Kontrola logu

Zpráva

Rumburaq · #1 Příspěvek od **Rumburaq** » 09 kvě 2018 19:48

Zdravím,

prosím o kontrolu logu. Počítač odesílá svévolně zprávy na FB

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.05.2018 01
Ran by Barca (administrator) on DESKTOP-9AHDH9S (09-05-2018 20:11:20)
Running from C:\Users\Barca\Desktop
Loaded Profiles: Barca (Available Profiles: defaultuser0 & Barca)
Platform: Windows 10 Pro Version 1607 14393.1358 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1439_none_7efe016621f50bd0\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(forum.viry.cz) C:\Users\Barca\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-05-07] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2169092838-631855675-305886205-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18334528 2018-04-12] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{450081cf-9842-407f-848f-1c8a3c93010e}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{bc4f9edd-e7b1-4ae1-8b24-370ee2b2c45a}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-24] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-24] (Oracle Corporation)
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File

Edge:
======
Edge Session Restore: HKU\S-1-5-21-2169092838-631855675-305886205-1001 -> is enabled.
Edge Extension: (No Name) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_1.12.0.0_neutral__c1wakc4j0nefm [not found]

FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)

Chrome:
=======
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR Profile: C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default [2018-05-09]
CHR Extension: (Dokumenty) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-17]
CHR Extension: (YouTube) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-22]
CHR Extension: (Starmark) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkadmjipgnnbhfbkajienkgpaiipdklp [2018-05-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-05-04]
CHR Extension: (Gmail) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-17]
CHR Extension: (Chrome Media Router) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-24]
CHR Profile: C:\Users\Barca\AppData\Local\Google\Chrome\User Data\System Profile [2018-05-09]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7603408 2018-05-07] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [313640 2018-05-07] (AVAST Software)
R2 esifsvc; C:\Windows\SysWoW64\esif_uf.exe [1394360 2015-08-13] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [363432 2015-10-23] (Intel Corporation)
R2 osrss; C:\Windows\system32\osrss.dll [108584 2018-01-18] (Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe [4632736 2018-04-26] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe [104680 2018-04-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196640 2018-05-07] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-05-07] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-05-07] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-05-07] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-05-07] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [227784 2018-05-07] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-05-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [147224 2018-05-07] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111352 2018-05-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84368 2018-05-07] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026696 2018-05-07] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-05-07] (AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-05-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380528 2018-05-07] (AVAST Software)
S3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [67584 2016-07-16] (Microsoft Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [53752 2015-08-13] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [261624 2015-08-13] (Intel Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5915048 2015-10-23] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46072 2018-04-26] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [313888 2018-04-26] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61472 2018-04-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-09 20:11 - 2018-05-09 20:12 - 000011276 _____ C:\Users\Barca\Desktop\FRST.txt
2018-05-09 20:11 - 2018-05-09 20:11 - 000000000 ____D C:\FRST
2018-05-09 20:10 - 2018-05-09 20:11 - 002406912 _____ (Farbar) C:\Users\Barca\Desktop\FRST64.exe
2018-05-09 20:07 - 2018-05-09 20:09 - 000112640 _____ (forum.viry.cz) C:\Users\Barca\Desktop\FRSTLauncher.exe
2018-05-09 20:06 - 2018-05-09 20:06 - 000112640 _____ (forum.viry.cz) C:\Users\Barca\Downloads\Nepotvrzeno 69252.crdownload
2018-05-08 10:38 - 2018-05-08 10:38 - 000067042 _____ C:\Users\Barca\Downloads\pravidla.pdf
2018-05-07 23:33 - 2018-05-07 23:36 - 000000000 ____D C:\AdwCleaner
2018-05-07 23:32 - 2018-05-07 23:33 - 007271632 _____ (Malwarebytes) C:\Users\Barca\Downloads\adwcleaner_7.1.1.exe
2018-05-07 23:19 - 2018-05-07 23:20 - 000388608 _____ (Trend Micro Inc.) C:\Users\Barca\Downloads\hijackthis.exe
2018-05-07 22:59 - 2018-05-07 22:59 - 000000000 ____D C:\Users\Barca\AppData\Roaming\AVAST Software
2018-05-07 22:49 - 2018-05-07 22:49 - 000001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2018-05-07 22:49 - 2018-05-07 22:49 - 000001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-05-07 22:47 - 2018-05-07 23:53 - 000004264 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-05-07 22:47 - 2018-05-07 22:47 - 000061304 _____ () C:\Windows\system32\Drivers\lpsport.sys
2018-05-07 22:47 - 2018-05-07 22:47 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-05-07 22:45 - 2018-05-07 22:47 - 000147224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-05-07 22:45 - 2018-05-07 22:45 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-05-07 22:45 - 2018-05-07 22:44 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-05-07 22:45 - 2018-05-07 22:44 - 000380528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-05-07 22:45 - 2018-05-07 22:44 - 000376536 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-05-07 22:45 - 2018-05-07 22:44 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-05-07 22:45 - 2018-05-07 22:44 - 000196640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-05-07 22:45 - 2018-05-07 22:44 - 000111352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-05-07 22:45 - 2018-05-07 22:44 - 000084368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-05-07 22:45 - 2018-05-07 22:44 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-05-07 22:45 - 2018-05-07 22:43 - 001026696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-05-07 22:45 - 2018-05-07 22:43 - 000343752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-05-07 22:45 - 2018-05-07 22:43 - 000227784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-05-07 22:45 - 2018-05-07 22:43 - 000227504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-05-07 22:45 - 2018-05-07 22:43 - 000199440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-05-07 22:45 - 2018-05-07 22:43 - 000057680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-05-07 22:42 - 2018-05-07 23:54 - 000004210 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-05-07 22:42 - 2018-05-07 23:22 - 000000000 ____D C:\ProgramData\AVAST Software
2018-05-07 22:42 - 2018-05-07 22:42 - 000002870 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-05-07 22:42 - 2018-05-07 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-05-07 22:42 - 2018-05-07 22:42 - 000000000 ____D C:\Program Files\CCleaner
2018-05-07 22:42 - 2018-05-07 22:42 - 000000000 ____D C:\Program Files\AVAST Software
2018-05-07 22:37 - 2018-05-07 22:40 - 015813864 _____ (Piriform Ltd) C:\Users\Barca\Downloads\ccsetup542.exe
2018-05-07 22:33 - 2018-05-07 22:34 - 000000000 ____D C:\KVRT_Data
2018-05-07 10:54 - 2018-05-07 10:55 - 000000000 ___HD C:\$WINDOWS.~BT
2018-05-06 22:44 - 2018-05-06 22:44 - 000192523 _____ C:\Users\Barca\Documents\Pracovni-list-Zdravotnik_uprava04.pdf
2018-05-06 22:43 - 2018-05-06 22:43 - 000139516 _____ C:\Users\Barca\Documents\Pracovni-list-Chuva_uprava03.pdf
2018-05-01 18:53 - 2018-05-01 18:53 - 000000000 ___RD C:\Users\Barca\Desktop\Saved Pictures
2018-04-24 15:00 - 2018-04-24 15:00 - 000002809 _____ C:\Users\Barca\AppData\Local\recently-used.xbel
2018-04-24 14:45 - 2018-04-24 15:01 - 000000000 ____D C:\Users\Barca\AppData\Local\gtk-2.0
2018-04-24 14:35 - 2018-04-24 14:35 - 000000000 ____D C:\Users\Barca\.thumbnails
2018-04-24 14:34 - 2018-04-24 14:34 - 000000000 ____D C:\Users\Barca\AppData\Local\webkit
2018-04-24 14:30 - 2018-04-24 14:30 - 000000000 ____D C:\Users\Barca\AppData\Local\fontconfig
2018-04-24 14:29 - 2018-05-03 17:17 - 000000000 ____D C:\Users\Barca\.gimp-2.8
2018-04-24 14:29 - 2018-04-24 14:29 - 000000000 ____D C:\Users\Barca\AppData\Local\gegl-0.2
2018-04-24 14:24 - 2018-04-24 14:25 - 089579672 _____ (The GIMP Team ) C:\Users\Barca\Downloads\gimp-2.8.22-setup.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-09 19:55 - 2016-07-16 13:45 - 000000000 ____D C:\Windows\INF
2018-05-09 19:53 - 2016-11-07 00:36 - 000000000 ____D C:\Users\Barca\AppData\Local\Packages
2018-05-09 19:53 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-09 19:53 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\AppReadiness
2018-05-09 19:39 - 2016-12-02 15:40 - 000004208 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D5C5B7B8-5B70-490D-B4BB-B8D2C7B9DF33}
2018-05-09 19:31 - 2016-11-07 00:47 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-05-09 19:31 - 2016-11-07 00:47 - 000000000 __SHD C:\Users\Barca\IntelGraphicsProfiles
2018-05-09 19:30 - 2016-11-07 00:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-05-09 19:30 - 2016-11-07 00:18 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-05-09 14:49 - 2016-11-07 00:36 - 000000000 ____D C:\Users\Barca
2018-05-08 00:32 - 2016-07-16 13:36 - 000000000 ____D C:\Windows\CbsTemp
2018-05-07 23:37 - 2016-07-16 08:04 - 000786432 _____ C:\Windows\system32\config\BBI
2018-05-07 23:20 - 2016-11-07 00:36 - 000000000 ____D C:\Users\Barca\AppData\Local\VirtualStore
2018-05-07 23:15 - 2016-11-07 00:17 - 000000000 ____D C:\Windows\Panther
2018-05-07 22:55 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\LiveKernelReports
2018-05-04 22:08 - 2017-12-09 18:42 - 000001908 _____ C:\Windows\diagwrn.xml
2018-05-04 22:08 - 2017-12-09 18:42 - 000001908 _____ C:\Windows\diagerr.xml
2018-05-04 22:08 - 2017-12-09 18:10 - 000000000 ___HD C:\$GetCurrent
2018-05-04 21:48 - 2017-12-09 18:34 - 000000036 _____ C:\Windows\progress.ini
2018-05-04 21:41 - 2017-12-09 18:09 - 000000000 ____D C:\Windows10Upgrade
2018-05-04 21:36 - 2018-03-14 09:01 - 000000795 _____ C:\Users\Barca\Desktop\Pomocník s aktualizací Windows 10.lnk
2018-05-04 21:36 - 2017-12-09 18:10 - 000000807 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pomocník s aktualizací Windows 10.lnk
2018-05-02 14:32 - 2016-11-17 14:01 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-02 07:41 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\NDF
2018-05-01 18:35 - 2017-04-02 15:21 - 000000000 ____D C:\Users\Barca\Documents\Zvukové záznamy
2018-04-30 12:42 - 2016-11-07 00:36 - 000000000 ____D C:\Users\Barca\AppData\Local\Publishers
2018-04-26 19:50 - 2017-07-27 09:19 - 000003374 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2169092838-631855675-305886205-1001
2018-04-26 19:50 - 2016-11-07 00:38 - 000002387 _____ C:\Users\Barca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-04-26 19:50 - 2016-11-07 00:38 - 000000000 ___RD C:\Users\Barca\OneDrive
2018-04-26 07:06 - 2018-03-01 15:22 - 000000000 ____D C:\Windows\system32\Drivers\wd
2018-04-21 18:58 - 2016-11-07 00:32 - 003459386 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-21 18:58 - 2016-07-17 00:25 - 001460866 _____ C:\Windows\system32\perfh005.dat
2018-04-21 18:58 - 2016-07-17 00:25 - 000387686 _____ C:\Windows\system32\perfc005.dat
2018-04-16 20:44 - 2016-11-07 11:31 - 000000000 ____D C:\Windows\system32\MRT
2018-04-16 20:30 - 2017-10-11 14:29 - 136971704 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-04-16 20:30 - 2016-11-07 11:31 - 136971704 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-04-16 20:21 - 2017-09-29 20:34 - 000000000 ____D C:\Program Files\rempl

