Prosím o kontrolu logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

vašekp
Level 3
Level 3
Příspěvky: 420
Registrován: listopad 07
Pohlaví: Nespecifikováno

Re: Prosím o kontrolu logu

Příspěvekod vašekp » 09 zář 2019 17:47

2019-08-29 02:59 - 2012-10-26 19:22 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneKey Recovery
2019-08-29 02:59 - 2012-10-26 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2019-08-29 02:59 - 2012-10-26 18:56 - 000000000 ____D C:\WINDOWS\SysWOW64\Atheros_L1e
2019-08-29 02:59 - 2012-10-26 18:44 - 000000000 ____D C:\Program Files\Intel
2019-08-29 02:58 - 2019-03-19 06:52 - 000000000 __RHD C:\Users\Public\Libraries
2019-08-29 02:55 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Registration
2019-08-29 02:54 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\USOPrivate
2019-08-29 02:53 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Windows NT
2019-08-29 02:53 - 2019-03-19 06:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-08-29 02:52 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Windows Defender
2019-08-29 02:35 - 2019-03-19 06:52 - 000000000 __RSD C:\WINDOWS\Media
2019-08-29 02:35 - 2015-07-14 13:05 - 000023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2019-08-29 02:26 - 2018-12-13 17:52 - 000002314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-29 02:26 - 2018-12-13 17:52 - 000002273 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-29 02:19 - 2018-06-10 01:48 - 000000000 ____D C:\Users\Vašek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2019-08-29 02:18 - 2018-06-10 01:48 - 000000000 ____D C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2019-08-29 02:18 - 2018-06-10 01:48 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2019-08-29 02:18 - 2015-07-30 15:02 - 000000000 ____D C:\Users\Michal\AppData\Local\Packages
2019-08-29 02:18 - 2012-08-01 17:52 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2019-08-29 02:17 - 2017-07-29 23:11 - 000000000 ____D C:\Users\Vašek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2019-08-29 02:16 - 2016-09-21 17:49 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2019-08-29 02:16 - 2016-09-21 17:49 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2019-08-29 02:15 - 2018-06-10 01:48 - 000000000 ____D C:\Users\Naďa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2019-08-29 02:15 - 2017-12-24 11:50 - 000000000 ____D C:\Users\Naďa\AppData\Local\Packages
2019-08-29 02:11 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-08-29 02:08 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\System
2019-08-29 02:08 - 2017-09-19 00:56 - 000000000 ____D C:\Program Files (x86)\USB Camera
2019-08-29 02:08 - 2017-09-19 00:52 - 000000000 ____D C:\Program Files\Elantech
2019-08-29 02:07 - 2017-09-19 00:51 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-08-29 01:55 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2019-08-29 01:55 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2019-08-29 01:55 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2019-08-29 01:55 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2019-08-29 01:55 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-08-29 01:55 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-08-29 01:55 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\IME
2019-08-29 01:55 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-08-29 01:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Resources
2019-08-29 01:53 - 2017-09-19 00:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2019-08-29 01:53 - 2016-03-01 22:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2019-08-29 01:53 - 2016-02-19 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2019-08-29 01:47 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-08-29 01:47 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-08-29 01:47 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\TextInput
2019-08-29 01:47 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-08-29 01:47 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2019-08-29 01:47 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-08-29 01:47 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-08-29 01:47 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-08-29 01:47 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-08-29 01:47 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-08-29 01:47 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-08-29 01:23 - 2019-03-19 13:58 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-08-29 01:23 - 2019-03-19 13:58 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-08-29 01:23 - 2019-03-19 13:55 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2019-08-29 01:23 - 2019-03-19 13:55 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2019-08-29 01:23 - 2019-03-19 13:55 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2019-08-29 01:23 - 2019-03-19 13:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2019-08-29 01:23 - 2019-03-19 13:55 - 000000000 ____D C:\WINDOWS\system32\winrm
2019-08-29 01:23 - 2019-03-19 13:55 - 000000000 ____D C:\WINDOWS\system32\WCN
2019-08-29 01:23 - 2019-03-19 13:55 - 000000000 ____D C:\WINDOWS\system32\slmgr
2019-08-29 01:23 - 2019-03-19 13:55 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2019-08-29 01:23 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-08-29 01:23 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2019-08-29 01:23 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-08-29 01:23 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-08-29 01:23 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-08-29 01:23 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-08-29 01:23 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing
2019-08-29 01:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2019-08-29 01:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-08-29 01:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\MUI
2019-08-29 01:14 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-08-25 22:13 - 2017-04-28 21:23 - 000000000 ____D C:\Users\Vašek\Desktop\Fantasytipsport
2019-08-25 21:00 - 2018-08-06 22:47 - 000000000 ____D C:\Users\Vašek\Desktop\rabac18
2019-08-20 21:12 - 2015-07-07 16:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-08-20 20:49 - 2015-07-07 16:58 - 134272480 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ================

2018-12-24 11:03 - 2019-01-31 20:02 - 000000108 _____ () C:\Users\Vašek\AppData\Roaming\main.ini
2019-05-16 22:31 - 2019-05-16 22:32 - 000005120 _____ () C:\Users\Vašek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================



