"Brzda" práce s internetem

[marteza]

Ahoj,
často se mi při práci na internetu stane, že při otevírání nové záložky se objeví hláška ERROR IN BASEPARAMS.NEW.
Odklepnu jí, dám refresh, protože záložka zkolabuje (neodpovídá) a pracuji dál. Ovšem...

[Conder]

Ahoj

O aky prehliadac sa jedna?

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

[marteza]

Zdravím,
jedná se "pochopitelně" o Internet Explorer.

Protokol:

# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-08-24.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-27-2018
# Duration: 00:00:49
# OS: Windows 7 Home Premium
# Cleaned: 72
# Failed: 1


***** [ Services ] *****

Deleted ihpmServer

***** [ Folders ] *****

Deleted C:\Users\DELL\AppData\Local\Installer\INSTALLSENSE_28748
Deleted C:\Users\DELL\AppData\Local\Installer\INSTALLSENSE_15353
Deleted C:\Users\DELL\AppData\Local\BrowserWeb
Deleted C:\ProgramData\Tbccint
Deleted C:\Users\DELL\AppData\Local\Tbccint
Deleted C:\Users\DELL\AppData\LocalLow\Tbccint
Deleted C:\Users\DELL\AppData\LocalLow\Goobzo
Deleted C:\Program Files\Allin1Convert_8h
Deleted C:\Users\DELL\AppData\LocalLow\Allin1Convert_8h
Deleted C:\Users\DELL\AppData\Roaming\OpenCandy

***** [ Files ] *****

Deleted C:\Windows\System32\drivers\DrvAgent32.sys
Deleted C:\Windows\System32\drivers\sp_rsdrv2.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\MixVideoPlayer Update

***** [ Registry ] *****

Deleted HKLM\Software\istartsurfSoftware
Deleted HKCU\Software\Classes\pokki
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|gmsd_re_004010007
Deleted HKLM\SOFTWARE\Classes\Toolbar.CT3329621
Deleted HKLM\SOFTWARE\MozillaPlugins\@Allin1Convert_8h.com\Plugin
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6c5561b6-3dd2-46b5-83be-eae744366046}
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6874fade-02c8-4181-831a-fc7486cf1d74}
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5e58cda9-3b21-4611-a859-26ee28950e61}
Deleted HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|BrowserWeb.exe
Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Conduit
Deleted HKCU\Software\AppDataLow\Software\Tbccint
Deleted HKCU\Software\Tbccint
Deleted HKLM\Software\RayDld
Deleted HKLM\Software\ihpmserver
Deleted HKLM\Software\Classes\TypeLib\{8DD92279-9B04-4C6F-A862-EF3C24603804}
Deleted HKU\S-1-5-18\Software\Goobzo
Deleted HKCU\Software\Goobzo
Deleted HKU\.DEFAULT\Software\Goobzo
Deleted HKLM\Software\Goobzo
Deleted HKCU\Software\csastats
Deleted HKCU\Software\AppDataLow\Software\Smartbar
Deleted HKLM\Software\MaxPower
Deleted HKCU\Software\Microsoft\Tinstalls
Deleted HKCU\Software\Mozilla\Extends
Deleted HKCU\Software\CoinisRevShare
Deleted HKCU\Software\Tbccint_HKLM
Deleted HKLM\SOFTWARE\Classes\Applications\MixVideoPlayer.exe
Deleted HKLM\Software\Classes\AppID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}
Deleted HKLM\Software\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
Deleted HKLM\Software\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F671C1B3-9776-426D-A350-55FB2D9B53F7}
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88E44198-D164-4EC0-B2C0-F679D866C6DA}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7EB7381C-FB01-47FC-9C42-ED64122C1B92}
Deleted HKLM\Software\Classes\TypeLib\{6EC57031-1740-4151-93C5-C465D6063DD2}
Deleted HKLM\Software\Classes\TypeLib\{507C73BB-FC69-425E-8A49-9204F886B328}
Deleted HKLM\Software\Classes\TypeLib\{4BD0FCFF-AD64-4315-9F2C-960EF3C21623}
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{248B3E95-17A4-482D-A8A8-6B3DF4D05C35}
Deleted HKLM\Software\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E069AF1C-6C52-4212-A314-3573A4020B43}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MixVideoPlayer Update
Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Search Page
Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Default_Page_URL
Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Default_Search_URL
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.vysokorychlostni-zeleznice.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.slunecnice.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\vysokorychlostni-zeleznice.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\slunecnice.cz
Deleted HKLM\Software\MixVideoPlayer
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKLM\Software\Classes\SpeedUpMyPC
Deleted HKLM\Software\Tutorials

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Deleted http://www.istartsurf.com/?type=hp&ts=1 ... s3872s3872
Not Deleted http://www.slunecnice.cz/vyhledavani/


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [7600 octets] - [27/08/2018 19:54:24]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Conder]

Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

[marteza]

FRST.txt :