==================== Files in the root of some directories =======

2018-04-24 15:00 - 2018-04-24 15:00 - 000002809 _____ () C:\Users\Barca\AppData\Local\recently-used.xbel

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Barca\Desktop" je 4 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.05.2018 01
Ran by Barca (administrator) on DESKTOP-9AHDH9S (09-05-2018 20:18:30)
Running from C:\Users\Barca\Desktop
Loaded Profiles: Barca (Available Profiles: defaultuser0 & Barca)
Platform: Windows 10 Pro Version 1607 14393.1358 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1439_none_7efe016621f50bd0\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(forum.viry.cz) C:\Users\Barca\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-05-07] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2169092838-631855675-305886205-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18334528 2018-04-12] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{450081cf-9842-407f-848f-1c8a3c93010e}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{bc4f9edd-e7b1-4ae1-8b24-370ee2b2c45a}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-24] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-24] (Oracle Corporation)
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File

Edge:
======
Edge Session Restore: HKU\S-1-5-21-2169092838-631855675-305886205-1001 -> is enabled.
Edge Extension: (No Name) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_1.12.0.0_neutral__c1wakc4j0nefm [not found]

FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)

Chrome:
=======
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR Profile: C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default [2018-05-09]
CHR Extension: (Dokumenty) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-17]
CHR Extension: (YouTube) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-22]
CHR Extension: (Starmark) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkadmjipgnnbhfbkajienkgpaiipdklp [2018-05-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-05-04]
CHR Extension: (Gmail) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-17]
CHR Extension: (Chrome Media Router) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-24]
CHR Profile: C:\Users\Barca\AppData\Local\Google\Chrome\User Data\System Profile [2018-05-09]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7603408 2018-05-07] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [313640 2018-05-07] (AVAST Software)
R2 esifsvc; C:\Windows\SysWoW64\esif_uf.exe [1394360 2015-08-13] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [363432 2015-10-23] (Intel Corporation)
R2 osrss; C:\Windows\system32\osrss.dll [108584 2018-01-18] (Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe [4632736 2018-04-26] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe [104680 2018-04-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196640 2018-05-07] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-05-07] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-05-07] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-05-07] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-05-07] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [227784 2018-05-07] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-05-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [147224 2018-05-07] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111352 2018-05-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84368 2018-05-07] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026696 2018-05-07] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-05-07] (AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-05-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380528 2018-05-07] (AVAST Software)
S3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [67584 2016-07-16] (Microsoft Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [53752 2015-08-13] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [261624 2015-08-13] (Intel Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5915048 2015-10-23] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46072 2018-04-26] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [313888 2018-04-26] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61472 2018-04-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-09 20:18 - 2018-05-09 20:19 - 000011126 _____ C:\Users\Barca\Desktop\FRST.txt
2018-05-09 20:15 - 2018-05-09 20:15 - 000023870 _____ C:\Users\Barca\Desktop\FRST3.txt
2018-05-09 20:11 - 2018-05-09 20:18 - 000000000 ____D C:\FRST
2018-05-09 20:10 - 2018-05-09 20:11 - 002406912 _____ (Farbar) C:\Users\Barca\Desktop\FRST64.exe
2018-05-09 20:07 - 2018-05-09 20:09 - 000112640 _____ (forum.viry.cz) C:\Users\Barca\Desktop\FRSTLauncher.exe
2018-05-09 20:06 - 2018-05-09 20:06 - 000112640 _____ (forum.viry.cz) C:\Users\Barca\Downloads\Nepotvrzeno 69252.crdownload
2018-05-08 10:38 - 2018-05-08 10:38 - 000067042 _____ C:\Users\Barca\Downloads\pravidla.pdf
2018-05-07 23:33 - 2018-05-07 23:36 - 000000000 ____D C:\AdwCleaner
2018-05-07 23:32 - 2018-05-07 23:33 - 007271632 _____ (Malwarebytes) C:\Users\Barca\Downloads\adwcleaner_7.1.1.exe
2018-05-07 23:19 - 2018-05-07 23:20 - 000388608 _____ (Trend Micro Inc.) C:\Users\Barca\Downloads\hijackthis.exe
2018-05-07 22:59 - 2018-05-07 22:59 - 000000000 ____D C:\Users\Barca\AppData\Roaming\AVAST Software
2018-05-07 22:49 - 2018-05-07 22:49 - 000001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2018-05-07 22:49 - 2018-05-07 22:49 - 000001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-05-07 22:47 - 2018-05-07 23:53 - 000004264 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-05-07 22:47 - 2018-05-07 22:47 - 000061304 _____ () C:\Windows\system32\Drivers\lpsport.sys
