.x264-KILLERS[ettv]
2019-06-01 21:43 - 2019-06-01 21:43 - 000000000 ____D C:\Users\PaK\Downloads\Private.Eyes.S01E08.HDTV.x264-KILLERS[rarbg]
2019-06-01 21:42 - 2019-06-01 21:42 - 000000000 ____D C:\Users\PaK\Downloads\Private.Eyes.S01E07.HDTV.x264-KILLERS[ettv]
2019-06-01 21:41 - 2019-06-01 21:41 - 000000000 ____D C:\Users\PaK\Downloads\Private.Eyes.S01E06.HDTV.x264-FLEET[rarbg]
2019-06-01 21:40 - 2019-06-02 13:04 - 000000000 ____D C:\Users\PaK\Downloads\Private.Eyes.S01E04.HDTV.x264-KILLERS[ettv]
2019-06-01 21:40 - 2019-06-01 21:40 - 000000000 ____D C:\Users\PaK\Downloads\Private.Eyes.S01E05.HDTV.x264-FLEET[rarbg]
2019-06-01 09:48 - 2019-06-01 09:48 - 000001150 _____ C:\Users\Public\Desktop\Avira.lnk
2019-05-31 23:29 - 2019-06-06 19:47 - 000000000 ____D C:\Users\PaK\Desktop\VÍRY
2019-05-27 14:43 - 2019-05-27 14:43 - 000000000 ____D C:\80f4e2a897cf94eaba
2019-05-27 14:31 - 2019-05-27 14:31 - 000000000 ____D C:\Windows\CheckSur
2019-05-24 16:55 - 2019-05-24 16:55 - 000842296 _____ (Adobe) C:\Windows\system32\FlashPlayerApp.exe
2019-05-24 16:55 - 2019-05-24 16:55 - 000175160 _____ (Adobe) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-05-24 16:55 - 2019-05-24 16:55 - 000000000 ____D C:\Windows\system32\Macromed
2019-05-21 11:44 - 2019-05-21 11:44 - 000000000 ____D C:\2e356d1e48c4c494a3272d4ef0cac4
2019-05-21 11:01 - 2019-04-01 16:49 - 000288768 _____ (Microsoft Corporation) C:\Windows\system32\sipnotify.exe
2019-05-10 13:12 - 2019-06-06 19:31 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-05-10 13:12 - 2019-05-10 13:12 - 000001121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-05-10 13:12 - 2019-05-10 13:12 - 000001109 _____ C:\Users\Public\Desktop\Firefox.lnk

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-09 13:01 - 2018-11-17 18:00 - 000000000 ____D C:\ProgramData\NVIDIA
2019-06-09 13:01 - 2018-11-14 14:21 - 000000000 ____D C:\Users\PaK\AppData\LocalLow\Mozilla
2019-06-09 12:59 - 2009-07-14 06:34 - 000021968 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-06-09 12:59 - 2009-07-14 06:34 - 000021968 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-06-09 12:58 - 2011-04-12 03:37 - 002329362 _____ C:\Windows\system32\perfh005.dat
2019-06-09 12:58 - 2011-04-12 03:37 - 000707466 _____ C:\Windows\system32\perfc005.dat
2019-06-09 12:58 - 2010-11-20 23:01 - 000006256 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-09 12:52 - 2018-11-14 14:01 - 000017488 _____ (Windows (R) 2000 DDK provider) C:\Windows\gdrv.sys
2019-06-09 12:51 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-06 22:24 - 2009-07-14 04:04 - 000000215 _____ C:\Windows\system.ini
2019-06-06 11:43 - 2019-02-23 22:08 - 000000000 ____D C:\Users\PaK\AppData\Roaming\vlc
2019-06-05 19:48 - 2019-04-12 12:34 - 000000000 ____D C:\Users\PaK\Desktop\ANGLIE Pavla Szabova
2019-06-03 11:36 - 2018-12-28 14:49 - 000000000 ____D C:\Users\PaK\AppData\Local\Spotify
2019-06-03 11:35 - 2018-12-28 14:49 - 000000000 ____D C:\Users\PaK\AppData\Roaming\Spotify
2019-06-02 13:34 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2019-06-01 09:49 - 2018-11-14 14:14 - 000000000 ____D C:\ProgramData\Package Cache
2019-06-01 09:48 - 2018-11-19 12:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-06-01 09:47 - 2009-07-14 06:53 - 000032534 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-05-27 18:41 - 2019-02-14 15:53 - 000000000 ____D C:\FFOutput
2019-05-25 18:40 - 2019-02-03 01:15 - 000000000 ____D C:\Program Files\CCleaner
2019-05-22 12:55 - 2019-03-27 17:48 - 000000000 ____D C:\Users\PaK\Desktop\ANGLINA předložky a jiné- PŘEDLOHY
2019-05-21 11:41 - 2018-11-14 21:52 - 000000000 ____D C:\Windows\system32\MRT
2019-05-21 11:39 - 2018-11-14 21:52 - 129361720 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-05-19 14:48 - 2018-12-13 23:43 - 000000000 ____D C:\Users\PaK\AppData\Local\Microsoft Games
2019-05-15 07:17 - 2019-01-17 14:12 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-10 13:12 - 2018-11-14 14:21 - 000000000 ____D C:\Users\PaK\AppData\Roaming\Mozilla
2019-05-10 13:12 - 2018-11-14 14:21 - 000000000 ____D C:\Users\PaK\AppData\Local\Mozilla

==================== Files in the root of some directories =======

2018-11-14 13:11 - 2018-11-14 13:11 - 000001970 _____ () C:\Program Files\ET6.lnk
2018-11-14 13:13 - 2018-11-14 13:13 - 000000784 _____ () C:\Program Files\smart6.lnk
2019-02-26 16:57 - 2019-02-26 16:57 - 000002292 _____ () C:\Users\PaK\AppData\Roaming\ASSDraw3.cfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-06-02 14:44
==================== End of FRST.txt ============================
Jsem Lama ale jsem snaživá : D