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23.08.2018
Ran by DELL (administrator) on DELL-PC (28-08-2018 18:56:32)
Running from C:\Users\DELL\Downloads
Loaded Profiles: DELL (Available Profiles: DELL)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7Debug\mdm.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-07-23] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1836985063-1227399178-2863749298-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [13684416 2018-07-20] (Piriform Ltd)
HKU\S-1-5-21-1836985063-1227399178-2863749298-1000\...\MountPoints2: {df5bc41b-5333-11e7-a7f5-002170d84af0} - E:\autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2018-05-01]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP DeskJet 1110 series.lnk [2018-08-28]
ShortcutTarget: Sledovat výstrahy inkoustu - HP DeskJet 1110 series.lnk -> C:\Program Files\HP\HP DeskJet 1110 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{B0D11B7A-5D85-4697-B31E-B9B98142522D}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1836985063-1227399178-2863749298-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-1836985063-1227399178-2863749298-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-1836985063-1227399178-2863749298-1000 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-07-23] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
Toolbar: HKU\S-1-5-21-1836985063-1227399178-2863749298-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\zl8cx6uw.default [2018-08-27]
FF user.js: detected! => C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\zl8cx6uw.default\user.js [2014-10-09]
FF Homepage: Mozilla\Firefox\Profiles\zl8cx6uw.default -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\zl8cx6uw.default -> hxxp://www.istartsurf.com/newtab/?type=nt&ts=1 ... s3872s3872
FF Extension: (deskCut) - C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\zl8cx6uw.default\Extensions\deskCutv2@gmail.com [2015-11-07] [Legacy] [not signed]
FF Extension: (Adblock Plus) - C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\zl8cx6uw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-17] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\zl8cx6uw.default\extensions\deskCutv2@gmail.com
FF Plugin: @Allin1Convert_8h.com/Plugin -> C:\Program Files\Allin1Convert_8h\bar\1.bin\NP8hStub.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6341888 2018-07-23] (AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-16] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-07-23] (AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-16] (AVAST Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167552 2018-07-23] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188352 2018-07-23] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [164944 2018-07-23] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284328 2018-07-23] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57976 2018-07-23] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [189240 2018-07-23] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42808 2018-07-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [133680 2018-07-23] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [101056 2018-07-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [71848 2018-07-23] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784120 2018-07-23] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [394928 2018-08-25] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [162704 2018-07-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310784 2018-07-23] (AVAST Software)
S3 DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [X]
S3 PCDSRVC{AEEF1793-83875E70-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc.pkms [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-28 18:56 - 2018-08-28 18:58 - 000010186 _____ C:\Users\DELL\Downloads\FRST.txt
2018-08-28 18:56 - 2018-08-28 18:56 - 000000000 ____D C:\FRST
2018-08-28 18:55 - 2018-08-28 18:56 - 001773568 _____ (Farbar) C:\Users\DELL\Downloads\FRST.exe
2018-08-27 19:53 - 2018-08-27 19:55 - 000000000 ____D C:\AdwCleaner
2018-08-27 17:17 - 2018-08-27 19:34 - 870757421 _____ C:\Users\DELL\Downloads\PopStory 04. - Obchod a finance.mp4
2018-08-26 17:34 - 2018-08-26 18:18 - 785465344 _____ C:\Users\DELL\Downloads\psanec pres MultiLoad.cz.avi
2018-08-26 14:22 - 2018-08-26 15:11 - 844996608 _____ C:\Users\DELL\Downloads\Mlčení jehňátek=1991-Horor-DVD-CZ.avi
2018-08-26 11:09 - 2018-08-26 12:03 - 985889250 _____ C:\Users\DELL\Downloads\Celebrity.s.r.o.2015-cz-rodinny-film-komediaceska-republika-2015-avi-Jiri -Madl.avi
2018-08-25 18:17 - 2018-08-25 20:02 - 733927424 _____ C:\Users\DELL\Downloads\Sin City 2 Ženská, pro kterou bych vraždil (2014) CZ-Dabing NOVINKA.avi
2018-08-25 15:28 - 2018-08-25 17:11 - 1036552802 _____ C:\Users\DELL\Downloads\2005 Sin City - Město hříchu - cz.avi
2018-08-24 21:05 - 2018-08-12 21:20 - 847690476 _____ C:\Users\DELL\Downloads\Porota [2003].mp4
2018-08-24 21:04 - 2018-08-18 16:39 - 979752862 _____ C:\Users\DELL\Downloads\Striptýz=1996-Thriller-D.Moore-DVD-CZ.avi
2018-08-24 21:03 - 2018-08-12 19:35 - 879589932 _____ C:\Users\DELL\Downloads\PopStory 03. - Žánry a styly.mp4
2018-08-24 21:02 - 2018-08-08 19:14 - 872170874 _____ C:\Users\DELL\Downloads\PopStory 02. - Zvuky a média.mp4
2018-08-24 21:02 - 2018-05-14 21:09 - 434548738 _____ C:\Users\DELL\Downloads\Podfukáři 2 - (video.booster.cz) 360p.mp4
2018-08-24 21:01 - 2018-08-23 22:05 - 740376514 _____ C:\Users\DELL\Downloads\nezvratny--osud-5-cz.avi
2018-08-24 21:01 - 2018-08-18 12:05 - 432965858 _____ C:\Users\DELL\Downloads\Nebe peklo zem SR drama 2009 TVrip.avi
2018-08-24 21:00 - 2018-08-21 20:15 - 733931303 _____ C:\Users\DELL\Downloads\Nezvratny-osud-4-cz.avi
2018-08-24 21:00 - 2018-08-18 15:13 - 647725200 _____ C:\Users\DELL\Downloads\Hvězdy Velkého vozu_ Vaghe stelle dell'Orsa 1965 válečný.avi
2018-08-24 20:59 - 2018-08-19 19:44 - 734021424 _____ C:\Users\DELL\Downloads\nezvratny-osud-1-cz (1).avi
2018-08-24 20:58 - 2018-08-21 18:16 - 733908992 _____ C:\Users\DELL\Downloads\Nezvratný osud 3 CZ.avi
2018-08-24 20:58 - 2018-08-18 14:03 - 733792426 _____ C:\Users\DELL\Downloads\Harley Davidson a Marlboro Man (1991) CZ dab [w].avi
2018-08-24 20:57 - 2018-08-20 22:18 - 735051776 _____ C:\Users\DELL\Downloads\Nezvratny osud 2 CZ.avi
2018-08-24 20:57 - 2018-08-18 19:27 - 1217321006 _____ C:\Users\DELL\Downloads\Deja-Vu-CZ.avi
2018-08-24 20:56 - 2018-08-12 16:46 - 722563072 _____ C:\Users\DELL\Downloads\Soupeři(1977)EN+CZ titulky Zajin.avi
2018-08-24 20:56 - 2018-08-08 20:19 - 782288468 _____ C:\Users\DELL\Downloads\cerny-dest-1989-czdub-super-obraz-i-zvuk.avi
2018-08-24 20:30 - 2018-08-24 20:31 - 000146640 _____ C:\Windows\Minidump\082418-13150-01.dmp
2018-08-16 16:39 - 2018-08-16 16:39 - 000000000 ____D C:\Users\DELL\Documents\Fiala