2018-05-07 22:47 - 2018-05-07 22:47 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-05-07 22:45 - 2018-05-07 22:47 - 000147224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-05-07 22:45 - 2018-05-07 22:45 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-05-07 22:45 - 2018-05-07 22:44 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-05-07 22:45 - 2018-05-07 22:44 - 000380528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-05-07 22:45 - 2018-05-07 22:44 - 000376536 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-05-07 22:45 - 2018-05-07 22:44 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-05-07 22:45 - 2018-05-07 22:44 - 000196640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-05-07 22:45 - 2018-05-07 22:44 - 000111352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-05-07 22:45 - 2018-05-07 22:44 - 000084368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-05-07 22:45 - 2018-05-07 22:44 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-05-07 22:45 - 2018-05-07 22:43 - 001026696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-05-07 22:45 - 2018-05-07 22:43 - 000343752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-05-07 22:45 - 2018-05-07 22:43 - 000227784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-05-07 22:45 - 2018-05-07 22:43 - 000227504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-05-07 22:45 - 2018-05-07 22:43 - 000199440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-05-07 22:45 - 2018-05-07 22:43 - 000057680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-05-07 22:42 - 2018-05-07 23:54 - 000004210 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-05-07 22:42 - 2018-05-07 23:22 - 000000000 ____D C:\ProgramData\AVAST Software
2018-05-07 22:42 - 2018-05-07 22:42 - 000002870 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-05-07 22:42 - 2018-05-07 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-05-07 22:42 - 2018-05-07 22:42 - 000000000 ____D C:\Program Files\CCleaner
2018-05-07 22:42 - 2018-05-07 22:42 - 000000000 ____D C:\Program Files\AVAST Software
2018-05-07 22:37 - 2018-05-07 22:40 - 015813864 _____ (Piriform Ltd) C:\Users\Barca\Downloads\ccsetup542.exe
2018-05-07 22:33 - 2018-05-07 22:34 - 000000000 ____D C:\KVRT_Data
2018-05-07 10:54 - 2018-05-07 10:55 - 000000000 ___HD C:\$WINDOWS.~BT
2018-05-06 22:44 - 2018-05-06 22:44 - 000192523 _____ C:\Users\Barca\Documents\Pracovni-list-Zdravotnik_uprava04.pdf
2018-05-06 22:43 - 2018-05-06 22:43 - 000139516 _____ C:\Users\Barca\Documents\Pracovni-list-Chuva_uprava03.pdf
2018-05-01 18:53 - 2018-05-01 18:53 - 000000000 ___RD C:\Users\Barca\Desktop\Saved Pictures
2018-04-24 15:00 - 2018-04-24 15:00 - 000002809 _____ C:\Users\Barca\AppData\Local\recently-used.xbel
2018-04-24 14:45 - 2018-04-24 15:01 - 000000000 ____D C:\Users\Barca\AppData\Local\gtk-2.0
2018-04-24 14:35 - 2018-04-24 14:35 - 000000000 ____D C:\Users\Barca\.thumbnails
2018-04-24 14:34 - 2018-04-24 14:34 - 000000000 ____D C:\Users\Barca\AppData\Local\webkit
2018-04-24 14:30 - 2018-04-24 14:30 - 000000000 ____D C:\Users\Barca\AppData\Local\fontconfig
2018-04-24 14:29 - 2018-05-03 17:17 - 000000000 ____D C:\Users\Barca\.gimp-2.8
2018-04-24 14:29 - 2018-04-24 14:29 - 000000000 ____D C:\Users\Barca\AppData\Local\gegl-0.2
2018-04-24 14:24 - 2018-04-24 14:25 - 089579672 _____ (The GIMP Team ) C:\Users\Barca\Downloads\gimp-2.8.22-setup.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-09 19:55 - 2016-07-16 13:45 - 000000000 ____D C:\Windows\INF
2018-05-09 19:53 - 2016-11-07 00:36 - 000000000 ____D C:\Users\Barca\AppData\Local\Packages
2018-05-09 19:53 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-09 19:53 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\AppReadiness
2018-05-09 19:39 - 2016-12-02 15:40 - 000004208 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D5C5B7B8-5B70-490D-B4BB-B8D2C7B9DF33}
2018-05-09 19:31 - 2016-11-07 00:47 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-05-09 19:31 - 2016-11-07 00:47 - 000000000 __SHD C:\Users\Barca\IntelGraphicsProfiles
2018-05-09 19:30 - 2016-11-07 00:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-05-09 19:30 - 2016-11-07 00:18 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-05-09 14:49 - 2016-11-07 00:36 - 000000000 ____D C:\Users\Barca
2018-05-08 00:32 - 2016-07-16 13:36 - 000000000 ____D C:\Windows\CbsTemp
2018-05-07 23:37 - 2016-07-16 08:04 - 000786432 _____ C:\Windows\system32\config\BBI
2018-05-07 23:20 - 2016-11-07 00:36 - 000000000 ____D C:\Users\Barca\AppData\Local\VirtualStore
2018-05-07 23:15 - 2016-11-07 00:17 - 000000000 ____D C:\Windows\Panther
2018-05-07 22:55 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\LiveKernelReports
2018-05-04 22:08 - 2017-12-09 18:42 - 000001908 _____ C:\Windows\diagwrn.xml
2018-05-04 22:08 - 2017-12-09 18:42 - 000001908 _____ C:\Windows\diagerr.xml
2018-05-04 22:08 - 2017-12-09 18:10 - 000000000 ___HD C:\$GetCurrent
2018-05-04 21:48 - 2017-12-09 18:34 - 000000036 _____ C:\Windows\progress.ini
2018-05-04 21:41 - 2017-12-09 18:09 - 000000000 ____D C:\Windows10Upgrade
2018-05-04 21:36 - 2018-03-14 09:01 - 000000795 _____ C:\Users\Barca\Desktop\Pomocník s aktualizací Windows 10.lnk
2018-05-04 21:36 - 2017-12-09 18:10 - 000000807 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pomocník s aktualizací Windows 10.lnk
2018-05-02 14:32 - 2016-11-17 14:01 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-02 07:41 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\NDF
2018-05-01 18:35 - 2017-04-02 15:21 - 000000000 ____D C:\Users\Barca\Documents\Zvukové záznamy
2018-04-30 12:42 - 2016-11-07 00:36 - 000000000 ____D C:\Users\Barca\AppData\Local\Publishers
2018-04-26 19:50 - 2017-07-27 09:19 - 000003374 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2169092838-631855675-305886205-1001
2018-04-26 19:50 - 2016-11-07 00:38 - 000002387 _____ C:\Users\Barca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-04-26 19:50 - 2016-11-07 00:38 - 000000000 ___RD C:\Users\Barca\OneDrive
2018-04-26 07:06 - 2018-03-01 15:22 - 000000000 ____D C:\Windows\system32\Drivers\wd
2018-04-21 18:58 - 2016-11-07 00:32 - 003459386 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-21 18:58 - 2016-07-17 00:25 - 001460866 _____ C:\Windows\system32\perfh005.dat
2018-04-21 18:58 - 2016-07-17 00:25 - 000387686 _____ C:\Windows\system32\perfc005.dat
2018-04-16 20:44 - 2016-11-07 11:31 - 000000000 ____D C:\Windows\system32\MRT
2018-04-16 20:30 - 2017-10-11 14:29 - 136971704 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-04-16 20:30 - 2016-11-07 11:31 - 136971704 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-04-16 20:21 - 2017-09-29 20:34 - 000000000 ____D C:\Program Files\rempl