Uživatelský avatar
KamilaS
Level 3.5
Level 3.5
Příspěvky: 694
Registrován: červen 13
Bydliště: Praha
Pohlaví: Žena

Re: prosím o kontrolu logu

Příspěvekod KamilaS » 09 čer 2019 13:11

taky jsem asi před třemi měsíci shazovala komplet windowsy ale pak (asi kvůli torrentům) se mi dvakrát povolily automatické aktua. a já natvrdo 2x vypla pc, abych pak mohla zakázat aut. akt.
a taky jsem si nainstalovala adobe flash player, protože jsem si myslela, že mi to pomůže v hraní her na FB
Jsem Lama ale jsem snaživá : D

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 39634
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosím o kontrolu logu

Příspěvekod jaro3 » 09 čer 2019 19:24

adobe flash player na hry? Je spíš na přehrávání videí..
Ale dnes se spíš používá HTML5.
Zkus nainstalovat.


AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

Příště vypnout antivir.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000 -> DefaultScope {5688C4ED-E227-4840-9A2B-7AC106EAC299} URL = hxxp://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000 -> {5688C4ED-E227-4840-9A2B-7AC106EAC299} URL = hxxp://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000 -> {83490B88-4762-4bbc-9982-8C1160848A91} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000 -> {B56AC1C9-FF2B-4f88-863A-96BB47B553EA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019125309118 -> DefaultScope {5688C4ED-E227-4840-9A2B-7AC106EAC299} URL = hxxp://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019125309118 -> {5688C4ED-E227-4840-9A2B-7AC106EAC299} URL = hxxp://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019125309118 -> {83490B88-4762-4bbc-9982-8C1160848A91} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019125309118 -> {B56AC1C9-FF2B-4f88-863A-96BB47B553EA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2016-03-25] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)

VirusTotal: C:\Program Files\ET6.lnk
VirusTotal: C:\Program Files\smart6.lnk
VirusTotal: C:\Users\PaK\AppData\Roaming\ASSDraw3.cfg
EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.


Error: (06/09/2019 12:58:01 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
KamilaS
Level 3.5
Level 3.5
Příspěvky: 694
Registrován: červen 13
Bydliště: Praha
Pohlaví: Žena

Re: prosím o kontrolu logu

Příspěvekod KamilaS » 09 čer 2019 20:08

Fix result of Farbar Recovery Scan Tool (x86) Version: 09-06-2019
Ran by PaK (09-06-2019 20:02:01) Run:1
Running from C:\Users\PaK\Desktop\VÍRY
Loaded Profiles: PaK (Available Profiles: PaK)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000 -> DefaultScope {5688C4ED-E227-4840-9A2B-7AC106EAC299} URL = hxxp://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000 -> {5688C4ED-E227-4840-9A2B-7AC106EAC299} URL = hxxp://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000 -> {83490B88-4762-4bbc-9982-8C1160848A91} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000 -> {B56AC1C9-FF2B-4f88-863A-96BB47B553EA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019125309118 -> DefaultScope {5688C4ED-E227-4840-9A2B-7AC106EAC299} URL = hxxp://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019125309118 -> {5688C4ED-E227-4840-9A2B-7AC106EAC299} URL = hxxp://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019125309118 -> {83490B88-4762-4bbc-9982-8C1160848A91} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019125309118 -> {B56AC1C9-FF2B-4f88-863A-96BB47B553EA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2016-03-25] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)

VirusTotal: C:\Program Files\ET6.lnk
VirusTotal: C:\Program Files\smart6.lnk
VirusTotal: C:\Users\PaK\AppData\Roaming\ASSDraw3.cfg
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5688C4ED-E227-4840-9A2B-7AC106EAC299} => removed successfully.
HKLM\Software\Classes\CLSID\{5688C4ED-E227-4840-9A2B-7AC106EAC299} => not found
HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{83490B88-4762-4bbc-9982-8C1160848A91} => removed successfully.
HKLM\Software\Classes\CLSID\{83490B88-4762-4bbc-9982-8C1160848A91} => not found
HKU\S-1-5-21-1058406970-3274726358-2704053483-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B56AC1C9-FF2B-4f88-863A-96BB47B553EA} => removed successfully.
HKLM\Software\Classes\CLSID\{B56AC1C9-FF2B-4f88-863A-96BB47B553EA} => not found
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019125309118 -> DefaultScope {5688C4ED-E227-4840-9A2B-7AC106EAC299} URL = hxxp://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms} => Error: No automatic fix found for this entry.
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019125309118 -> {5688C4ED-E227-4840-9A2B-7AC106EAC299} URL = hxxp://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms} => Error: No automatic fix found for this entry.
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019125309118 -> {83490B88-4762-4bbc-9982-8C1160848A91} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV => Error: No automatic fix found for this entry.
SearchScopes: HKU\S-1-5-21-1058406970-3274726358-2704053483-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019125309118 -> {B56AC1C9-FF2B-4f88-863A-96BB47B553EA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\AppMgmt => removed successfully.
AppMgmt => service removed successfully.
VirusTotal: C:\Program Files\ET6.lnk => https://www.virustotal.com/file/32e2e0b ... 560103332/
VirusTotal: C:\Program Files\smart6.lnk => https://www.virustotal.com/file/ab9a0d8 ... 560103333/
VirusTotal: C:\Users\PaK\AppData\Roaming\ASSDraw3.cfg => https://www.virustotal.com/file/0c9076c ... 560103335/

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 40017834 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 4098 B
Edge => 0 B
Chrome => 0 B
Firefox => 1095085729 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33618 B
LocalService => 66228 B
NetworkService => 71200 B
PaK => 1829630 B