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-28 18:14 - 2009-07-14 06:34 - 000028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-28 18:14 - 2009-07-14 06:34 - 000028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-28 16:20 - 2018-04-16 20:17 - 000000000 ____D C:\Users\DELL\AppData\Local\AVAST Software
2018-08-28 16:19 - 2015-11-01 16:36 - 000000000 ____D C:\Program Files\CCleaner
2018-08-28 16:18 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-27 22:08 - 2014-05-25 13:58 - 000000000 ____D C:\Users\DELL\AppData\Roaming\AIMP3
2018-08-27 21:52 - 2014-03-27 19:42 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Audacity
2018-08-27 21:29 - 2018-04-25 17:57 - 000000000 ____D C:\FFOutput
2018-08-27 20:07 - 2014-03-27 21:58 - 000000000 ____D C:\Users\DELL\Downloads\soft
2018-08-26 21:17 - 2014-05-01 15:55 - 000403968 _____ C:\Users\DELL\Documents\Putování Jana Kristofa.xls
2018-08-26 17:14 - 2016-04-02 11:57 - 000000000 ____D C:\Users\DELL\Documents\Spoje
2018-08-25 19:06 - 2017-04-02 13:32 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-25 16:00 - 2015-11-04 18:52 - 000394928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-08-25 15:55 - 2018-04-16 20:32 - 000002335 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-08-24 20:30 - 2014-05-19 16:57 - 000000000 ____D C:\Windows\Minidump
2018-08-16 16:33 - 2009-07-14 06:53 - 000032550 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-07-29 10:15 - 2011-04-12 03:37 - 002287596 _____ C:\Windows\system32\perfh005.dat
2018-07-29 10:15 - 2011-04-12 03:37 - 000708752 _____ C:\Windows\system32\perfc005.dat
2018-07-29 10:15 - 2010-11-20 23:01 - 000006232 _____ C:\Windows\system32\PerfStringBackup.INI

==================== Files in the root of some directories =======

2016-07-22 19:08 - 2016-07-22 19:11 - 000002326 _____ () C:\Users\DELL\AppData\Roaming\vidiot.ini
2014-07-20 17:32 - 2016-10-09 20:45 - 000004608 _____ () C:\Users\DELL\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-17 19:17 - 2017-12-29 16:20 - 000007604 _____ () C:\Users\DELL\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-12-26 21:04