==================== Files in the root of some directories =======

2018-04-24 15:00 - 2018-04-24 15:00 - 000002809 _____ () C:\Users\Barca\AppData\Local\recently-used.xbel

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-04-29 13:25

==================== End of FRST.txt ============================

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:930.96 GB) (Free:846.33 GB) NTFS
\\?\Volume{9fe381f5-c904-4824-b040-d8700afdc4c7}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS

Available physical RAM: 1527.86 MB
Total physical RAM: 3996.95 MB
Percentage of memory in use: 61%

==================== MBR and Partition Table ==================

Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Barca\Desktop" je 4 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

==================== End Of Log ==============================

#2 Příspěvek od **Rudy** » 09 kvě 2018 20:08

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Rumburaq · #3 Příspěvek od **Rumburaq** » 09 kvě 2018 20:16

# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-05-09.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-09-2018
# Duration: 00:00:28
# OS: Windows 10 Pro
# Scanned: 40843
# Detected: 0

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

#4 Příspěvek od **Rudy** » 09 kvě 2018 21:02

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Rumburaq · #5 Příspěvek od **Rumburaq** » 09 kvě 2018 21:10

Fix result of Farbar Recovery Scan Tool (x64) Version: 06.05.2018 01
Ran by Barca (09-05-2018 22:04:59) Run:1
Running from C:\Users\Barca\Desktop
Loaded Profiles: Barca (Available Profiles: defaultuser0 & Barca)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKLM\Software\Classes\PROTOCOLS\Handler\wlpg" => removed successfully
HKLM\Software\Classes\CLSID\{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} => not found
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found

=========== EmptyTemp: ==========

BITS transfer queue => 1705888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 104761190 B
Java, Flash, Steam htmlcache => 749 B
Windows/system/drivers => 516084 B
Edge => 4208576 B
Chrome => 76657120 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 4250 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 1634 B
NetworkService => 907152 B
defaultuser0 => 128 B
Barca => 53980862 B

RecycleBin => 1795509 B
EmptyTemp: => 233.2 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 22:05:48 ====

#6 Příspěvek od **Rudy** » 10 kvě 2018 12:52

Smazáno. Nastala nějaká změna?