RecycleBin => 6738149 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:03:13 ====
Jsem Lama ale jsem snaživá : D

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 39634
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosím o kontrolu logu

Příspěvekod jaro3 » 09 čer 2019 21:47

Co problémy? Jaký používáš přehrávač ?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
KamilaS
Level 3.5
Level 3.5
Příspěvky: 694
Registrován: červen 13
Bydliště: Praha
Pohlaví: Žena

Re: prosím o kontrolu logu

Příspěvekod KamilaS » 10 čer 2019 09:30

jak jaký přehrávač?...na hudbu WMPlayer a na internetu přes FF běží přehrávání čehokoli navím na čem...:(
Jsem Lama ale jsem snaživá : D

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 39634
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosím o kontrolu logu

Příspěvekod jaro3 » 10 čer 2019 19:00

možnosti--správa doplňků--zásuvné moduly..správa zásuvných moduilů.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
KamilaS
Level 3.5
Level 3.5
Příspěvky: 694
Registrován: červen 13
Bydliště: Praha
Pohlaví: Žena

Re: prosím o kontrolu logu

Příspěvekod KamilaS » 11 čer 2019 10:07

zásuvné moduly.jpg



a obraz se stále seká ale vlastně i celej FF. otevřu dva panely např. na seznamu slovník a google hl. stránku a musím buď počkat až se dotočí to protáčecí kolečko a z packy se udělá znovu šipka nebo dát ctrl+alt+dlt
Nemáte oprávnění prohlížet přiložené soubory.
Jsem Lama ale jsem snaživá : D

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 39634
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosím o kontrolu logu

Příspěvekod jaro3 » 11 čer 2019 18:40

Kodeky OK.

Máš aktuální FF? Jiný prohlížeč si zkoušela?

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt

Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
KamilaS
Level 3.5
Level 3.5
Příspěvky: 694
Registrován: červen 13
Bydliště: Praha
Pohlaví: Žena

Re: prosím o kontrolu logu

Příspěvekod KamilaS » 12 čer 2019 18:28

OTL logfile created on: 12.6.2019 15:34:12 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\PaK\Desktop\VÍRY
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.19326)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,24 Gb Total Physical Memory | 2,24 Gb Available Physical Memory | 69,01% Memory free
6,48 Gb Paging File | 4,79 Gb Available in Paging File | 73,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,41 Gb Total Space | 821,97 Gb Free Space | 88,25% Space Free | Partition Type: NTFS

Computer Name: PAK-PC | User Name: PaK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\PaK\Desktop\VÍRY\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\Antivirus\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd)
PRC - C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Node.js)
PRC - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe (Splashtop Inc.)
PRC - C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files\GIGABYTE\SMART6\Recovery\RPMDaemon.exe (Gigabyte Technology CO.)
PRC - C:\Program Files\GIGABYTE\SMART6\timelock\AlarmClock.exe (Gigabyte Technology CO., LTD.)
PRC - C:\Program Files\GIGABYTE\SMART6\timelock\TimeMgmtDaemon.exe (Gigabyte Technology CO., LTD.)


========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\62a6b39f4f68c25dfd2f6308d7541401\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\7a1dfc357f4135dbddcf38fd9279b2a7\System.ServiceModel.Internals.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\a7a48457faaea5fc8a1e59b4921ac4a3\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\61dfb69c9ad6ed96809170d54d80b8a6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7c8f75f367134a030cba4a127dc62a2f\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\baa30f3e0869fa3e8885df044c880bbc\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\c37de755ec3ee73d604bc11f85599177\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\e071297bb06faa961bef045ae5f25fdc\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\97e047cf68e9a7d90e196d072cd49cac\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\bbbbd997a1621cf1e739f922fe653459\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ae6921cb4abb593427cd4cbfbd11cd89\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\0c56ff8fdb2ca57486836ef213aa161a\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a52fb7e3df5cc9703d7ccae1d61b009e\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cee7cfc1c581ac40e8cb1c80dbbef174\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7866b39d22f0e94908e17527b5e2d57f\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d32aaf7c100362b596b6032f55059f08\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\2506876a3527770a164db3114e301240\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\6a547b2949b3b44b4ff802d5cb86452d\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\b74de5f0460787dcf70ad3ceb139dd4b\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ba864b5ca9ee6bce48b4d658a81fdc06\mscorlib.ni.dll ()
MOD - C:\Program Files\CCleaner\Lang\lang-1029.dll ()
MOD - \\?\C:\Program Files\NVIDIA Corporation\NvNode\Downloader.node ()
MOD - \\?\C:\Program Files\NVIDIA Corporation\NvNode\NvSDKAPINode.node ()
MOD - \\?\C:\Program Files\NVIDIA Corporation\NvNode\NvCameraAPINode.node ()
MOD - C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll ()
MOD - \\?\C:\Program Files\NVIDIA Corporation\NvNode\NvShadowPlayAPINode.node ()
MOD - \\?\C:\Program Files\NVIDIA Corporation\NvNode\NvGalleryAPINode.node ()
MOD - \\?\C:\Program Files\NVIDIA Corporation\NvNode\NvBackendAPINode.node ()
MOD - \\?\C:\Program Files\NVIDIA Corporation\NvNode\NvGameStreamAPINode.node ()
MOD - \\?\C:\Program Files\NVIDIA Corporation\NvNode\DriverInstall.node ()
MOD - \\?\C:\Program Files\NVIDIA Corporation\NvNode\NvUtil.node ()
MOD - \\?\C:\Program Files\NVIDIA Corporation\NvNode\NvGameShareAPINode.node ()
MOD - \\?\C:\Program Files\NVIDIA Corporation\NvNode\NVAccountAPINode.node ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()