==================== End of FRST.txt ============================


Addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23.08.2018
Ran by DELL (28-08-2018 18:59:15)
Running from C:\Users\DELL\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2014-03-26 17:19:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1836985063-1227399178-2863749298-500 - Administrator - Disabled)
DELL (S-1-5-21-1836985063-1227399178-2863749298-1000 - Administrator - Enabled) => C:\Users\DELL
Guest (S-1-5-21-1836985063-1227399178-2863749298-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1836985063-1227399178-2863749298-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.05 (HKLM\...\{23170F69-40C1-2701-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 30.0.0.113 - Adobe Systems Incorporated)
AIMP3 (HKLM\...\AIMP3) (Version: v3.55.1345, 26.03.2014 - AIMP DevTeam)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Avast Secure Browser (HKLM\...\Avast Secure Browser) (Version: 68.0.746.59 - AVAST Software)
Avast Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.72.1082 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.45 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
FFmpeg v0.6.2 for Audacity (HKLM\...\FFmpeg for Audacity_is1) (Version: - )
FormatFactory 4.3.0.0 (HKLM\...\FormatFactory) (Version: 4.3.0.0 - Free Time)
Fotogalerie (HKLM\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HP DeskJet 1110 series Nápověda (HKLM\...\{CF2836BD-089A-48D3-9EB8-23C67A909375}) (Version: 35.0.0 - Hewlett Packard)
HP Support Solutions Framework (HKLM\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office XP Small Business (HKLM\...\{91130405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MPVaK - verze pro zpracovatele (HKLM\...\{AD06B94D-FC9C-4256-98DA-D32D1E257424}) (Version: - )
MPVAK_Zprac (HKLM\...\{2F22E02D-A82B-4651-BE55-DE9739510B65}) (Version: 1.0.0 - V+WARE)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Základní software zařízení HP DeskJet 1110 series (HKLM\...\{39398593-5057-464C-AF9B-1A1DDC373D32}) (Version: 35.0.61.54677 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-07-23] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-07-23] (AVAST Software)
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-07-23] (AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-07-23] (AVAST Software)
ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05F48A58-8463-4BE3-B550-5F74281223AE} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-25] (AVAST Software)
Task: {0D10FEFD-04F0-41B7-8817-32D715BCF715} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {251AD713-5D0B-4F23-ADDB-C9E173D358A1} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-16] (AVAST Software)
Task: {2873927E-683F-442E-B70B-B64BAF975BED} - System32\Tasks\{0485810D-B9C9-477A-B35C-9E1DBBC81373} => C:\Windows\system32\pcalua.exe -a "E:\hp deskjet 3320 series\hpfiui.exe" -d "E:\hp deskjet 3320 series"
Task: {3956F67F-3FD5-4D52-909E-DB7166994958} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-01-31] (Google Inc.)
Task: {4576BF22-3AAC-4BEC-A527-96E47B11FF1D} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe
Task: {4C4AF43D-C2F8-40B5-94D7-1921EA1CAFEA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-07] (Adobe Systems Incorporated)
Task: {52CF5246-0FA5-45EB-9745-33CCEE9D74F1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-01-31] (Google Inc.)
Task: {55E20A01-1009-4013-B284-F79EF94E1C0F} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {70EC838B-0A64-423E-9C87-7FAACFF34E14} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-08-25] (AVAST Software)
Task: {94142E3F-0D05-46B5-97E0-5CB75B243A24} - System32\Tasks\{C961D0F9-F6D6-4AED-98C9-397D5C4FF668} => C:\Windows\system32\pcalua.exe -a C:\Users\DELL\Downloads\QuickTimeInstaller.exe -d C:\Users\DELL\Downloads
Task: {A3BCB1DE-EA5A-465C-A17A-821E069B0C9C} - System32\Tasks\{D533B453-D7E1-4068-B7D6-EC90B5913D3A} => C:\Windows\system32\pcalua.exe -a C:\Users\DELL\Downloads\ytd-1.50.exe -d C:\Users\DELL\Downloads
Task: {A77242EB-6B31-4443-A9F2-428C5F8AA116} - System32\Tasks\Opera scheduled Autoupdate 1516459669 => C:\Users\DELL\AppData\Local\Programs\Opera\launcher.exe
Task: {B06F4AE5-52E7-4DAD-827B-7BB90B7F3017} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-16] (AVAST Software)
Task: {C3D9DBB6-70AA-4C89-A7BB-7A17C8308069} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1836985063-1227399178-2863749298-1000
Task: {CA20B422-12D5-448D-B183-FAE5AA06C9CB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {CAB573C7-F457-4233-B10D-847A58558D9F} - System32\Tasks\{62C6D4DB-446D-46C9-9BF5-5E5233B75AF5} => C:\Program Files\FormatFactory\FFModules\Encoder\mplayer.exe [2016-04-07] ()
Task: {CBD6919C-AA57-4A0F-AB3D-C93F4D7A15A0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-07-20] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Mé stránky WWW v síti MSN\target.lnk -> hxxp://uk.msnusers.co

ShortcutWithArgument: C:\Users\DELL\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.imperiaonline.org/?ref_ad=src123