Rumburaq · #7 Příspěvek od **Rumburaq** » 17 kvě 2018 22:24

Zdravím,

mnohokrát děkuji za pomoc. Asi dva dny to šlo bez toho, abych něco spatného pozoroval. A pak začal se ntb zpomalovat a na fb rozesílat nějaké zprávy a videa. Pošlu opět logy

Rumburaq · #8 Příspěvek od **Rumburaq** » 17 kvě 2018 22:43

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by Barca (administrator) on DESKTOP-9AHDH9S (17-05-2018 23:28:00)
Running from C:\Users\Barca\Desktop
Loaded Profiles: Barca (Available Profiles: defaultuser0 & Barca)
Platform: Windows 10 Pro Version 1607 14393.1358 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Barca\AppData\Local\Google\Chrome\User Data\SwReporter\29.154.200\software_reporter_tool.exe
(Google) C:\Users\Barca\AppData\Local\Google\Chrome\User Data\SwReporter\29.154.200\software_reporter_tool.exe
(Google) C:\Users\Barca\AppData\Local\Google\Chrome\User Data\SwReporter\29.154.200\software_reporter_tool.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1439_none_7efe016621f50bd0\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Barca\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\UpdateAssistant\UpdateAssistant.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-05-16] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKU\S-1-5-21-2169092838-631855675-305886205-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18334016 2018-05-10] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{450081cf-9842-407f-848f-1c8a3c93010e}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{bc4f9edd-e7b1-4ae1-8b24-370ee2b2c45a}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-05-09] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-09] (Oracle Corporation)

Edge:
======
Edge Session Restore: HKU\S-1-5-21-2169092838-631855675-305886205-1001 -> is enabled.
Edge Extension: (No Name) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_1.12.0.0_neutral__c1wakc4j0nefm [not found]

FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)