========== Services (SafeList) ==========

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files\Avira\Antivirus\avwebg7.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirMailService) -- C:\Program Files\Avira\Antivirus\avmailc7.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (Avira.ServiceHost) -- C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG)
SRV - (IEEtwCollectorService) -- C:\Windows\System32\IEEtwCollector.exe (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (DiagTrack) -- C:\Windows\System32\diagtrack.dll (Microsoft Corporation)
SRV - (NvTelemetryContainer) -- C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation)
SRV - (NvContainerNetworkService) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
SRV - (NvContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
SRV - (NVDisplay.ContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation)
SRV - (WiaRpc) -- C:\Windows\System32\wiarpc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WCUService_STC_FF) -- C:\Program Files\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe (Splashtop Inc.)
SRV - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (AppleChargerSrv) -- C:\Windows\System32\AppleChargerSrv.exe ()
SRV - (Smart TimeLock) -- C:\Program Files\GIGABYTE\SMART6\timelock\TimeMgmtDaemon.exe (Gigabyte Technology CO., LTD.)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (MBAMProtection) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes)
DRV - (MBAMFarflt) -- C:\Windows\System32\drivers\farflt.sys (Malwarebytes)
DRV - (MBAMWebProtection) -- C:\Windows\System32\drivers\mwac.sys (Malwarebytes)
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes)
DRV - (MBAMChameleon) -- C:\Windows\System32\drivers\MbamChameleon.sys (Malwarebytes)
DRV - (amsdk) -- C:\Windows\System32\drivers\amsdk.sys (Copyright 2018.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (avnetflt) -- C:\Windows\System32\drivers\avnetflt.sys (Avira Operations GmbH & Co. KG)
DRV - (avdevprot) -- C:\Windows\System32\drivers\avdevprot.sys (Avira Operations GmbH & Co. KG)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (avusbflt) -- C:\Windows\System32\drivers\avusbflt.sys (Avira Operations GmbH & Co. KG)
DRV - (ESProtectionDriver) -- C:\Windows\System32\drivers\mbae.sys (Malwarebytes)
DRV - (GVTDrv) -- C:\Windows\System32\drivers\GVTDrv.sys ()
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (nvvad_WaveExtensible) -- C:\Windows\System32\drivers\nvvad32v.sys (NVIDIA Corporation)
DRV - (nvvhci) -- C:\Windows\System32\drivers\nvvhci.sys (NVIDIA Corporation)
DRV - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (AppleCharger) -- C:\Windows\System32\drivers\AppleCharger.sys ()
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (MEI) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F8 E8 15 45 12 7C D4 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 91 7A C8 39 73 82 D4 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.hiddenOneOffs: "DuckDuckGo"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.startup.homepage: "https://pc-help.cnews.cz/viewtopic.php?f=70&t=207836&p=1616226#p1616226"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_192.dll ()
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 67.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 67.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 67.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 67.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2018.11.14 14:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PaK\AppData\Roaming\Mozilla\Extensions
[2018.11.14 14:21:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PaK\AppData\Roaming\Mozilla\SystemExtensionsDev
[2019.06.06 11:21:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PaK\AppData\Roaming\Mozilla\Firefox\Profiles\gwv8564l.default\browser-extension-data
[2019.06.06 11:21:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PaK\AppData\Roaming\Mozilla\Firefox\Profiles\gwv8564l.default\browser-extension-data\enhancerforyoutube@maximerf.addons.mozilla.org
[2019.05.16 09:23:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PaK\AppData\Roaming\Mozilla\Firefox\Profiles\gwv8564l.default\browser-extension-data\hotfix-update-xpi-intermediate@mozilla.com
[2019.06.06 11:21:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PaK\AppData\Roaming\Mozilla\Firefox\Profiles\gwv8564l.default\extensions
[2019.06.06 11:21:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PaK\AppData\Roaming\Mozilla\Firefox\Profiles\gwv8564l.default\extensions\trash
[2019.05.23 10:56:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PaK\AppData\Roaming\Mozilla\Firefox\Profiles\gwv8564l.default\storage\default\moz-extension+++ba2bd42d-2a6c-43ac-9f2a-dcf973a42274^userContextId=4294967295
[2019.06.11 20:31:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PaK\AppData\Roaming\Mozilla\Firefox\Profiles\gwv8564l.default\storage\default\moz-extension+++ba2bd42d-2a6c-43ac-9f2a-dcf973a42274^userContextId=4294967295\idb
[2019.05.22 21:23:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PaK\AppData\Roaming\Mozilla\Firefox\Profiles\gwv8564l.default\storage\default\moz-extension+++c8b87c33-11b5-4864-8e8f-3cd0bdbb15e4^userContextId=4294967295
[2019.06.12 15:31:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PaK\AppData\Roaming\Mozilla\Firefox\Profiles\gwv8564l.default\storage\default\moz-extension+++c8b87c33-11b5-4864-8e8f-3cd0bdbb15e4^userContextId=4294967295\idb
[2019.06.06 11:20:21 | 000,017,661 | ---- | M] () (No name found) -- C:\Users\PaK\AppData\Roaming\Mozilla\Firefox\Profiles\gwv8564l.default\extensions\@youtubemp3free.xpi
[2019.05.27 20:05:47 | 001,011,544 | ---- | M] () (No name found) -- C:\Users\PaK\AppData\Roaming\Mozilla\Firefox\Profiles\gwv8564l.default\extensions\trash\enhancerforyoutube@maximerf.addons.mozilla.org.xpi