==================== Loaded Modules (Whitelisted) ==============

2018-07-23 20:31 - 2018-07-23 20:31 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-07-23 20:31 - 2018-07-23 20:31 - 000928984 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-07-23 20:30 - 2018-07-23 20:30 - 000532696 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-07-23 20:30 - 2018-07-23 20:30 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-07-23 20:30 - 2018-07-23 20:30 - 000985304 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-08-28 18:10 - 2018-08-28 18:10 - 005679248 _____ () C:\Program Files\AVAST Software\Avast\defs\18082802\algo.dll
2018-03-24 12:45 - 2018-03-24 12:45 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-07-23 20:30 - 2018-07-23 20:30 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [118]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1836985063-1227399178-2863749298-1000\...\dell.com -> dell.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2018-06-03 21:41 - 000000845 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1836985063-1227399178-2863749298-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D1195A9B-E7EF-4CD5-800C-8C21F4CB2CE4}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{DBC95ADA-B71A-4331-86CD-1C4EC4927156}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{691A58A6-3F50-4EEE-84D3-9C5807C1E584}] => (Allow) LPort=2869
FirewallRules: [{EBBECFC4-300F-4F0D-8E6A-B10E74A0B5CE}] => (Allow) LPort=1900
FirewallRules: [{C178005D-7D21-4895-95D7-A8F0F5F0EB39}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{F1405E2E-35FC-4A9C-9C97-4D66683DDC7D}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe
FirewallRules: [{A40D0EAE-9710-416F-8107-57814479CA5A}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe
FirewallRules: [{5BC15F71-5107-41D6-870E-B4AEFCB31BA6}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{857C6A30-E80D-4957-8D68-A72E89FA95AF}] => (Allow) C:\Program Files\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [{9769E2AE-4A42-432D-A4FF-EB14D29445C4}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe
FirewallRules: [{736ED7F7-2371-47E5-B9B6-3ABC06D169FD}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{D240A3A6-7B14-4A8A-977B-5925429E3535}] => (Allow) C:\Program Files\HP\HP DeskJet 1110 series\Bin\USBSetup.exe
FirewallRules: [{4D493D58-5987-4F53-B370-148E39BA119E}] => (Allow) C:\Program Files\HP\HP DeskJet 1110 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{6C222DBC-9FA0-4C01-AC9E-2895EEF43FA3}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{977DE424-3EDE-45EE-9D73-18F962CBF21C}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe
FirewallRules: [{EA7F8E2B-8E65-46B9-9A11-EF402DD438CB}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{874F110D-6909-43F6-AA55-910A9A4EE209}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe
FirewallRules: [{4DBE29F1-5D42-4BFD-BE53-5BF22AB0F405}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe
FirewallRules: [{F0484816-5251-41B9-B25C-F49782DAAB64}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{54FB11A1-BFE5-4FA6-A106-C76F8E8F8509}] => (Allow) C:\Program Files\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [{FD87EBCE-37EB-4825-AD71-FF8AC01D4797}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{2F6ABD89-3AA7-4D72-A38A-47678580C6F6}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe
FirewallRules: [{D9D13693-C168-4FAC-8387-EE5A0DA59BAF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{3C215ADF-B15D-4D4F-A17B-18E9BFBED2D5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{81C6C138-1D27-4AB6-AD70-8D3440660801}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{C73C4A17-B963-4AAB-BA6C-158900589CFF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{9E8CDC67-3D6F-4004-92A2-D89B56DC6C6E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/27/2018 06:31:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iexplore.exe, verze: 11.0.9600.18838, časové razítko: 0x59e1a862
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.23915, časové razítko: 0x59b94a7d
Kód výjimky: 0xc0000005
Posun chyby: 0x000529ac
ID chybujícího procesu: 0x5a4
Čas spuštění chybující aplikace: 0x01d43e22b2c499bf
Cesta k chybující aplikaci: C:\Program Files\Internet Explorer\iexplore.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 9d553fff-aa16-11e8-a343-002170d84af0

Error: (08/27/2018 06:28:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program iexplore.exe verze 11.0.9600.18838 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1528

Čas spuštění: 01d43e1f6d6a27a7

Čas ukončení: 94

Cesta k aplikaci: C:\Program Files\Internet Explorer\iexplore.exe

ID hlášení:

Error: (08/27/2018 06:06:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program iexplore.exe verze 11.0.9600.18838 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 16cc

Čas spuštění: 01d43e1f69d2c75b

Čas ukončení: 50

Cesta k aplikaci: C:\Program Files\Internet Explorer\iexplore.exe

ID hlášení:

Error: (08/26/2018 08:12:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iexplore.exe, verze: 11.0.9600.18838, časové razítko: 0x59e1a862
Název chybujícího modulu: IEFRAME.dll, verze: 11.0.9600.18838, časové razítko: 0x59e1ae73
Kód výjimky: 0xc0000005
Posun chyby: 0x00512561
ID chybujícího procesu: 0xd54
Čas spuštění chybující aplikace: 0x01d43d2b867f7104
Cesta k chybující aplikaci: C:\Program Files\Internet Explorer\iexplore.exe
Cesta k chybujícímu modulu: C:\Windows\system32\IEFRAME.dll
ID zprávy: 92886f2c-a95b-11e8-a168-002170d84af0

Error: (08/26/2018 04:37:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program iexplore.exe verze 11.0.9600.18838 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1770

Čas spuštění: 01d43d2e808779b4

Čas ukončení: 520

Cesta k aplikaci: C:\Program Files\Internet Explorer\iexplore.exe

ID hlášení:

Error: (08/26/2018 03:55:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program iexplore.exe verze 11.0.9600.18838 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: bd4

Čas spuštění: 01d43d440373866e

Čas ukončení: 60

Cesta k aplikaci: C:\Program Files\Internet Explorer\iexplore.exe

ID hlášení:

Error: (08/26/2018 11:25:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program iexplore.exe verze 11.0.9600.18838 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: da0

Čas spuštění: 01d43d17cc5813cd

Čas ukončení: 163

Cesta k aplikaci: C:\Program Files\Internet Explorer\iexplore.exe

ID hlášení:

Error: (08/26/2018 11:13:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iexplore.exe, verze: 11.0.9600.18838, časové razítko: 0x59e1a862
Název chybujícího modulu: jscript9.dll, verze: 11.0.9600.18838, časové razítko: 0x59e1af80
Kód výjimky: 0xc0000005
Posun chyby: 0x000a0fe7
ID chybujícího procesu: 0x156c
Čas spuštění chybující aplikace: 0x01d43d17076f3c67
Cesta k chybující aplikaci: C:\Program Files\Internet Explorer\iexplore.exe
Cesta k chybujícímu modulu: C:\Windows\System32\jscript9.dll
ID zprávy: 3feaedc5-a910-11e8-96f7-002170d84af0


System errors:
=============
Error: (08/27/2018 07:58:25 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby SysMain bylo dosaženo časového limitu (30000 ms).

Error: (08/27/2018 07:55:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/27/2018 07:55:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (08/27/2018 07:55:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Machine Debug Manager byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/27/2018 07:55:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (08/27/2018 07:37:29 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Firmware platformy při předchozím přechodu systémového napájení poškodil paměť. Zkontrolujte dostupnost aktualizovaného firmwaru pro váš systém.