Chrome:
=======
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR Profile: C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default [2018-05-17]
CHR Extension: (Dokumenty) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-17]
CHR Extension: (YouTube) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-22]
CHR Extension: (Starmark) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkadmjipgnnbhfbkajienkgpaiipdklp [2018-05-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-05-04]
CHR Extension: (Gmail) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-17]
CHR Extension: (Chrome Media Router) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-24]
CHR Profile: C:\Users\Barca\AppData\Local\Google\Chrome\User Data\System Profile [2018-05-09]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7620096 2018-05-16] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2018-05-16] (AVAST Software)
R2 esifsvc; C:\Windows\SysWoW64\esif_uf.exe [1394360 2015-08-13] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [363432 2015-10-23] (Intel Corporation)
R2 osrss; C:\Windows\system32\osrss.dll [108584 2018-01-18] (Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe [4632736 2018-04-26] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe [104680 2018-04-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196640 2018-05-16] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-05-07] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-05-07] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-05-07] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-05-07] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [234560 2018-05-16] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-05-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [159120 2018-05-16] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111360 2018-05-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85968 2018-05-16] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-05-16] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-05-16] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-05-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381552 2018-05-16] (AVAST Software)
S3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [67584 2016-07-16] (Microsoft Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [53752 2015-08-13] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [261624 2015-08-13] (Intel Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5915048 2015-10-23] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46072 2018-04-26] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [313888 2018-04-26] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61472 2018-04-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-17 23:28 - 2018-05-17 23:28 - 000010868 _____ C:\Users\Barca\Desktop\FRST.txt
2018-05-17 23:25 - 2018-05-17 23:27 - 000000000 ____D C:\Users\Barca\Desktop\FRST-OlderVersion
2018-05-17 23:06 - 2018-05-17 23:06 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-05-17 23:05 - 2018-05-17 23:06 - 015813432 _____ (Piriform Ltd) C:\Users\Barca\Downloads\ccsetup542 (1).exe
2018-05-16 14:30 - 2018-05-16 14:30 - 000376536 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-05-15 19:32 - 2018-05-15 19:33 - 000000000 ___HD C:\$WINDOWS.~BT
2018-05-14 19:55 - 2018-05-14 19:55 - 000000000 ____D C:\Windows\UpdateAssistant
2018-05-13 09:43 - 2018-05-13 09:43 - 000001628 _____ C:\Users\Barca\Desktop\World of Cubes Survival Craft.lnk
2018-05-13 09:42 - 2018-05-13 09:42 - 000001489 _____ C:\Users\Barca\Desktop\Defend Your Life!.lnk
2018-05-09 22:07 - 2018-05-17 23:17 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-05-09 22:04 - 2018-05-09 22:05 - 000001999 _____ C:\Users\Barca\Desktop\Fixlog.txt
2018-05-09 21:13 - 2018-05-09 21:14 - 007271632 _____ (Malwarebytes) C:\Users\Barca\Downloads\AdwCleaner.exe
2018-05-09 20:47 - 2018-05-09 20:47 - 000006753 _____ C:\Users\Barca\Desktop\Addition.zip
2018-05-09 20:11 - 2018-05-17 23:28 - 000000000 ____D C:\FRST
2018-05-09 20:10 - 2018-05-17 23:25 - 002413056 _____ (Farbar) C:\Users\Barca\Desktop\FRST64.exe
2018-05-09 20:07 - 2018-05-09 20:09 - 000112640 _____ (forum.viry.cz) C:\Users\Barca\Desktop\FRSTLauncher.exe
2018-05-09 20:06 - 2018-05-09 20:06 - 000112640 _____ (forum.viry.cz) C:\Users\Barca\Downloads\Nepotvrzeno 69252.crdownload
2018-05-08 10:38 - 2018-05-08 10:38 - 000067042 _____ C:\Users\Barca\Downloads\pravidla.pdf
2018-05-07 23:33 - 2018-05-07 23:36 - 000000000 ____D C:\AdwCleaner
2018-05-07 23:32 - 2018-05-07 23:33 - 007271632 _____ (Malwarebytes) C:\Users\Barca\Downloads\adwcleaner_7.1.1.exe
2018-05-07 23:19 - 2018-05-07 23:20 - 000388608 _____ (Trend Micro Inc.) C:\Users\Barca\Downloads\hijackthis.exe
2018-05-07 22:59 - 2018-05-07 22:59 - 000000000 ____D C:\Users\Barca\AppData\Roaming\AVAST Software
2018-05-07 22:49 - 2018-05-07 22:49 - 000001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2018-05-07 22:49 - 2018-05-07 22:49 - 000001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-05-07 22:47 - 2018-05-16 14:31 - 000003990 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-05-07 22:47 - 2018-05-07 22:47 - 000061304 _____ () C:\Windows\system32\Drivers\lpsport.sys