Reklama
vašekp
Level 3
Level 3
Příspěvky: 420
Registrován: listopad 07
Pohlaví: Nespecifikováno

Re: Prosím o kontrolu logu

Příspěvekod vašekp » 09 zář 2019 17:48

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-09-2019
Ran by Vašek (09-09-2019 16:56:43)
Running from C:\Users\Vašek\Desktop
Windows 10 Home Version 1903 18362.295 (X64) (2019-08-29 00:54:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-961389813-253083461-155772885-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-961389813-253083461-155772885-503 - Limited - Disabled)
Guest (S-1-5-21-961389813-253083461-155772885-501 - Limited - Disabled)
Michal (S-1-5-21-961389813-253083461-155772885-1007 - Administrator - Enabled) => C:\Users\Michal
Naďa (S-1-5-21-961389813-253083461-155772885-1006 - Administrator - Enabled) => C:\Users\Naďa
Vašek (S-1-5-21-961389813-253083461-155772885-1003 - Administrator - Enabled) => C:\Users\Vašek
WDAGUtilityAccount (S-1-5-21-961389813-253083461-155772885-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.191 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.238 - Adobe)
Aplikace Intel(R) Wireless Bluetooth(R)(patch version 17.1.1519.1030) (HKLM\...\{302600C1-6BDF-4FD1-1504-148929CC1385}) (Version: 17.1.1504.0518 - Intel Corporation)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.7.2388 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.224.0 - Conexant Systems)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
GSA Captcha Breaker v4.23 (HKLM-x32\...\GSA Captcha Breaker_is1) (Version: 4.23 - GSA Software)
HP Support Solutions Framework (HKLM-x32\...\{3D6FF65E-EE93-4D90-B5D7-0DC856E2AFEB}) (Version: 12.10.49.21 - HP)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IObit Malware Fighter 6 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 6.0 - IObit)
IObit Uninstaller 8 (HKLM-x32\...\IObitUninstall) (Version: 8.2.0.14 - IObit)
IOTransfer 3 (HKLM-x32\...\IOTransfer_is1) (Version: 3.2.1.1214 - IOTransfer)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.1901 - Broadcom Corporation)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0710 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0710 - CyberLink Corp.)
Lenovo Phone Manager (HKLM-x32\...\{04E5B03F-A6BF-4561-9777-991D9509BC84}) (Version: 1.4.1.14188 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-961389813-253083461-155772885-1003\...\cbe8636f7dd0cf1d) (Version: 1.4.0.0 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\cbe8636f7dd0cf1d) (Version: 1.4.0.0 - Lenovo)
Lenovo Solution Center (HKLM\...\{AFDE512F-7BCD-46B6-91C0-230812139EEF}) (Version: 3.4.002.006 - Lenovo)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.5926 - Lenovo)
LibreOffice 5.0.1.2 (HKLM-x32\...\{927AE35D-72BC-437D-BAC7-EE47D03DEE54}) (Version: 5.0.1.2 - The Document Foundation)
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 2010 pro studenty a domácnosti (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-961389813-253083461-155772885-1003\...\OneDriveSetup.exe) (Version: 19.152.0801.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\OneDriveSetup.exe) (Version: 19.152.0801.0007 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{C560D6E7-E40A-435D-8B71-62CBCF1701B2}) (Version: 4.11.9775 - Apache Software Foundation)
Ovládací panel NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.14.0 - Lenovo Group Limited)
Smart Defrag 6 (HKLM-x32\...\Smart Defrag_is1) (Version: 6.0 - IObit)
Smart Game Booster 4.1 (HKLM-x32\...\Smart Game Booster_is1) (Version: 4.1.1.3192 - Smart Game Booster)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
UPC Fiber Power Optimizer (HKLM-x32\...\{631141AD-79AA-447F-B403-21C704D39B8C}) (Version: 2.0.0.2 - UPC Broadband) Hidden
UPC Fiber Power Optimizer (HKLM-x32\...\UPC Fiber Power Optimizer) (Version: - UPC Broadband)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Zemana AntiMalware verze 3.1.395 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.395 - Zemana)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1707.2.30 - ZONER software)

Packages:
=========
AccuWeather - Weather for Life -> C:\Program Files\WindowsApps\AccuWeather.AccuWeatherforWindows8_10.0.348.1000_x64__8zz2pj9h1h1d8 [2018-04-07] (AccuWeather) [MS Ad]
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-05-27] (Autodesk Inc.)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1590.2.0_x86__kgqvnymyfvs32 [2019-09-05] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.146.600.0_x86__kgqvnymyfvs32 [2019-08-29] (king.com)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-14] (Microsoft Corporation)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_6.20.8626.0_x86__q4d96b2w5wcc2 [2019-08-16] (Evernote)
Horizon Go CZ -> C:\Program Files\WindowsApps\LibertyGlobal.HorizonGoCZ_2.12.0.0_x64__gmwgfebrpy77e [2019-08-08] (Liberty Global)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_41.1788.50991.0_x86__8xx8rvfyw5nnt [2018-07-27] (Instagram)
Lenovo Support -> C:\Program Files\WindowsApps\E046963F.LenovoSupport_2.0.5.0_x86__k1h2ywk1493x8 [2016-04-01] (Lenovo, INC.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_4.27.32.0_x86__k1h2ywk1493x8 [2019-03-25] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-08-28] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-08] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-04] (Microsoft Corporation) [MS Ad]
PowerDVD for Lenovo Idea -> C:\Program Files\WindowsApps\CyberLinkCorp.id.PowerDVDforLenovoIdea_1.1.2618.24808_x86__hgg5mn3xps74a [2016-04-01] (CYBERLINK COM CORPORATION)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2017-11-25] (Samsung Electronics Co. Ltd.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0 [2019-08-29] (Spotify AB)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ IMFSafeBox] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-03-20] (IObit Information Technology -> IObit)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-08-27] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-03-20] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-08-12] (Lenovo) [File not signed]
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\MenuExt64.dll [2019-06-27] (Chengdu Zhagu Technology Co., Ltd. -> )
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\MenuExt64.dll [2019-06-27] (Chengdu Zhagu Technology Co., Ltd. -> )
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-03-20] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-08-12] (Lenovo) [File not signed]
ContextMenuHandlers4: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\MenuExt64.dll [2019-06-27] (Chengdu Zhagu Technology Co., Ltd. -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-08-27] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-31] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-03-20] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => C:\Program Files (x86)\PCGameBoost\Smart Game Booster\MenuExt64.dll [2019-06-27] (Chengdu Zhagu Technology Co., Ltd. -> )
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-09-09 15:45 - 2019-09-09 15:45 - 000088064 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_ctypes.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000128512 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_elementtree.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000914432 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_hashlib.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000027648 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_multiprocessing.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000036864 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_psutil_windows.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000046080 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_socket.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 001303552 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_ssl.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000020480 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_yappi.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000012800 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\common.time34.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000007168 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\hashobjs_ext.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000127488 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\pyexpat.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000682496 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\pysqlite2._sqlite.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000364544 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\pythoncom27.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 000110080 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\pywintypes27.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 000010240 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\select.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000017920 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\thumbnails_ext.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000686080 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\unicodedata.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000088064 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\usb_ext.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000098816 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32api.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000320512 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32com.shell.shell.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000011264 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32crypt.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000018432 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32event.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000119808 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32file.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000167936 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32gui.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000038912 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32inet.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000025600 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32pdh.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000024064 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32pipe.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000035840 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32process.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000017408 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32profile.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000108544 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32security.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000022528 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32ts.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000078848 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._animate.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 001067008 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._controls_.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 001176576 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._core_.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000806400 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._gdi_.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000077312 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._html2.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000733184 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._misc_.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000816128 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._windows_.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000123392 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._wizard.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 002459648 ____R (Python Software Foundation) [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\python27.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 000155136 ____R (wxWidgets development team) [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxbase30u_net_vc90.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 002030592 ____R (wxWidgets development team) [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxbase30u_vc90.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 001251328 ____R (wxWidgets development team) [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxmsw30u_adv_vc90.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 004796928 ____R (wxWidgets development team) [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxmsw30u_core_vc90.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 000601088 ____R (wxWidgets development team) [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxmsw30u_html_vc90.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 000110080 ____R (wxWidgets development team) [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxmsw30u_webview_vc90.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [134]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1001movie.com -> 1001movie.com

There are 6091 more sites.

IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\1001movie.com -> 1001movie.com

There are 6091 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-09-07 18:54 - 2019-09-07 18:54 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Lenovo\Bluetooth Software\;C:\Program Files\Lenovo\Bluetooth Software\syswow64;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215728168\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215729700\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-961389813-253083461-155772885-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Vašek\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\DSY05XKX4AAljTe.jpg
HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\Control Panel\Desktop\\Wallpaper -> C:\Users\Vašek\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\DSY05XKX4AAljTe.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "EnergyUtility"
HKLM\...\StartupApproved\Run: => "Energy Management"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run32: => "332BigDog"
HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "Dolby Advanced Audio v2"
HKLM\...\StartupApproved\Run32: => "UpdateP2GShortCut"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "YouCam Mirage"
HKU\S-1-5-21-961389813-253083461-155772885-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-961389813-253083461-155772885-1003\...\StartupApproved\Run: => "SpyEmergency"
HKU\S-1-5-21-961389813-253083461-155772885-1003\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\StartupApproved\Run: => "SpyEmergency"
HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{65C89744-425A-4760-BF48-288609A1C85C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2D0EA622-CCB9-49F3-9CF2-EECA1F97A943}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\AutoUpdate.exe No File
FirewallRules: [{C8D805D7-9EF1-4F4B-AE4A-EC5E35C02F55}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\AutoUpdate.exe No File
FirewallRules: [{40FBFDCE-AD66-4A36-8AF2-BFBE40CBEC12}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DBDownloader.exe No File
FirewallRules: [{348ED8B4-55BC-4DE0-851C-8835D94B36AC}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DBDownloader.exe No File
FirewallRules: [{AC86B456-2C27-470A-8A63-E63E00839398}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DriverBooster.exe No File
FirewallRules: [{14C0C40B-346D-4DBB-A16E-7FA95F841A70}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DriverBooster.exe No File
FirewallRules: [{82CDEFE8-453F-4AD5-B8B9-8CE932968772}] => (Allow) C:\Program Files (x86)\IOTransfer\IOT\AirTrans\AirServ.exe (Node.js Foundation -> Node.js)
FirewallRules: [{4D48F0BF-4B60-4102-8BD2-C33B01079789}] => (Allow) C:\Program Files (x86)\IOTransfer\IOT\AirTrans\AirServ.exe (Node.js Foundation -> Node.js)
FirewallRules: [{CBDC66BB-DC7C-45D0-B899-8AA516F2598F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{919453EC-C678-4443-9DD0-4C63D653AA68}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{3DBA0005-FEED-4250-BBD1-84C224148ACC}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{136AFCF5-1312-45AE-95CF-4BB42DCCB793}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [TCP Query User{07184499-74A8-4422-8BAC-F4F8C312EFB7}C:\program files (x86)\lenovo\shareit\shareit.exe] => (Allow) C:\program files (x86)\lenovo\shareit\shareit.exe (LENOVO -> Lenovo)
FirewallRules: [UDP Query User{D76D9A1C-898B-4838-AB5A-7EBCCD25E469}C:\program files (x86)\lenovo\shareit\shareit.exe] => (Allow) C:\program files (x86)\lenovo\shareit\shareit.exe (LENOVO -> Lenovo)
FirewallRules: [{A483F102-2BA1-49DA-8B2B-875BCA71C6EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{90170EDD-2F91-44FA-9F61-1D02A91C062D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{51AB2A2A-A73A-4307-8EF0-712389A0D324}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8A215EEB-6780-4A13-A20D-A14E15FE0CB8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A62A35B8-5A5D-4FA1-A925-2515A6B58106}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B970B123-07EF-41F7-B834-3C823E851C07}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3E2E685E-8E68-4D83-B7A1-CC1AA4F5D626}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{95C94943-BA7E-4270-A05D-1F5F5371C6C3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/09/2019 04:44:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\MagicPlus\MagicPlus.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.295_none_e6c3acbd13101292.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.295_none_2e70e394278c3b98.manifest.

Error: (09/09/2019 04:15:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\MagicPlus\MagicPlus.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.295_none_e6c3acbd13101292.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.295_none_2e70e394278c3b98.manifest.

Error: (09/09/2019 03:47:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\MagicPlus\MagicPlus.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.295_none_e6c3acbd13101292.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.295_none_2e70e394278c3b98.manifest.

Error: (09/09/2019 03:46:25 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 31704; požadovaná velikost: 33776.

Error: (09/09/2019 03:44:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\MagicPlus\MagicPlus.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.295_none_e6c3acbd13101292.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.295_none_2e70e394278c3b98.manifest.

Error: (09/08/2019 10:23:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x8007001f, Zařízení připojené k systému nefunguje.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (09/08/2019 10:19:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\MagicPlus\MagicPlus.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.295_none_e6c3acbd13101292.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.295_none_2e70e394278c3b98.manifest.

Error: (09/08/2019 10:01:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\MagicPlus\MagicPlus.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.295_none_e6c3acbd13101292.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.18362.295_none_2e70e394278c3b98.manifest.


System errors:
=============
Error: (09/09/2019 03:46:40 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/09/2019 03:43:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_988cc8 byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (09/08/2019 10:01:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (09/08/2019 10:01:15 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
Systém nemůže nalézt uvedený soubor.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (09/08/2019 10:01:15 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.

Error: (09/08/2019 10:00:11 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/08/2019 09:57:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_544c9 byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (09/08/2019 09:56:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SAService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.


CodeIntegrity:
===================================

Date: 2019-09-09 15:57:25.827
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-09-09 15:57:25.809
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-09-09 15:57:25.762
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-09-09 15:57:25.733
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-09-09 15:57:25.419
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-09-08 22:01:17.470
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2019-09-08 22:01:17.443
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2019-09-08 22:01:17.416
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO 5ECN92WW(V8.04) 09/14/2012
Motherboard: LENOVO INVALID
Processor: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz
Percentage of memory in use: 81%
Total physical RAM: 3959.77 MB
Available physical RAM: 732.36 MB
Total Virtual: 6519.77 MB
Available Virtual: 1963.21 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:883.74 GB) (Free:719.69 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.32 GB) NTFS
Drive e: (NOVE) (CDROM) (Total:0.66 GB) (Free:0 GB) CDFS

\\?\Volume{eea9ede4-bb38-4757-aace-ab6d1a82c0b4}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{34065b68-3d55-47ed-ad2e-63b13b01138f}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{162f9b86-cba9-42ed-acde-af43803854d3}\ (PBR_DRV) (Fixed) (Total:20 GB) (Free:10.31 GB) NTFS
\\?\Volume{e268e0b6-c67d-47a5-a4ca-af271300232e}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1F865E10)

Partition: GPT.

==================== End of Addition.txt ============================

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 40000
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 10 zář 2019 19:56

Pokud najdeš vše od SpyEmergency a McAfee , odinstaluj.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {089D990C-42F1-424A-B532-3788FF7470FD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {09DB112F-E1CA-405F-BF58-EB80F9CA2DE6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-20] (Google Inc -> Google Inc.)
Task: {2231CCCB-BEC9-4104-97AA-072D692A106C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {3116E1B2-D257-4BB3-9D82-5BCBA96CB533} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4C3AB498-6A52-45A7-92D4-F8088C665E47} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5765E675-C1D9-4420-A387-18D07D2246B5} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {6D216B22-671D-43CF-A0EE-1820DFB1ABD6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {71A36A5C-8FD6-49E0-BC2A-D0AB9DBFF68E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {7CD873D4-0211-4766-BA69-51C81182D695} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {AA43C5AC-9FA0-4199-B18F-F7858B873711} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D3FD4348-BB36-4AEF-8201-3A60C30B2C3C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {EEDE1FA5-393E-494B-BAB0-6AF924A54B1A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {03D63234-5DED-4CAC-8D12-1A01DE9F8202} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {50583A84-F748-4DA2-89D4-40AF18332228} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {796F72C7-801D-4023-B390-828094F13354} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {D2AF6C43-5D37-402B-88FF-9478A75353BE} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {D66B51DC-F487-4FEB-87FD-26F9FD134313} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {EE11300D-69A8-425F-AA5A-D65663C61726} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {F0F59DBB-18C9-4A3B-A569-CCD6A8CEF9E4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {FB5D1D42-CFC3-4C74-A2A1-FC4D57EB4106} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {03D63234-5DED-4CAC-8D12-1A01DE9F8202} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {50583A84-F748-4DA2-89D4-40AF18332228} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {796F72C7-801D-4023-B390-828094F13354} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {D2AF6C43-5D37-402B-88FF-9478A75353BE} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {D66B51DC-F487-4FEB-87FD-26F9FD134313} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {EE11300D-69A8-425F-AA5A-D65663C61726} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {F0F59DBB-18C9-4A3B-A569-CCD6A8CEF9E4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {FB5D1D42-CFC3-4C74-A2A1-FC4D57EB4106} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-09-09 15:45 - 2019-09-09 15:45 - 000088064 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_ctypes.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000128512 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_elementtree.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000914432 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_hashlib.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000027648 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_multiprocessing.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000036864 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_psutil_windows.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000046080 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_socket.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 001303552 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_ssl.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000020480 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_yappi.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000012800 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\common.time34.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000007168 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\hashobjs_ext.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000127488 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\pyexpat.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000682496 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\pysqlite2._sqlite.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000364544 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\pythoncom27.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 000110080 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\pywintypes27.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 000010240 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\select.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000017920 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\thumbnails_ext.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000686080 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\unicodedata.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000088064 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\usb_ext.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000098816 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32api.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000320512 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32com.shell.shell.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000011264 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32crypt.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000018432 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32event.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000119808 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32file.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000167936 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32gui.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000038912 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32inet.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000025600 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32pdh.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000024064 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32pipe.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000035840 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32process.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000017408 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32profile.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000108544 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32security.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000022528 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32ts.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000078848 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._animate.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 001067008 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._controls_.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 001176576 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._core_.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000806400 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._gdi_.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000077312 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._html2.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000733184 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._misc_.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000816128 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._windows_.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000123392 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._wizard.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 002459648 ____R (Python Software Foundation) [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\python27.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 000155136 ____R (wxWidgets development team) [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxbase30u_net_vc90.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 002030592 ____R (wxWidgets development team) [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxbase30u_vc90.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 001251328 ____R (wxWidgets development team) [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxmsw30u_adv_vc90.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 004796928 ____R (wxWidgets development team) [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxmsw30u_core_vc90.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 000601088 ____R (wxWidgets development team) [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxmsw30u_html_vc90.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 000110080 ____R (wxWidgets development team) [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxmsw30u_webview_vc90.dll
AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [134]
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1001movie.com -> 1001movie.com

There are 6091 more sites.

IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\1001movie.com -> 1001movie.com

There are 6091 more sites.
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
FirewallRules: [{2D0EA622-CCB9-49F3-9CF2-EECA1F97A943}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\AutoUpdate.exe No File
FirewallRules: [{C8D805D7-9EF1-4F4B-AE4A-EC5E35C02F55}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\AutoUpdate.exe No File
FirewallRules: [{40FBFDCE-AD66-4A36-8AF2-BFBE40CBEC12}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DBDownloader.exe No File
FirewallRules: [{348ED8B4-55BC-4DE0-851C-8835D94B36AC}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DBDownloader.exe No File
FirewallRules: [{AC86B456-2C27-470A-8A63-E63E00839398}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DriverBooster.exe No File
FirewallRules: [{14C0C40B-346D-4DBB-A16E-7FA95F841A70}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DriverBooster.exe No File

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

vašekp
Level 3
Level 3
Příspěvky: 420
Registrován: listopad 07
Pohlaví: Nespecifikováno

Re: Prosím o kontrolu logu

Příspěvekod vašekp » 11 zář 2019 22:02

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-09-2019
Ran by Vašek (11-09-2019 21:42:09) Run:1
Running from C:\Users\Vašek\Desktop
Loaded Profiles: Vašek & (Available Profiles: Vašek & Naďa & Michal & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {089D990C-42F1-424A-B532-3788FF7470FD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {09DB112F-E1CA-405F-BF58-EB80F9CA2DE6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-20] (Google Inc -> Google Inc.)
Task: {2231CCCB-BEC9-4104-97AA-072D692A106C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {3116E1B2-D257-4BB3-9D82-5BCBA96CB533} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4C3AB498-6A52-45A7-92D4-F8088C665E47} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5765E675-C1D9-4420-A387-18D07D2246B5} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {6D216B22-671D-43CF-A0EE-1820DFB1ABD6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {71A36A5C-8FD6-49E0-BC2A-D0AB9DBFF68E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {7CD873D4-0211-4766-BA69-51C81182D695} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {AA43C5AC-9FA0-4199-B18F-F7858B873711} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D3FD4348-BB36-4AEF-8201-3A60C30B2C3C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {EEDE1FA5-393E-494B-BAB0-6AF924A54B1A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {03D63234-5DED-4CAC-8D12-1A01DE9F8202} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {50583A84-F748-4DA2-89D4-40AF18332228} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {796F72C7-801D-4023-B390-828094F13354} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {D2AF6C43-5D37-402B-88FF-9478A75353BE} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {D66B51DC-F487-4FEB-87FD-26F9FD134313} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {EE11300D-69A8-425F-AA5A-D65663C61726} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {F0F59DBB-18C9-4A3B-A569-CCD6A8CEF9E4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003 -> {FB5D1D42-CFC3-4C74-A2A1-FC4D57EB4106} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {03D63234-5DED-4CAC-8D12-1A01DE9F8202} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {50583A84-F748-4DA2-89D4-40AF18332228} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {796F72C7-801D-4023-B390-828094F13354} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {D2AF6C43-5D37-402B-88FF-9478A75353BE} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {D66B51DC-F487-4FEB-87FD-26F9FD134313} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {EE11300D-69A8-425F-AA5A-D65663C61726} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {F0F59DBB-18C9-4A3B-A569-CCD6A8CEF9E4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {FB5D1D42-CFC3-4C74-A2A1-FC4D57EB4106} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-09-09 15:45 - 2019-09-09 15:45 - 000088064 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_ctypes.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000128512 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_elementtree.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000914432 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_hashlib.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000027648 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_multiprocessing.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000036864 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_psutil_windows.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000046080 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_socket.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 001303552 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_ssl.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000020480 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_yappi.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000012800 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\common.time34.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000007168 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\hashobjs_ext.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000127488 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\pyexpat.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000682496 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\pysqlite2._sqlite.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000364544 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\pythoncom27.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 000110080 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\pywintypes27.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 000010240 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\select.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000017920 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\thumbnails_ext.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000686080 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\unicodedata.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000088064 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\usb_ext.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000098816 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32api.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000320512 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32com.shell.shell.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000011264 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32crypt.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000018432 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32event.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000119808 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32file.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000167936 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32gui.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000038912 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32inet.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000025600 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32pdh.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000024064 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32pipe.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000035840 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32process.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000017408 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32profile.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000108544 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32security.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000022528 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32ts.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000078848 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._animate.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 001067008 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._controls_.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 001176576 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._core_.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000806400 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._gdi_.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000077312 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._html2.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000733184 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._misc_.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000816128 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._windows_.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 000123392 ____R () [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._wizard.pyd
2019-09-09 15:45 - 2019-09-09 15:45 - 002459648 ____R (Python Software Foundation) [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\python27.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 000155136 ____R (wxWidgets development team) [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxbase30u_net_vc90.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 002030592 ____R (wxWidgets development team) [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxbase30u_vc90.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 001251328 ____R (wxWidgets development team) [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxmsw30u_adv_vc90.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 004796928 ____R (wxWidgets development team) [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxmsw30u_core_vc90.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 000601088 ____R (wxWidgets development team) [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxmsw30u_html_vc90.dll
2019-09-09 15:45 - 2019-09-09 15:45 - 000110080 ____R (wxWidgets development team) [File not signed] C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxmsw30u_webview_vc90.dll
AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [134]
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003\...\1001movie.com -> 1001movie.com

There are 6091 more sites.

IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\1001movie.com -> 1001movie.com

There are 6091 more sites.
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
FirewallRules: [{2D0EA622-CCB9-49F3-9CF2-EECA1F97A943}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\AutoUpdate.exe No File
FirewallRules: [{C8D805D7-9EF1-4F4B-AE4A-EC5E35C02F55}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\AutoUpdate.exe No File
FirewallRules: [{40FBFDCE-AD66-4A36-8AF2-BFBE40CBEC12}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DBDownloader.exe No File
FirewallRules: [{348ED8B4-55BC-4DE0-851C-8835D94B36AC}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DBDownloader.exe No File
FirewallRules: [{AC86B456-2C27-470A-8A63-E63E00839398}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DriverBooster.exe No File
FirewallRules: [{14C0C40B-346D-4DBB-A16E-7FA95F841A70}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DriverBooster.exe No File

EmptyTemp:
End

*****************

Restore point was successfully created.
Processes closed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{089D990C-42F1-424A-B532-3788FF7470FD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{089D990C-42F1-424A-B532-3788FF7470FD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{09DB112F-E1CA-405F-BF58-EB80F9CA2DE6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09DB112F-E1CA-405F-BF58-EB80F9CA2DE6}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2231CCCB-BEC9-4104-97AA-072D692A106C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2231CCCB-BEC9-4104-97AA-072D692A106C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3116E1B2-D257-4BB3-9D82-5BCBA96CB533}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3116E1B2-D257-4BB3-9D82-5BCBA96CB533}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4C3AB498-6A52-45A7-92D4-F8088C665E47}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C3AB498-6A52-45A7-92D4-F8088C665E47}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5765E675-C1D9-4420-A387-18D07D2246B5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5765E675-C1D9-4420-A387-18D07D2246B5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D216B22-671D-43CF-A0EE-1820DFB1ABD6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D216B22-671D-43CF-A0EE-1820DFB1ABD6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71A36A5C-8FD6-49E0-BC2A-D0AB9DBFF68E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71A36A5C-8FD6-49E0-BC2A-D0AB9DBFF68E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CD873D4-0211-4766-BA69-51C81182D695}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CD873D4-0211-4766-BA69-51C81182D695}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA43C5AC-9FA0-4199-B18F-F7858B873711}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA43C5AC-9FA0-4199-B18F-F7858B873711}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D3FD4348-BB36-4AEF-8201-3A60C30B2C3C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3FD4348-BB36-4AEF-8201-3A60C30B2C3C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EEDE1FA5-393E-494B-BAB0-6AF924A54B1A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEDE1FA5-393E-494B-BAB0-6AF924A54B1A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com => Error: No automatic fix found for this entry.
HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully
HKLM\Software\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => not found
HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{03D63234-5DED-4CAC-8D12-1A01DE9F8202} => removed successfully
HKLM\Software\Classes\CLSID\{03D63234-5DED-4CAC-8D12-1A01DE9F8202} => not found
HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{50583A84-F748-4DA2-89D4-40AF18332228} => removed successfully
HKLM\Software\Classes\CLSID\{50583A84-F748-4DA2-89D4-40AF18332228} => not found
HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{796F72C7-801D-4023-B390-828094F13354} => removed successfully
HKLM\Software\Classes\CLSID\{796F72C7-801D-4023-B390-828094F13354} => not found
HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D2AF6C43-5D37-402B-88FF-9478A75353BE} => removed successfully
HKLM\Software\Classes\CLSID\{D2AF6C43-5D37-402B-88FF-9478A75353BE} => not found
HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D66B51DC-F487-4FEB-87FD-26F9FD134313} => removed successfully
HKLM\Software\Classes\CLSID\{D66B51DC-F487-4FEB-87FD-26F9FD134313} => not found
HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EE11300D-69A8-425F-AA5A-D65663C61726} => removed successfully
HKLM\Software\Classes\CLSID\{EE11300D-69A8-425F-AA5A-D65663C61726} => not found
HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F0F59DBB-18C9-4A3B-A569-CCD6A8CEF9E4} => removed successfully
HKLM\Software\Classes\CLSID\{F0F59DBB-18C9-4A3B-A569-CCD6A8CEF9E4} => not found
HKU\S-1-5-21-961389813-253083461-155772885-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FB5D1D42-CFC3-4C74-A2A1-FC4D57EB4106} => removed successfully
HKLM\Software\Classes\CLSID\{FB5D1D42-CFC3-4C74-A2A1-FC4D57EB4106} => not found
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} => Error: No automatic fix found for this entry.
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {03D63234-5DED-4CAC-8D12-1A01DE9F8202} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454 => Error: No automatic fix found for this entry.
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {50583A84-F748-4DA2-89D4-40AF18332228} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454 => Error: No automatic fix found for this entry.
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {796F72C7-801D-4023-B390-828094F13354} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454 => Error: No automatic fix found for this entry.
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {D2AF6C43-5D37-402B-88FF-9478A75353BE} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_12454 => Error: No automatic fix found for this entry.
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {D66B51DC-F487-4FEB-87FD-26F9FD134313} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454 => Error: No automatic fix found for this entry.
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {EE11300D-69A8-425F-AA5A-D65663C61726} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454 => Error: No automatic fix found for this entry.
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {F0F59DBB-18C9-4A3B-A569-CCD6A8CEF9E4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454 => Error: No automatic fix found for this entry.
SearchScopes: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762 -> {FB5D1D42-CFC3-4C74-A2A1-FC4D57EB4106} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454 => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => removed successfully
HKLM\Software\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully
HKLM\System\CurrentControlSet\Services\cpuz143 => removed successfully
cpuz143 => service removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_ctypes.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_elementtree.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_hashlib.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_multiprocessing.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_psutil_windows.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_socket.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_ssl.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\_yappi.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\common.time34.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\hashobjs_ext.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\pyexpat.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\pysqlite2._sqlite.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\pythoncom27.dll => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\pywintypes27.dll => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\select.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\thumbnails_ext.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\unicodedata.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\usb_ext.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32api.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32com.shell.shell.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32crypt.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32event.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32file.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32gui.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32inet.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32pdh.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32pipe.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32process.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32profile.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32security.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\win32ts.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._animate.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._controls_.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._core_.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._gdi_.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._html2.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._misc_.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._windows_.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wx._wizard.pyd => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\python27.dll => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxbase30u_net_vc90.dll => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxbase30u_vc90.dll => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxmsw30u_adv_vc90.dll => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxmsw30u_core_vc90.dll => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxmsw30u_html_vc90.dll => moved successfully
C:\Users\Vašek\AppData\Local\Temp\_MEI55762\wxmsw30u_webview_vc90.dll => moved successfully
C:\ProgramData\Temp => ":5C321E34" ADS removed successfully
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008i.com => removed successfully
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008k.com => removed successfully
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\00hq.com => removed successfully
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0190-dialers.com => removed successfully
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\01i.info => removed successfully
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\02pmnzy5eo29bfk4.com => removed successfully
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0411dd.com => removed successfully
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0511zfhl.com => removed successfully
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\05p.com => removed successfully
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0632qyw.com => removed successfully
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\07ic5do2myz3vzpk.com => removed successfully
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\08nigbmwk43i01y6.com => removed successfully
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\093qpeuqpmz6ebfa.com => removed successfully
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0calories.net => removed successfully
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0cj.net => removed successfully
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0scan.com => removed successfully
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-britney-spears-nude.com => removed successfully
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-domains-registrations.com => removed successfully
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-se.com => removed successfully
HKU\S-1-5-21-961389813-253083461-155772885-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1001movie.com => removed successfully
There are 6091 more sites. => Error: No automatic fix found for this entry.
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\008i.com -> 008i.com => Error: No automatic fix found for this entry.
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\008k.com -> 008k.com => Error: No automatic fix found for this entry.
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\00hq.com -> 00hq.com => Error: No automatic fix found for this entry.
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0190-dialers.com -> 0190-dialers.com => Error: No automatic fix found for this entry.
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\01i.info -> 01i.info => Error: No automatic fix found for this entry.
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com => Error: No automatic fix found for this entry.
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0411dd.com -> 0411dd.com => Error: No automatic fix found for this entry.
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0511zfhl.com -> 0511zfhl.com => Error: No automatic fix found for this entry.
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\05p.com -> 05p.com => Error: No automatic fix found for this entry.
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0632qyw.com -> 0632qyw.com => Error: No automatic fix found for this entry.
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com => Error: No automatic fix found for this entry.
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com => Error: No automatic fix found for this entry.
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com => Error: No automatic fix found for this entry.
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0calories.net -> 0calories.net => Error: No automatic fix found for this entry.
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0cj.net -> 0cj.net => Error: No automatic fix found for this entry.
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\0scan.com -> 0scan.com => Error: No automatic fix found for this entry.
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com => Error: No automatic fix found for this entry.
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\1-domains-registrations.com -> 1-domains-registrations.com => Error: No automatic fix found for this entry.
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\1-se.com -> 1-se.com => Error: No automatic fix found for this entry.
IE restricted site: HKU\S-1-5-21-961389813-253083461-155772885-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09082019215730762\...\1001movie.com -> 1001movie.com => Error: No automatic fix found for this entry.
There are 6091 more sites. => Error: No automatic fix found for this entry.
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk" => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\McAfee Security Scan Plus.lnk" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D0EA622-CCB9-49F3-9CF2-EECA1F97A943}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C8D805D7-9EF1-4F4B-AE4A-EC5E35C02F55}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{40FBFDCE-AD66-4A36-8AF2-BFBE40CBEC12}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{348ED8B4-55BC-4DE0-851C-8835D94B36AC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AC86B456-2C27-470A-8A63-E63E00839398}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{14C0C40B-346D-4DBB-A16E-7FA95F841A70}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 104841242 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 125616 B
Edge => 1315809 B
Chrome => 392604159 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6874 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Vašek => 335304720 B
Naďa => 1288739 B
Michal => 21362 B
Administrator => 19072 B

RecycleBin => 292444 B
EmptyTemp: => 807.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:50:23 ====

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 40000
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 11 zář 2019 22:48

Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

vašekp
Level 3
Level 3
Příspěvky: 420
Registrován: listopad 07
Pohlaví: Nespecifikováno

Re: Prosím o kontrolu logu

Příspěvekod vašekp » 12 zář 2019 22:28

Podařilo se, už vše funguje. Děkuji.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 40000
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 12 zář 2019 22:44

Stáhni si zde DelFix
Další odkazy:
https://toolslib.net/downloads/viewdownload/2-delfix/
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7, 8 a10 musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

vašekp
Level 3
Level 3
Příspěvky: 420
Registrován: listopad 07
Pohlaví: Nespecifikováno

Re: Prosím o kontrolu logu

Příspěvekod vašekp » 17 zář 2019 21:50

# DelFix v1.013 - Logfile created 17/09/2019 at 21:46:43
# Updated 17/04/2016 by Xplode
# Username : Vašek - IDEA-PC
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\Users\Vašek\Desktop\FRST64.exe
Deleted : C:\Users\Vašek\Downloads\HiJackThis.zip
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #14 [Windows Update | 09/12/2019 14:58:16]

New restore point created !

########## - EOF - ##########

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 40000
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Prosím o kontrolu logu  Vyřešeno

Příspěvekod jaro3 » 17 zář 2019 22:18

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot], karlos a 20 hostů