Error: (08/26/2018 08:11:16 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby lmhosts bylo dosaženo časového limitu (30000 ms).

Error: (08/26/2018 07:04:27 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 20.


Windows Defender:
===================================
Date: 2016-03-30 06:48:49.479
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{ADF701B3-5857-40C2-8157-7FC403386671}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2015-12-29 09:03:40.556
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{73A69DC1-B82B-4E95-A72D-C5E9C56740A2}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2015-11-07 17:21:45.582
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=166246
Název:Adware:Win32/EoRezo
ID:166246
Závažnost:Vysoké
Kategorie:Software placený zobrazováním reklamy
Nalezeno v cestě:containerfile:C:\Program Files\gmsd_re_004010007\predm.exe;file:C:\Program Files\gmsd_re_004010007\gmsd_re_004010007.exe;file:C:\Program Files\gmsd_re_004010007\predm.exe->(innosetupdata);process:pid:6000;process:pid:6420
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:

Date: 2015-11-07 17:18:19.812
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=166246
Název:Adware:Win32/EoRezo
ID:166246
Závažnost:Vysoké
Kategorie:Software placený zobrazováním reklamy
Nalezeno v cestě:file:C:\Program Files\gmsd_re_004010007\gmsd_re_004010007.exe;process:pid:6000
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:

Date: 2016-06-25 19:52:05.152
Description:
Modul programu %1 byl ukončen v důsledku neočekávané chyby.
Typ chyby:%5
Kód výjimky:%6
Zdroj:%3

Date: 2016-05-31 18:56:48.578
Description:
Modul programu %1 byl ukončen v důsledku neočekávané chyby.
Typ chyby:%5
Kód výjimky:%6
Zdroj:%3

Date: 2016-05-28 13:46:19.774
Description:
Modul programu %1 byl ukončen v důsledku neočekávané chyby.
Typ chyby:%5
Kód výjimky:%6
Zdroj:%3

Date: 2016-02-17 18:17:29.099
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.213.6320.0
Předchozí verze podpisu:1.213.5162.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.12400.0
Předchozí verze modulu:1.1.12400.0
Kód chyby:0x8050a004
Popis chyby:Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.

Date: 2016-02-17 17:57:29.327
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x8050a004
Popis chyby:Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Verze podpisu:1.213.6009.0
Verze modulu:1.1.12400.0

CodeIntegrity:
===================================

Date: 2018-06-03 21:17:06.450
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\2b0d3d300b45c455e76d6a3d98d43dda\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23543_none_59bb777e29a07572\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-06-03 21:17:06.127
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\2b0d3d300b45c455e76d6a3d98d43dda\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23543_none_59bb777e29a07572\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-06-03 21:17:05.755
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\2b0d3d300b45c455e76d6a3d98d43dda\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23543_none_59bb777e29a07572\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-06-03 21:17:05.445
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\2b0d3d300b45c455e76d6a3d98d43dda\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23543_none_59bb777e29a07572\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-06-03 19:08:07.984
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\2b0d3d300b45c455e76d6a3d98d43dda\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23543_none_59bb777e29a07572\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-06-03 19:08:07.891
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\2b0d3d300b45c455e76d6a3d98d43dda\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23543_none_59bb777e29a07572\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-06-03 19:08:07.796
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\2b0d3d300b45c455e76d6a3d98d43dda\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23543_none_59bb777e29a07572\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-06-03 19:08:07.687
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SoftwareDistribution\Download\2b0d3d300b45c455e76d6a3d98d43dda\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23543_none_59bb777e29a07572\appidapi.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz
Percentage of memory in use: 46%
Total physical RAM: 2037.97 MB
Available physical RAM: 1086.73 MB
Total Virtual: 3900.46 MB
Available Virtual: 2865.35 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.43 GB) (Free:1.85 GB) NTFS

\\?\Volume{5ffa9bcb-b508-11e3-a696-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 74.5 GB) (Disk ID: 22B5EF05)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74.4 GB) - (Type=07 NTFS)


==================== End of Addition.txt ============================


Omlouvám se, do konce týdne budu mimo ČR. Ještě se sem můžu večer v krátkosti mrknout, ale další raději v pondělí.
Děkuji za pochopení.

[Conder]

Otazka, preco nepouzivas skor nejaky iny prehliadac, napr. Firefox alebo Chrome?

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  CMD: type "C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\zl8cx6uw.default\user.js"
  