2018-05-07 22:47 - 2018-05-07 22:47 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-05-07 22:45 - 2018-05-16 14:30 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-05-07 22:45 - 2018-05-16 14:30 - 000381552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-05-07 22:45 - 2018-05-16 14:30 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-05-07 22:45 - 2018-05-16 14:30 - 000196640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-05-07 22:45 - 2018-05-16 14:30 - 000159120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-05-07 22:45 - 2018-05-16 14:30 - 000111360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-05-07 22:45 - 2018-05-16 14:30 - 000085968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-05-07 22:45 - 2018-05-16 14:30 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-05-07 22:45 - 2018-05-16 14:29 - 001027720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-05-07 22:45 - 2018-05-16 14:29 - 000234560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-05-07 22:45 - 2018-05-07 22:45 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-05-07 22:45 - 2018-05-07 22:43 - 000343752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-05-07 22:45 - 2018-05-07 22:43 - 000227504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-05-07 22:45 - 2018-05-07 22:43 - 000199440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-05-07 22:45 - 2018-05-07 22:43 - 000057680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-05-07 22:42 - 2018-05-17 23:06 - 000003936 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-05-07 22:42 - 2018-05-07 23:22 - 000000000 ____D C:\ProgramData\AVAST Software
2018-05-07 22:42 - 2018-05-07 22:42 - 000002870 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-05-07 22:42 - 2018-05-07 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-05-07 22:42 - 2018-05-07 22:42 - 000000000 ____D C:\Program Files\CCleaner
2018-05-07 22:42 - 2018-05-07 22:42 - 000000000 ____D C:\Program Files\AVAST Software
2018-05-07 22:37 - 2018-05-07 22:40 - 015813864 _____ (Piriform Ltd) C:\Users\Barca\Downloads\ccsetup542.exe
2018-05-07 22:33 - 2018-05-07 22:34 - 000000000 ____D C:\KVRT_Data
2018-05-06 22:44 - 2018-05-06 22:44 - 000192523 _____ C:\Users\Barca\Documents\Pracovni-list-Zdravotnik_uprava04.pdf
2018-05-06 22:43 - 2018-05-06 22:43 - 000139516 _____ C:\Users\Barca\Documents\Pracovni-list-Chuva_uprava03.pdf
2018-05-01 18:53 - 2018-05-01 18:53 - 000000000 ___RD C:\Users\Barca\Desktop\Saved Pictures
2018-04-24 15:00 - 2018-04-24 15:00 - 000002809 _____ C:\Users\Barca\AppData\Local\recently-used.xbel
2018-04-24 14:45 - 2018-04-24 15:01 - 000000000 ____D C:\Users\Barca\AppData\Local\gtk-2.0
2018-04-24 14:35 - 2018-04-24 14:35 - 000000000 ____D C:\Users\Barca\.thumbnails
2018-04-24 14:34 - 2018-04-24 14:34 - 000000000 ____D C:\Users\Barca\AppData\Local\webkit
2018-04-24 14:30 - 2018-04-24 14:30 - 000000000 ____D C:\Users\Barca\AppData\Local\fontconfig
2018-04-24 14:29 - 2018-05-03 17:17 - 000000000 ____D C:\Users\Barca\.gimp-2.8
2018-04-24 14:29 - 2018-04-24 14:29 - 000000000 ____D C:\Users\Barca\AppData\Local\gegl-0.2
2018-04-24 14:24 - 2018-04-24 14:25 - 089579672 _____ (The GIMP Team ) C:\Users\Barca\Downloads\gimp-2.8.22-setup.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-17 23:19 - 2016-11-07 00:36 - 000000000 ____D C:\Users\Barca
2018-05-17 23:18 - 2016-11-07 00:47 - 000000000 __SHD C:\Users\Barca\IntelGraphicsProfiles
2018-05-17 23:17 - 2016-11-07 00:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-05-17 23:16 - 2016-11-07 00:28 - 000000000 ____D C:\Users\defaultuser0
2018-05-17 23:16 - 2016-07-16 08:04 - 000786432 _____ C:\Windows\system32\config\BBI
2018-05-17 23:13 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-17 23:13 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\AppReadiness
2018-05-17 23:05 - 2016-12-02 15:40 - 000004208 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D5C5B7B8-5B70-490D-B4BB-B8D2C7B9DF33}
2018-05-17 23:00 - 2016-11-07 00:18 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-05-16 14:27 - 2016-07-16 13:45 - 000000000 ____D C:\Windows\INF
2018-05-15 19:35 - 2016-07-16 13:36 - 000000000 ____D C:\Windows\CbsTemp
2018-05-15 19:34 - 2016-11-07 00:17 - 000000000 ____D C:\Windows\Panther
2018-05-15 16:56 - 2016-11-07 00:36 - 000000000 ____D C:\Users\Barca\AppData\Local\Packages
2018-05-15 07:31 - 2018-03-14 09:01 - 000000795 _____ C:\Users\Barca\Desktop\Pomocník s aktualizací Windows 10.lnk
2018-05-15 07:31 - 2017-12-09 18:10 - 000000807 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pomocník s aktualizací Windows 10.lnk
2018-05-15 07:31 - 2017-12-09 18:09 - 000000000 ____D C:\Windows10Upgrade
2018-05-14 20:01 - 2016-11-07 11:31 - 000000000 ____D C:\Windows\system32\MRT
2018-05-14 19:56 - 2017-10-11 14:29 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-05-14 19:55 - 2017-09-29 20:34 - 000000000 ____D C:\Program Files\rempl
2018-05-14 19:55 - 2016-11-07 11:31 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-05-12 19:01 - 2016-11-17 14:01 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-09 22:16 - 2017-10-30 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-05-09 22:16 - 2017-10-30 19:16 - 000000000 ____D C:\Program Files (x86)\Java
2018-05-09 22:14 - 2017-10-30 19:17 - 000098760 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-05-09 22:05 - 2016-12-08 20:45 - 000000000 ____D C:\Users\Barca\AppData\LocalLow\Temp
2018-05-07 23:20 - 2016-11-07 00:36 - 000000000 ____D C:\Users\Barca\AppData\Local\VirtualStore
2018-05-07 22:55 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\LiveKernelReports
2018-05-04 22:08 - 2017-12-09 18:42 - 000001908 _____ C:\Windows\diagwrn.xml
2018-05-04 22:08 - 2017-12-09 18:42 - 000001908 _____ C:\Windows\diagerr.xml
2018-05-04 22:08 - 2017-12-09 18:10 - 000000000 ___HD C:\$GetCurrent
2018-05-04 21:48 - 2017-12-09 18:34 - 000000036 _____ C:\Windows\progress.ini
2018-05-02 07:41 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\NDF
2018-05-01 18:35 - 2017-04-02 15:21 - 000000000 ____D C:\Users\Barca\Documents\Zvukové záznamy
2018-04-30 12:42 - 2016-11-07 00:36 - 000000000 ____D C:\Users\Barca\AppData\Local\Publishers
2018-04-26 19:50 - 2017-07-27 09:19 - 000003374 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2169092838-631855675-305886205-1001
2018-04-26 19:50 - 2016-11-07 00:38 - 000002387 _____ C:\Users\Barca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-04-26 19:50 - 2016-11-07 00:38 - 000000000 ___RD C:\Users\Barca\OneDrive
2018-04-26 07:06 - 2018-03-01 15:22 - 000000000 ____D C:\Windows\system32\Drivers\wd
2018-04-21 18:58 - 2016-11-07 00:32 - 003459386 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-21 18:58 - 2016-07-17 00:25 - 001460866 _____ C:\Windows\system32\perfh005.dat
2018-04-21 18:58 - 2016-07-17 00:25 - 000387686 _____ C:\Windows\system32\perfc005.dat