O1 HOSTS File: ([2019.06.06 22:24:01 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (Smart Recovery 2) - {a011d643-4a67-4934-a775-46139847d7f2} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Avira SystrayStartTrigger] C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [STCAgent] C:\Program Files\Splashtop\Splashtop Connect IE\STCAgent.exe (Splashtop Inc.)
O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.)
O4 - HKCU..\Run: [CCleaner Smart Cleaning] C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd)
O4 - HKLM..\RunOnce: [RPMKickstart] C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe (Gigabyte Technology CO., LTD.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4646D015-37E7-450E-94B7-370C1808AD96}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2019.06.12 12:29:14 | 000,064,088 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\mbam.sys
[2019.06.12 12:29:10 | 000,107,168 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\farflt.sys
[2019.06.12 12:29:10 | 000,087,280 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\mwac.sys
[2019.06.12 12:29:02 | 000,241,760 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2019.06.09 20:04:39 | 000,173,512 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\MbamChameleon.sys
[2019.06.09 16:17:33 | 000,000,000 | ---D | C] -- C:\Users\PaK\Desktop\KAMČA ŽIVOTOPISOVÝ VĚCI
[2019.06.09 13:01:52 | 000,000,000 | ---D | C] -- C:\FRST
[2019.06.08 20:48:09 | 000,000,000 | ---D | C] -- C:\Users\PaK\AppData\Local\Adobe
[2019.06.08 20:47:20 | 000,000,000 | ---D | C] -- C:\Users\PaK\AppData\Local\CrashRpt
[2019.06.07 20:04:38 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2019.06.06 22:25:12 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2019.06.06 22:24:00 | 000,000,000 | ---D | C] -- C:\Users\PaK\AppData\Local\temp
[2019.06.06 22:16:23 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2019.06.06 11:19:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2019.06.06 11:09:01 | 000,000,000 | ---D | C] -- C:\Users\PaK\AppData\Local\CrashDumps
[2019.06.05 23:41:33 | 000,000,000 | ---D | C] -- C:\Users\PaK\AppData\Local\Zemana
[2019.06.05 23:41:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
[2019.06.05 23:41:29 | 000,208,824 | ---- | C] (Copyright 2018.) -- C:\Windows\System32\drivers\amsdk.sys
[2019.06.05 23:41:29 | 000,000,000 | ---D | C] -- C:\Program Files\Zemana
[2019.06.05 23:41:15 | 000,000,000 | ---D | C] -- C:\Users\PaK\AppData\Local\AMSDK
[2019.06.05 23:38:11 | 012,471,128 | ---- | C] (Zemana Ltd. ) -- C:\Users\PaK\Desktop\AntiMalware_Setup.exe
[2019.06.04 19:42:30 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2019.06.02 22:09:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2019.06.02 22:08:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2019.06.02 13:34:50 | 000,000,000 | ---D | C] -- C:\Users\PaK\AppData\Local\mbam
[2019.06.02 13:34:32 | 000,000,000 | ---D | C] -- C:\Users\PaK\AppData\Local\mbamtray
[2019.06.02 13:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2019.06.02 13:34:15 | 000,128,552 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\mbae.sys
[2019.06.02 13:34:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2019.06.02 13:34:09 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2019.06.02 13:27:32 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2019.05.31 23:29:32 | 000,000,000 | ---D | C] -- C:\Users\PaK\Desktop\VÍRY
[2019.05.27 14:43:53 | 000,000,000 | ---D | C] -- C:\80f4e2a897cf94eaba
[2019.05.27 14:31:40 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2019.05.24 16:55:14 | 000,842,296 | ---- | C] (Adobe) -- C:\Windows\System32\FlashPlayerApp.exe
[2019.05.24 16:55:14 | 000,175,160 | ---- | C] (Adobe) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2019.05.24 16:55:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2019.05.21 11:44:24 | 000,000,000 | ---D | C] -- C:\2e356d1e48c4c494a3272d4ef0cac4
[2019.05.21 11:01:38 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sipnotify.exe

========== Files - Modified Within 30 Days ==========

[2019.06.12 15:36:04 | 000,058,978 | ---- | M] () -- C:\Windows\ZAM.krnl.trace
[2019.06.12 12:46:00 | 000,021,968 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2019.06.12 12:46:00 | 000,021,968 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2019.06.12 12:35:45 | 002,428,242 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2019.06.12 12:35:45 | 001,280,248 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2019.06.12 12:35:45 | 000,740,890 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2019.06.12 12:35:45 | 000,702,244 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2019.06.12 12:29:18 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\Windows\gdrv.sys
[2019.06.12 12:29:14 | 000,064,088 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\mbam.sys
[2019.06.12 12:29:10 | 000,107,168 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\farflt.sys
[2019.06.12 12:29:10 | 000,087,280 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\mwac.sys
[2019.06.12 12:29:02 | 000,241,760 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2019.06.12 12:28:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2019.06.12 12:28:32 | 2610,499,584 | -HS- | M] () -- C:\hiberfil.sys
[2019.06.11 10:05:50 | 000,051,350 | ---- | M] () -- C:\Users\PaK\Desktop\zásuvné moduly.jpg
[2019.06.09 20:04:39 | 000,173,512 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\MbamChameleon.sys
[2019.06.06 22:24:01 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2019.06.06 11:21:24 | 002,910,386 | ---- | M] () -- C:\Users\PaK\Desktop\johannes-brahms-lullaby-youtubemp3free.org.mp3
[2019.06.05 23:41:31 | 000,002,000 | ---- | M] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
[2019.06.05 23:41:29 | 000,208,824 | ---- | M] (Copyright 2018.) -- C:\Windows\System32\drivers\amsdk.sys
[2019.06.05 23:38:22 | 012,471,128 | ---- | M] (Zemana Ltd. ) -- C:\Users\PaK\Desktop\AntiMalware_Setup.exe
[2019.06.04 22:42:51 | 000,000,416 | ---- | M] () -- C:\Users\PaK\Desktop\Dokument.rtf
[2019.06.02 22:08:21 | 000,002,699 | ---- | M] () -- C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
[2019.06.02 13:34:17 | 000,002,024 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2019.06.01 09:48:59 | 000,001,150 | ---- | M] () -- C:\Users\Public\Desktop\Avira.lnk
[2019.05.24 16:55:14 | 000,842,296 | ---- | M] (Adobe) -- C:\Windows\System32\FlashPlayerApp.exe
[2019.05.24 16:55:14 | 000,175,160 | ---- | M] (Adobe) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2019.06.11 10:04:29 | 000,051,350 | ---- | C] () -- C:\Users\PaK\Desktop\zásuvné moduly.jpg
[2019.06.06 11:21:24 | 002,910,386 | ---- | C] () -- C:\Users\PaK\Desktop\johannes-brahms-lullaby-youtubemp3free.org.mp3
[2019.06.05 23:41:34 | 000,058,978 | ---- | C] () -- C:\Windows\ZAM.krnl.trace
[2019.06.05 23:41:31 | 000,002,000 | ---- | C] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
[2019.06.04 22:42:51 | 000,000,416 | ---- | C] () -- C:\Users\PaK\Desktop\Dokument.rtf
[2019.06.02 22:08:21 | 000,002,699 | ---- | C] () -- C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
[2019.06.02 13:34:17 | 000,002,024 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2019.06.01 09:48:59 | 000,001,150 | ---- | C] () -- C:\Users\Public\Desktop\Avira.lnk
[2019.02.26 16:57:46 | 000,002,292 | ---- | C] () -- C:\Users\PaK\AppData\Roaming\ASSDraw3.cfg
[2019.01.18 21:20:32 | 000,000,236 | ---- | C] () -- C:\Windows\Rollemup.ini
[2018.11.17 18:01:02 | 000,798,520 | ---- | C] () -- C:\Windows\System32\vulkan-1.dll
[2018.11.17 18:01:02 | 000,490,808 | ---- | C] () -- C:\Windows\System32\vulkaninfo.exe
[2018.11.17 18:00:53 | 008,114,212 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2018.11.14 16:35:41 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2018.11.14 14:04:59 | 000,001,110 | ---- | C] () -- C:\Users\PaK\Aktivovat Splashtop Connect.lnk
[2018.11.14 14:01:50 | 000,024,944 | ---- | C] () -- C:\Windows\System32\drivers\GVTDrv.sys
[2018.11.14 13:13:08 | 000,000,784 | ---- | C] () -- C:\Program Files\smart6.lnk
[2018.11.14 13:11:51 | 000,001,970 | ---- | C] () -- C:\Program Files\ET6.lnk
[2018.11.14 13:08:49 | 000,031,272 | ---- | C] () -- C:\Windows\System32\AppleChargerSrv.exe
[2018.11.14 13:08:49 | 000,018,544 | ---- | C] () -- C:\Windows\System32\drivers\AppleCharger.sys
[2018.11.14 13:08:45 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2018.11.14 13:06:59 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2018.11.14 13:04:35 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2017.12.09 00:25:12 | 000,798,520 | ---- | C] () -- C:\Windows\System32\vulkan-1-1-0-65-1.dll
[2017.12.09 00:25:00 | 000,490,808 | ---- | C] () -- C:\Windows\System32\vulkaninfo-1-1-0-65-1.exe

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2019.02.12 17:58:34 | 012,880,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2019.03.30 20:56:45 | 000,000,000 | ---D | M] -- C:\Users\PaK\AppData\Roaming\Aegisub
[2019.02.26 16:56:21 | 000,000,000 | ---D | M] -- C:\Users\PaK\AppData\Roaming\fontconfig
[2018.11.20 20:26:55 | 000,000,000 | ---D | M] -- C:\Users\PaK\AppData\Roaming\OpenOffice
[2018.11.14 13:05:13 | 000,000,000 | ---D | M] -- C:\Users\PaK\AppData\Roaming\Splashtop
[2019.06.03 11:35:50 | 000,000,000 | ---D | M] -- C:\Users\PaK\AppData\Roaming\Spotify
[2019.02.22 22:18:15 | 000,000,000 | ---D | M] -- C:\Users\PaK\AppData\Roaming\VSO

========== Purity Check ==========



< End of report >
Jsem Lama ale jsem snaživá : D

Uživatelský avatar
KamilaS
Level 3.5
Level 3.5
Příspěvky: 694
Registrován: červen 13
Bydliště: Praha
Pohlaví: Žena

Re: prosím o kontrolu logu

Příspěvekod KamilaS » 12 čer 2019 18:29

OTL Extras logfile created on: 12.6.2019 15:34:12 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\PaK\Desktop\VÍRY
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.19326)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,24 Gb Total Physical Memory | 2,24 Gb Available Physical Memory | 69,01% Memory free
6,48 Gb Paging File | 4,79 Gb Available in Paging File | 73,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,41 Gb Total Space | 821,97 Gb Free Space | 88,25% Space Free | Partition Type: NTFS

Computer Name: PAK-PC | User Name: PaK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML-308046B0AF4A39CB] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with FastStone] -- "C:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" (FastStone Soft)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [PlayWithVMP1] -- "C:\Program Files\VSO\VSO Media Player\1\VMP.exe" "%1" (VSO Software SARL)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F41867B-2986-4AC3-9A71-4AACC09268D8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0F89284A-4E08-45F5-B07A-CC13350A70ED}" = lport=139 | protocol=6 | dir=in | app=system |
"{10E993AE-A625-49D2-B021-5C9858B76CA1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{16437043-99C9-4AE4-9E58-2FEBCBFBDCBE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{275D4D4D-5290-4D5C-B7F6-9F638DAC7BAE}" = lport=445 | protocol=6 | dir=in | app=system |
"{2B4D2EDF-B47E-426C-93A3-74236EBC5F90}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{308CAAC9-5C1D-4138-AECF-2E111C6B5C3B}" = rport=139 | protocol=6 | dir=out | app=system |
"{310303F6-D54E-405E-8CBC-F27F03F087F6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{388DC5BF-3996-4013-9ECD-2493AA49F7AA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4654F474-B8DE-4129-9F8D-754AE51C06E7}" = lport=48010 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{473608D8-E8D8-45C5-93D6-3BE172D1468D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{54D5222C-8A60-41CC-B1C5-C34D4853B7FE}" = rport=137 | protocol=17 | dir=out | app=system |
"{603F0336-9B40-41AA-B04F-36733DFB9272}" = lport=47995 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{613FBAC3-DF83-48E5-B442-3ACA369AA17A}" = rport=138 | protocol=17 | dir=out | app=system |
"{6C92522A-6825-493A-9F42-804FE785273D}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{6F3C5CF9-5D42-49EF-88BC-ED7D74430B80}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{7FFDF8E1-A8FB-4C69-BDD7-B7417D0365D1}" = lport=137 | protocol=17 | dir=in | app=system |
"{93F7C46B-85F3-49BB-94A6-A9154A6AF5D2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{95FD47F2-FCC3-49A3-9E00-6B3D929F9F21}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{975C5002-7AD9-45BB-BFB6-7C6CF861E385}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{981F92C0-6709-4E66-B6A4-A6DA7108C78A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B3FE73C3-C7B5-4F88-9E25-284DC0EDFCAC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B73056E2-DDA6-4F27-BD85-B03D2CEA23DA}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{BC13FF57-7101-44C3-823B-4FD782A85739}" = rport=445 | protocol=6 | dir=out | app=system |
"{BF7C6750-5062-4615-9D2B-64B299205584}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CD107A09-6312-4348-9761-CAE94D2F9B6D}" = lport=138 | protocol=17 | dir=in | app=system |
"{E06064A1-EABE-4917-AC05-95684D92D9AF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E47F4B45-4A80-40F7-BF1D-85094F2612BA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10D63331-4011-4E01-A36B-B5B5D86B9E6B}" = protocol=6 | dir=out | app=system |
"{15A19FD8-00B5-41A4-AD17-BFC3B17F8CFC}" = protocol=6 | dir=in | app=c:\program files\ccleaner\ccupdate.exe |
"{188D0934-C4D1-4E83-8FA4-C62FC4EE8F0E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1B20444C-9E6B-4125-AA60-6069D3D8A4D4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1FF4C7D2-F3BF-4B83-85D8-92C143467C13}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{249EC046-C790-4AA0-ACC4-621F106AAF74}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2FFB8E6D-80DF-4C9A-9853-E55766F888D7}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{3BE52E95-B99E-49DA-9043-47CFA4A480B4}" = protocol=17 | dir=in | app=c:\program files\ccleaner\ccupdate.exe |
"{5231F9D3-7F05-4476-8F3E-6498191F1D9B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{52D3E268-1795-44FC-B7EE-08AB788C126D}" = protocol=17 | dir=in | app=c:\program files\microsoft\skype for desktop\skype.exe |
"{5B2CB128-9F01-42DA-89C4-FC39AEB1D456}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{69244321-E1FF-4C0C-BC8D-4F43D38E6316}" = dir=in | app=c:\program files\formatfactory\formatfactory.exe |
"{7AF595C0-267E-4066-94BF-D1F55300273D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{82A3619B-290E-46AF-8636-82E7DF68D209}" = dir=in | app=c:\program files\formatfactory\formatfactory.exe |
"{936622B4-58C4-4400-8453-3C7B37A0ED90}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9ACD6861-41C1-4ED7-B3AE-1318C916E316}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A130A9CE-DDA1-4586-AE83-3D9CAA24A8B1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A2D107F4-8FD8-4FF1-B12A-CC7BABE5FCB9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B0E80F14-E159-49EA-BB93-B58EAFED2440}" = dir=in | app=c:\program files\formatfactory\ffmodules\encoder\doc\ebookcodec.exe |
"{BF563E69-7E2D-4032-9F6A-AC88016628A7}" = protocol=6 | dir=in | app=c:\program files\microsoft\skype for desktop\skype.exe |
"{CA1494AB-3FA1-46FE-B00B-D839A5D8E7E5}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{D0AFCF9E-2718-455F-BA29-580577FE3762}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D2E16D62-9F1C-4F3A-AF97-38D6160FE340}" = dir=in | app=c:\program files\formatfactory\ffmodules\encoder\doc\ebookcodec.exe |
"{DD1C76F1-68A4-437C-8420-310BBDE724E7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E4721277-9D88-47D5-BC82-3A417516C749}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E8836E9A-3F4C-4D68-A61D-D08F940EE737}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F6BDBA29-EB35-401D-B05D-E61945E1B93A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{9A428622-27B8-4F52-B852-79797BD5F997}C:\users\pak\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\pak\appdata\roaming\spotify\spotify.exe |
"TCP Query User{CA8D5882-9460-49E7-BCDB-68FDD3C24BAA}C:\users\pak\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\pak\appdata\roaming\spotify\spotify.exe |
"TCP Query User{DF81666F-DE00-478B-B972-DEB9A75ADE73}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{7C064A8F-1465-4629-9F38-D1F0BBF5EFAD}C:\users\pak\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\pak\appdata\roaming\spotify\spotify.exe |
"UDP Query User{961C8A60-5CD3-4113-96C4-CA5E1FFC21EF}C:\users\pak\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\pak\appdata\roaming\spotify\spotify.exe |
"UDP Query User{9B67E84E-5B67-4E8A-877D-124E99891F6D}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07641669-3466-4C2E-BA95-256AEA825533}" = Avira
"{10C4E843-C226-3FDF-9DD6-F4E3275E734D}" = Microsoft .NET Framework 4.7.2
"{1845470B-EB14-4ABC-835B-E36C693DC07D}" = Skype™ 7.41
"{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1" = Aegisub 3.2.2
"{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes verze 3.7.1.2839
"{3B35725F-C623-4A1E-B5CC-99C0868679E3}" = Smart 6 B10.1221.1
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{418D77E2-7B60-48F8-B016-30A32699EE74}" = Splashtop Connect IE
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0309.1
"{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1" = Zemana AntiMalware verze 3.1.210
"{59F1E8E6-60EC-4CC1-8C72-E0F38E585215}_is1" = VSO Media Player 1.6.19.528
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6811A286-E9F4-4035-9738-7721C087E500}_is1" = Icecream PDF Converter verze 2.86
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7FED75A1-600C-394B-8376-712E2A8861F2}" = Microsoft Visual C++ 2017 x86 Additional Runtime - 14.12.25810
"{8122DAB1-ED4D-3676-BB0A-CA368196543E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664
"{828952EB-5572-3666-8CA9-000B6CE79350}" = Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.12.25810
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DADDDBF-EB36-4D00-9291-8C281F1755A6}" = OpenOffice 4.1.6
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.7.2
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1" = Revo Uninstaller 2.0.6
"{AC76BA86-0804-1033-1959-001824311644}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Czech
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel" = NVIDIA Ansel
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 391.35
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 391.35
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 391.35
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 3.13.1.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 390.41
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.17.0524
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 31.1.10.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer" = DisplayDriverAnalyzer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = NVIDIA SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.36.6
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend" = NVIDIA Backend
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer" = NVIDIA Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHelper" = NVIDIA TelemetryApi helper for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem" = NVIDIA LocalSystem Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus" = NVIDIA Message Bus for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService" = NVIDIA NetworkService Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session" = NVIDIA Session Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User" = NVIDIA User Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer" = NVIDIA Display Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS" = NVIDIA Display Container LS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog" = NVIDIA Display Watchdog Plugin
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer" = NVIDIA Display Session Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs" = NVIDIA NodeJS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog" = NVIDIA Watchdog Plugin for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry" = NVIDIA Telemetry Client
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer" = NVIDIA Telemetry Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci" = NVIDIA Virtual Host Controller
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC" = Nvidia Share
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 3.13.1.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = NVIDIA SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 4.04.0
"{b7f9e12f-ca78-4964-9ffc-54acebd17675}" = Avira
"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{D2BF4F2C-BDF3-41C3-8D38-185F6342EC47}" = Splashtop Connect for Firefox
"{D401961D-3A20-3AC7-943B-6139D5BD490A}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219.473
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"Adobe Flash Player NPAPI" = Adobe Flash Player 32 NPAPI
"Avira Antivirus" = Avira Antivirus
"CCleaner" = CCleaner
"FastStone Image Viewer" = FastStone Image Viewer 6.7
"FormatFactory" = FormatFactory 4.5.5.0
"Free One Click ZIP & RAR Wizard2.0" = Free One Click ZIP & RAR Wizard
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0309.1
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"Mozilla Firefox 67.0.1 (x86 cs)" = Mozilla Firefox 67.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Skype_is1" = Skype verze 8.34
"VLC media player" = VLC media player
"VulkanRT1.0.65.1" = Vulkan Run Time Libraries 1.0.65.1

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11.6.2019 13:40:40 | Computer Name = PaK-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 11.6.2019 13:40:40 | Computer Name = PaK-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 11.6.2019 13:40:40 | Computer Name = PaK-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error - 11.6.2019 13:50:10 | Computer Name = PaK-PC | Source = WinMgmt | ID = 10
Description =

Error - 11.6.2019 13:56:51 | Computer Name = PaK-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 11.6.2019 13:56:51 | Computer Name = PaK-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 11.6.2019 13:56:51 | Computer Name = PaK-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error - 12.6.2019 6:29:06 | Computer Name = PaK-PC | Source = WinMgmt | ID = 10
Description =

Error - 12.6.2019 6:35:42 | Computer Name = PaK-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 12.6.2019 6:35:42 | Computer Name = PaK-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 12.6.2019 6:35:42 | Computer Name = PaK-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.

[ System Events ]
Error - 6.6.2019 5:10:37 | Computer Name = PaK-PC | Source = Schannel | ID = 36887
Description = Byla přijata následující výstraha o závažné chybě: 70.

Error - 6.6.2019 5:10:37 | Computer Name = PaK-PC | Source = Schannel | ID = 36887
Description = Byla přijata následující výstraha o závažné chybě: 80.

Error - 6.6.2019 5:14:38 | Computer Name = PaK-PC | Source = Schannel | ID = 36887
Description = Byla přijata následující výstraha o závažné chybě: 70.

Error - 6.6.2019 5:14:38 | Computer Name = PaK-PC | Source = Schannel | ID = 36887
Description = Byla přijata následující výstraha o závažné chybě: 80.

Error - 6.6.2019 5:22:38 | Computer Name = PaK-PC | Source = Schannel | ID = 36887
Description = Byla přijata následující výstraha o závažné chybě: 70.

Error - 6.6.2019 5:22:38 | Computer Name = PaK-PC | Source = Schannel | ID = 36887
Description = Byla přijata následující výstraha o závažné chybě: 80.

Error - 6.6.2019 5:38:38 | Computer Name = PaK-PC | Source = Schannel | ID = 36887
Description = Byla přijata následující výstraha o závažné chybě: 70.

Error - 6.6.2019 5:38:38 | Computer Name = PaK-PC | Source = Schannel | ID = 36887
Description = Byla přijata následující výstraha o závažné chybě: 80.

Error - 6.6.2019 13:31:48 | Computer Name = PaK-PC | Source = Schannel | ID = 36887
Description = Byla přijata následující výstraha o závažné chybě: 70.

Error - 6.6.2019 13:31:48 | Computer Name = PaK-PC | Source = Schannel | ID = 36887
Description = Byla přijata následující výstraha o závažné chybě: 80.


< End of report >
Jsem Lama ale jsem snaživá : D


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 14 hostů