  HKU\S-1-5-21-1836985063-1227399178-2863749298-1000\...\MountPoints2: {df5bc41b-5333-11e7-a7f5-002170d84af0} - E:\autorun.exe
  BootExecute: autocheck autochk * sdnclean.exe
  HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
  HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
  HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
  HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
  SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
  SearchScopes: HKU\S-1-5-21-1836985063-1227399178-2863749298-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
  SearchScopes: HKU\S-1-5-21-1836985063-1227399178-2863749298-1000 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = 
  Toolbar: HKU\S-1-5-21-1836985063-1227399178-2863749298-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
  FF user.js: detected! => C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\zl8cx6uw.default\user.js [2014-10-09]
  FF NewTab: Mozilla\Firefox\Profiles\zl8cx6uw.default -> hxxp://www.istartsurf.com/newtab/?type=nt&ts=1446913004&z=a8f05d72fd44b8e65aa2753g0z8z1q5t5gbc1ebe9z&from=tugss&uid=wdcxwd800bevt-75zct2_wd-wxe908ls3872s3872
  FF Extension: (deskCut) - C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\zl8cx6uw.default\Extensions\deskCutv2@gmail.com [2015-11-07] [Legacy] [not signed]
  FF Plugin: @Allin1Convert_8h.com/Plugin -> C:\Program Files\Allin1Convert_8h\bar\1.bin\NP8hStub.dll [No File]
  FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
  S3 DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [X]
  S3 PCDSRVC{AEEF1793-83875E70-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc.pkms [X]
  ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} =>  -> No File
  ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} =>  -> No File
  ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} =>  -> No File
  Task: {94142E3F-0D05-46B5-97E0-5CB75B243A24} - System32\Tasks\{C961D0F9-F6D6-4AED-98C9-397D5C4FF668} => C:\Windows\system32\pcalua.exe -a C:\Users\DELL\Downloads\QuickTimeInstaller.exe -d C:\Users\DELL\Downloads
  Task: {A3BCB1DE-EA5A-465C-A17A-821E069B0C9C} - System32\Tasks\{D533B453-D7E1-4068-B7D6-EC90B5913D3A} => C:\Windows\system32\pcalua.exe -a C:\Users\DELL\Downloads\ytd-1.50.exe -d C:\Users\DELL\Downloads
  Task: {CA20B422-12D5-448D-B183-FAE5AA06C9CB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
  AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [118]
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[marteza]

Proč IE? Chrome požíváme v práci - je rychlý, ale tak jednoduchý, až je primitivní. Mozillu jsem kdysi zkoušel. ale nějak mě nezaujala. Jsem ryze konzervativní člověk, notebook je tuším z roku 2006, mobil mám asi stejně tak starý, ...


Fix result of Farbar Recovery Scan Tool (x86) Version: 23.08.2018
Ran by DELL (28-08-2018 21:51:23) Run:1
Running from C:\Users\DELL\Desktop
Loaded Profiles: DELL (Available Profiles: DELL)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
CMD: type "C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\zl8cx6uw.default\user.js"

HKU\S-1-5-21-1836985063-1227399178-2863749298-1000\...\MountPoints2: {df5bc41b-5333-11e7-a7f5-002170d84af0} - E:\autorun.exe
BootExecute: autocheck autochk * sdnclean.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-1836985063-1227399178-2863749298-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-1836985063-1227399178-2863749298-1000 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
Toolbar: HKU\S-1-5-21-1836985063-1227399178-2863749298-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF user.js: detected! => C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\zl8cx6uw.default\user.js [2014-10-09]
FF NewTab: Mozilla\Firefox\Profiles\zl8cx6uw.default -> hxxp://www.istartsurf.com/newtab/?type=nt&ts=1 ... s3872s3872
FF Extension: (deskCut) - C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\zl8cx6uw.default\Extensions\deskCutv2@gmail.com [2015-11-07] [Legacy] [not signed]
FF Plugin: @Allin1Convert_8h.com/Plugin -> C:\Program Files\Allin1Convert_8h\bar\1.bin\NP8hStub.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
S3 DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [X]
S3 PCDSRVC{AEEF1793-83875E70-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc.pkms [X]
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
Task: {94142E3F-0D05-46B5-97E0-5CB75B243A24} - System32\Tasks\{C961D0F9-F6D6-4AED-98C9-397D5C4FF668} => C:\Windows\system32\pcalua.exe -a C:\Users\DELL\Downloads\QuickTimeInstaller.exe -d C:\Users\DELL\Downloads
Task: {A3BCB1DE-EA5A-465C-A17A-821E069B0C9C} - System32\Tasks\{D533B453-D7E1-4068-B7D6-EC90B5913D3A} => C:\Windows\system32\pcalua.exe -a C:\Users\DELL\Downloads\ytd-1.50.exe -d C:\Users\DELL\Downloads
Task: {CA20B422-12D5-448D-B183-FAE5AA06C9CB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [118]

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 5
Average :
Sum : 1780478
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========


========= type "C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\zl8cx6uw.default\user.js" =========














========= End of CMD: =========

"HKU\S-1-5-21-1836985063-1227399178-2863749298-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df5bc41b-5333-11e7-a7f5-002170d84af0}" => removed successfully.
HKLM\Software\Classes\CLSID\{df5bc41b-5333-11e7-a7f5-002170d84af0} => not found
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-1836985063-1227399178-2863749298-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => removed successfully.
HKLM\Software\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => not found
"HKU\S-1-5-21-1836985063-1227399178-2863749298-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}" => removed successfully.
HKLM\Software\Classes\CLSID\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} => not found
"HKU\S-1-5-21-1836985063-1227399178-2863749298-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully.
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\zl8cx6uw.default\user.js => moved successfully
"Firefox newtab" => removed successfully.
C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\zl8cx6uw.default\Extensions\deskCutv2@gmail.com => moved successfully
"HKLM\Software\MozillaPlugins\@Allin1Convert_8h.com/Plugin" => removed successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully.
"HKLM\System\CurrentControlSet\Services\DrvAgent32" => removed successfully.
DrvAgent32 => service removed successfully.
"HKLM\System\CurrentControlSet\Services\PCDSRVC{AEEF1793-83875E70-06020200}_0" => removed successfully.
PCDSRVC{AEEF1793-83875E70-06020200}_0 => service removed successfully.
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SpyEmergency" => removed successfully.
HKLM\Software\Classes\CLSID\{2E9FFF5C-4375-494d-951F-098BAA42239E} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\SpyEmergency" => removed successfully.
HKLM\Software\Classes\CLSID\{2E9FFF5C-4375-494d-951F-098BAA42239E} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SpyEmergency" => removed successfully.
HKLM\Software\Classes\CLSID\{2E9FFF5C-4375-494d-951F-098BAA42239E} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94142E3F-0D05-46B5-97E0-5CB75B243A24}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94142E3F-0D05-46B5-97E0-5CB75B243A24}" => removed successfully.
C:\Windows\System32\Tasks\{C961D0F9-F6D6-4AED-98C9-397D5C4FF668} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C961D0F9-F6D6-4AED-98C9-397D5C4FF668}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A3BCB1DE-EA5A-465C-A17A-821E069B0C9C}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3BCB1DE-EA5A-465C-A17A-821E069B0C9C}" => removed successfully.
C:\Windows\System32\Tasks\{D533B453-D7E1-4068-B7D6-EC90B5913D3A} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D533B453-D7E1-4068-B7D6-EC90B5913D3A}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA20B422-12D5-448D-B183-FAE5AA06C9CB}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => not found
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 76081192 B
Java, Flash, Steam htmlcache => 2267 B
Windows/system/drivers => 3542213 B
Edge => 0 B
Chrome => 0 B
Firefox => 3667901 B
Opera => 308748 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66356 B
LocalService => 66228 B
NetworkService => 72068 B
DELL => 5276713433 B

RecycleBin => 0 B
EmptyTemp: => 5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:58:14 ====

[Conder]

A ma IE nieco, co Chrome nie?

Nastala nejaka zmena?

Odporucam doinstalovat vsetky dolezite aktualizacie cez Windows Update, su to zaplaty okrem ineho aj pre IE.

[marteza]

Má. Má tradici a prvenství.

Změna nenastala žádná, totiž chybové hlášení vypadá kapku jinak: K větě Error in BaseParams.new. přibylo Reference error: Objekt $ není definován. Týka se pouze stránek IDOSu, tedy jízdní řády vlaků a autobusů. Pro mne veledůležitá aplikace.

Pokud chci vyhledat aktualizace tak: SlužbaWindows Update nyní nemůže vyhledat aktualizace, protože tato služba není spuštěna. Zřejmě bude nutné restartovat počítač.
(ale to k ničemu nevede)

[Conder]

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  CMD: sc config "wuauserv" start= auto
  CMD: net stop wuauserv
  CMD: net stop bits
  C:\windows\SoftwareDistribution
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Nasledne skus znovu vyhladat aktualizacie.

[marteza]

Zdravím,
po návratu z dovolené se mi zatím nepodařilo situaci "nasimulovat". Že by bylo vyhráno? Mám udělat předchozí krok? Ovšem problém s instalacemi aktualizací trvá (viz. výše). Rovněž jsem zjistil, že nejde spustit Windows Defender, protože systém je blokován zásadami skupiny, kód chyby 0x800704ec.

[Conder]

V PC je uz nainstalovany Avast AV, preto sa Windows Defender vypol.

Ano, spusti aj ten posledny fixlist a posli vysledny fixlog, malo by to opravit tie Windows aktualizacie.

[marteza]

Omlouvám se za den zpoždění, včera večer mě nějak zmohla únava.
Aktualizace počítač vyhledává, problém se stránkami je možná pryč, jak jsem psal včera, tady je log:

Fix result of Farbar Recovery Scan Tool (x86) Version: 23.08.2018
Ran by DELL (04-09-2018 17:02:45) Run:2
Running from C:\Users\DELL\Desktop
Loaded Profiles: DELL (Available Profiles: DELL)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

CMD: sc config "wuauserv" start= auto
CMD: net stop wuauserv
CMD: net stop bits
C:\windows\SoftwareDistribution

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= sc config "wuauserv" start= auto =========

[SC] ChangeServiceConfig ŁspŘch

========= End of CMD: =========


========= net stop wuauserv =========

Zastavov nˇ slu§by Windows Update.
Slu§ba Windows Update byla ŁspŘçnŘ zastavena.


========= End of CMD: =========


========= net stop bits =========

Zastavov nˇ slu§by Slu§ba inteligentnˇho pýenosu na pozadˇ..
Slu§ba Slu§ba inteligentnˇho pýenosu na pozadˇ byla ŁspŘçnŘ zastavena.


========= End of CMD: =========

C:\windows\SoftwareDistribution => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24856918 B
Java, Flash, Steam htmlcache => 1088 B
Windows/system/drivers => 3416 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
LocalService => 0 B
NetworkService => 0 B
DELL => 553759827 B

RecycleBin => 0 B
EmptyTemp: => 551.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:07:42 ====

Ještě otázku: Proč Defender neběží ani při vypnutých štítech Avastu? Je to normální?

[marteza]

Po stažení a instalaci (skoro) všech instalací: Došlo k neznámé chybě Kód 800F020B.

[marteza]

Po restartu: Všechny aktualizace byly nainstalovány, kromě jedné (týkala se připojení tiskárny, nebo něco takového).