==================== Files in the root of some directories =======

2018-04-24 15:00 - 2018-04-24 15:00 - 000002809 _____ () C:\Users\Barca\AppData\Local\recently-used.xbel

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Barca\Desktop" je 6 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

==================== End Of Log ==============================

Rumburaq · #9 Příspěvek od **Rumburaq** » 17 kvě 2018 22:56

# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-05-14.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-17-2018
# Duration: 00:00:02
# OS: Windows 10 Pro
# Cleaned: 0
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########

#10 Příspěvek od **Rudy** » 18 kvě 2018 09:29

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Rumburaq · #11 Příspěvek od **Rumburaq** » 21 kvě 2018 20:14

Zdravím,

zkoušel jsem to, ale PC nyní blokuje něco a tím pádem se nedostanu ani na tu stránku. Chrome je nyní úplně vyřazené, microsoft edge zobrazí jen pár stránek. Hlavně facebook kde po přihlášení hned rozesílá různé zprávy všem kontaktům.

Tak nyní nevím co s tím.

Jinak píši z jiného počítače, protože ten postižený mne na toto forum nepustí.

#12 Příspěvek od **Rudy** » 21 kvě 2018 20:59

Zkuste tedy stáhnout MBAM na flešku přes ten jiný PC a přeneste ho do toho postiženého, nainstalujte a spusťte. Lze to provést i v nouz. režimu. Případně použijte AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Ten pouze nakopírujte, spusťte a smažte vše, co najde.

Rumburaq · #13 Příspěvek od **Rumburaq** » 21 kvě 2018 21:45

Tady je txt z Malwarebytes.

Mám tedy zkusit ten AVP?

#14 Příspěvek od **Rudy** » 22 kvě 2018 16:05

Všechny nálezy MBAM smažte a pokud se stav nezměnil, zkuste i AVP.

Rumburaq · #15 Příspěvek od **Rumburaq** » 22 kvě 2018 20:47

KVRT (AVP) nic nenašlo.

A v počítači nenastaly žádné změny k lepšímu. Spíš se ještě hrozně spomalil jak internet (stahování KVRT) tak i pc.

Co mám zkusit dál?

VIRY.CZ

Kontrola logu

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu