Jak odstranit hrozbu nalezenou Comodem?

[vlazy]

Používám antivirus COMODO a provedl jsem s ním kontrolu celého počítače. Nalezlo mi to nějakou jednu hrozbu tak jak je to vidět na obrázku.

comodo1.jpg (85.81 KiB) Zobrazeno 2218 x

Kliknul jsem na "Použít" a COMODO se tvářil, že tu hrozbu odstranil. Chtěl ale ještě restart aby se ověřilo jestli to opravdu bylo odstraněné. Po restartu mi COMODO zobrazil, že vyčištění selhalo a tím to skončilo.
Nyní by mne zajímalo o jakou hrozbu se jedná, jak hodně je nebezpečná a jak to odstranit nebo co s tím pokud je žádoucí s tím něco dělat.
Je tam v tom uvedené COMODO. Že by i antivir COMODO byl napadený nějakou hrozbou?
Já se v těchto věcech téměř vůbec nevyznám a tak nevím co s tím.

[vlazy]

Ještě přikládám do přílohy soubor zip s logy z FRST kdyby to bylo k něčemu dobré a doufám, že mi snad někdo dokážete něco poradit ohledně té hrozby kterou mi našel COMODO. Do mého prvního příspěvku to bohužel nejde jako text ani zazipovaná příloha vložit a tak to zasílám v dalším příspěvku. Snad to takto nebude vadit.

[Conder]

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

[vlazy]

Tak dávám zde ten log z AdwCleaner. Vidím v tom logu několikrát AVG. Nemá to náhodou nějakou souvislost s antivirem AVG? Antivir AVG jsem kdysi používal, ale už dávno jsem ho odinstaloval, ale je možné, že v počítači zůstaly nějaké zbytky které se pořádně neodinstalovaly. Co se tím AdwCleanerem docílilo nebo jaký to mělo význam? V tom AdwCleaneru vidím v karanténě nějaké soubory (záznamy), to můžu nechat všechno bezpečně odstranit aniž bych si tím nadělal nějaké zbytečné problémy? A co ta hrozba kterou mi nalezl a neodstranil COMODO? Jak nyní postupovat dál pokud je dobré ještě něco provést, zkontrolovat atp.?

# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: 2018-09-12.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-14-2018
# Duration: 00:00:09
# OS: Windows 10 Home
# Cleaned: 60
# Failed: 3


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Admin\AppData\LocalLow\HPAppData

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.banggood.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\banggood.com
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Deleted HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Deleted HKLM\Software\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAC94FEE-45B4-4FD4-9EEA-D8978EC96C6E}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6BE0FB-8B18-4DFC-959F-233651CC4D7F}
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ak.staticimgfarm.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.myplaycity.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\myplaycity.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\surveymyopinion.researchnow.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\survey-d.researchnow.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\researchnow.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.izito.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.izito.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\izito.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\izito.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\wlogin.icq.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.icq.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.srovnanicen.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.slunecnice.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.parafia.slopnice.pl
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.estavebnice.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.ceskedalnice.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.brutalniceny.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.bohnice.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.akcniceny.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\stavebnice-merkur.heureka.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\srovnanicen.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\slunecnice.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\slopnice.pl
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sety-klavesnice-mysi.heureka.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\loznice.bydleniprokazdeho.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\klavesnice.info
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\klavesnice.heureka.sk
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\klavesnice.heureka.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\jadwigachojnice.eu
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\estavebnice.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\brutalniceny.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akcniceny.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\radiorage.dl.tb.ask.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\packagetracer.dl.tb.ask.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\gamingwonderland.dl.tb.ask.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\easypdfcombine.dl.tb.ask.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.solvusoft.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\solvusoft.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.mobogenie.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mobogenie.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.multistream.tv
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\multistream.tv
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\multistream.com.co
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Not Deleted https://mysearch.avg.com?cid={4669E67E- ... 2014-08-30 10:24:11&v=18.1.9.799&pid=safeguard&sg=&sap=hp
Not Deleted https://mysearch.avg.com?cid={4669E67E- ... 2014-08-30 10:24:11&v=18.1.9.799&pid=safeguard&sg=&sap=hp
Deleted AVG Secure Search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Not Deleted mysearch.avg.com


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [8726 octets] - [14/09/2018 19:56:52]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Conder]

AdwCelaner sluzi na premazanie PC najma od neziaduceho reklamneho balastu. Karantenu AdwCleaneru na konci aj tak zmazeme, ale mozes ju odstranit aj teraz. AVG v logu AdwCleaneru je web "mysearch.avg.com", ktory sa tam zrejme dostal cez adware.

Poprosim o obidva nove logy z FRST a docistime to este.

[vlazy]

Tu karanténu AdwCleaneru jsem nechal vymazat. Nastaly ale asi problémy s FRST. Při spuštění mne COMODO upozornil, že RFST64.exe se pokouší o přístup k chráněnému COM rozhraní, tak jak je to vidět na obrázku který přikládám v zazipované příloze. Nechal jsem "Povolit" a spustil skenování které proběhlo bez problému a na konci se zobrazily výsledky v FRST.txt a Addition.txt. Když nyní ty 2 soubory chci uložít do složky tak mi to hlásí, že tyto soubory už tam jsou. Ve složce kde jsem je chtěl ukládat je ale nikde nevidím (není tam jejích ikona). Když jsem do té složky přidal obrázek s upozorněním od COMODO tak celková velikost složky je trochu větší než ten samotný obrázek. Podle toho usuzují, že kromě toho obrázku v té složce je asi i ještě něco víc (možná ty 2 txt soubory) co se tam ale nezobrazuje v podobě ikony. Celou složku jsem zkomprimoval do zip souboru a zasílám ji v příloze. Snad na jiném počítači se tam ty 2 soubory txt s výsledkem skenování z FRST zobrazí a půjdou otevřít. Připadá mi to, že s mým počítačem se asi děje něco nedobrého a dost mne to znepokojuje.
Jinak včera večer jsem provedl kontrolu programem Malwarebytes a nic nežádoucího mi to nenašlo.

Jinak už dost dlouho mám dost pomalý počítač. Připadá mi to, že příčinou toho zpomalování by mohly být prohlížeče Firefox a IE které nejvíce používám a na kterých mám ve zvyku (možná je to zlozvyk) mít otevřené současně docela dost panelů. Když počítač restartuji a pak pročistím CCleanerem tak se mi na chvíli počítač zrychlí, ale pak se zase začne zpomalovat. V poslední době mi také často dělá problémy i myš tím, že pochyb kurzoru se zpomaluje nebo i na chvíli zcela zasekne. Nepředpokládám ale, že by to mohl být nějaký problém přímo s myší protože tu mám novou 1,5 měsíce starou bezdrátovou HP X3000 Wireless Mouse. Můj počítač je už 7,5 let starý a tak od něho asi nepůjde očekávat nějakou závratnou rychlost, ale i tak si myslím, že to co se s ním v poslední už delší době děje není zcela normální a předpokládám i když to nemohu nijak potvrdit, že příčinou toho všeho by mohly být nějaké nežádoucí šmejdy které mi v počítači řádí a dělají neplechu. Byl bych rád kdyby se to povedlo nějak vyřešit. Já se v takových věcech ale příliš nevyznám a tak nevím jestli na to budu stačit a dokážu to pořešít bez toho aniž bych si tím nadělal více problémů než užitku. Snad mi i na to dokážete někdo něco poradit.

[Conder]

Skus docasne vypnut Comodo a spusti sken este raz. Logy sa vytvoria v zlozke, z ktorej bol FRST spusteny. V prilozenom archive je iba screenshot, logy tam nie su.

[vlazy]

Tak jsem to ještě jednou zkusil při vypnutým COMODO, ale bohužel je to i tak pořád stejné. Po dokončení skenování tím FRST se zobrazí ty 2 soubory txt s logy, ale ve složce ze které jsem ten FRST spustil je nevidím. Když ale chci ty soubory s logy které se mi zobrazily uložit do té složky tak mi to ukazuje, že v té složce už ty soubory jsou. Když si nechám zobrazít vlastnosti té složky tak mi to ukazuje, že složka obsahuje 1 souborů, 0 složek. Napadlo mne zkusit restartovat počítač jestli se to náhodou po restartu tam nezobrazí, ale bohužel i po restartu je to stejné jako před ním. Připadá mi to dost hodně podivné.

ulozit jako.jpg (107.13 KiB) Zobrazeno 2177 x

A co to zpomalování počítače a myši. Dá se i s tím něco dělat?

[Conder]

FRST uloz priamo na plochu a odtial ho aj spusti. Logy sa potom tiez vytvoria na ploche, staci ich otvorit, skopirovat obsah a vlozit sem.

[vlazy]

Tak konečně se to povedlo. Předpokládám, že asi jde o to, že před každým novým skenováním asi musí být ten FRST nově stáhnutý z internetu a je asi jedno kde je uložený a asi to nemusí být pouze plocha. Pokud to tak je tak tato podle mého názoru důležitá informace chybí v návodu který zde k tomu je. Předtím jsem to skenoval stále stejným FRST a to dělalo mnou uváděné problémy. Nyní zasílám výsledky (logy) z toho FRST zazipované v příloze a snad to tak nyní už bude v pořádku. Nyní bych prosil další postup jak dál postupovat a co se tím zjistilo nebo vyřešilo.

A co to zpomalování počítače a myši jak jsem o tom psal. Dá se i s tím něco dělat?

[Conder]

FRST nie je potrebne stahovat znovu pred kazdym spustenim. Navyse sa pri spusteni automaticky aktualizuje. Neviem kde bol v tvojom pripade problem. Uvidime co sa da robit, ale PC vyzera viacmenej cisty.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  File: C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
  File: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2016\DfsdkS64.exe
  File: C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
  File: C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
  File: C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
  File: C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe
  File: C:\WINDOWS\ehome\ehPrivJob.exe
  File: C:\Users\Admin\Desktop\Instalace\CRYPTEXT 3.4\CRYPTEXT.EXE
  File: C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
  
  HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
  Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
  Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
  FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll [No File]
  CHR HomePage: Default -> hxxps://mysearch.avg.com?cid={4669E67E-67FC-4DE9-AA61-3A65CEEE972E}&mid=a35fcc87b5c847d2a3b06de7836a7dd3-37426f6650395e3706f1825e059166d843a24dec&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-08-30 10:24:11&v=18.1.9.799&pid=safeguard&sg=&sap=hp
  CHR StartupUrls: Default -> "hxxps://mysearch.avg.com?cid={4669E67E-67FC-4DE9-AA61-3A65CEEE972E}&mid=a35fcc87b5c847d2a3b06de7836a7dd3-37426f6650395e3706f1825e059166d843a24dec&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-08-30 10:24:11&v=18.1.9.799&pid=safeguard&sg=&sap=hp"
  U3 aswbdisk; no ImagePath
  U3 idsvc; no ImagePath
  
  ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
  ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
  ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
  ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> No File
  ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
  Task: {0075047A-0C17-406E-B0CC-169ED3A1DF66} - System32\Tasks\{2ED52D4E-05E5-46E5-964D-94324713081D} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
  Task: {043AF31D-66A7-4986-B59B-6547AEE091C4} - System32\Tasks\{D0E5CACA-B5FB-45B9-A0D4-CCFEFB10E29D} => C:\Users\Admin\Desktop\Instalace\CRYPTEXT 3.4\CRYPTEXT.EXE
  Task: {048E9D9B-15E4-4767-8454-1E87DD66C8CF} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
  Task: {04B0D92D-5994-451B-BA91-31DBA823211D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
  Task: {08BB75DD-EF20-4E5E-BF82-2129B5B6519F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
  Task: {0D1794D5-39F4-4E28-9E51-9F95938A44E0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
  Task: {1673453B-07AE-4418-BCA6-6136169CDDDF} - System32\Tasks\{7E77A8B1-A1DD-4AF4-8130-6A804C6F99A7} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
  Task: {26417ACD-D4D6-4F96-A194-820D3FBDEB94} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
  Task: {2A8C4295-C887-4EED-923F-BB2AE202F7D5} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
  Task: {2CEA2CD7-230E-410D-A51F-8509E4F119B2} - System32\Tasks\{F5C44B8F-8860-4551-AFD4-3A438D270FF1} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
  Task: {31BDBED9-543F-49C0-8A51-ABD6269AC2F0} - System32\Tasks\{2E595A9D-E2D3-4C88-8A43-87C069FAAF28} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
  Task: {37481F78-7791-48E4-ADCC-547E7029C6B7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
  Task: {3AD2C34A-2002-4341-AE79-BDC2FFA1DB78} - System32\Tasks\{5B0DEB96-FAA3-43A6-9A9A-54C6C5DB7120} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
  Task: {41E0A35D-BC5C-4040-AE94-1E15C04D8D7C} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
  Task: {429C0586-605D-4D14-B07D-AEDC0C607A8A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
  Task: {49631686-F098-40DB-AE5E-F0D10CAC1F10} - System32\Tasks\{DA70EFF7-C408-4214-BCF5-78D3FC95E92B} => C:\Users\Admin\Desktop\STAŽENÉ\WonderFoxDVDVideoConverter86-dp4fh72\Setup.exe
  Task: {64684BB1-5728-4E15-84D2-A0A61BAF31A8} - System32\Tasks\{84D29ABF-E1DB-4FD0-9999-806D3ECD4399} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
  Task: {86D4A4EF-B209-47C8-96E3-2632C491E8CC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
  Task: {9599259D-D7C3-4321-84B5-ACF6DBBE6498} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
  Task: {A6D2C352-6F0F-469A-868C-D65562BF2C72} - System32\Tasks\{FD92923C-BEFD-4F94-ABE9-7A4F66D0FD48} => C:\Users\Admin\Desktop\Instalace\CRYPTEXT 3.4\CRYPTEXT.EXE
  Task: {ABCCFB85-EE70-4A94-8475-2EE359028D85} - System32\Tasks\{A8162E04-5A43-448C-8A5B-552E875F0DEC} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
  Task: {B5ACD352-105B-4B8D-BEC4-365C7DCBB2BC} - System32\Tasks\{440D0B85-4D03-46F6-997F-82E7E7DED13A} => C:\Users\Admin\Desktop\Instalace\CRYPTEXT 3.4\CRYPTEXT.EXE
  Task: {BD6A7DB3-C908-4349-BACE-F7D6BF085806} - System32\Tasks\{86825F77-39FB-4048-894B-8FA83566CCE5} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
  Task: {BDF80F5B-B0BB-4C07-AAAF-C48DBCFF0FB8} - System32\Tasks\{0817238E-3D33-4326-990E-02EE743E5F9D} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Handset Manager\Install.exe" -d "C:\Program Files (x86)\Handset Manager"
  Task: {C00868FC-56BC-4F15-A11E-130742FC64FC} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
  Task: {C099DDBE-D8C6-4986-9925-8AD21CC0207D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
  Task: {C5D465DF-F7BB-4653-B01A-D3FF1A589412} - System32\Tasks\{4CE93009-E6FA-4387-B7BF-DD1806EA82A3} => C:\Users\Admin\Desktop\Instalace\CRYPTEXT 3.4\CRYPTEXT.EXE
  Task: {DEAE3D12-4C2E-4741-A98E-B002F41F627E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
  Task: {E04BB851-BF0A-42B8-8A2E-0B886E3777DC} - System32\Tasks\{36089806-21CA-40E7-B313-BB138333902F} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
  Task: {E6C1ED6C-E1A0-4748-BB03-8EECEA9039F7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
  Task: {E87249D3-0ED7-4586-810F-6CF9F68EA5A0} - System32\Tasks\{1C87C160-26C6-47A2-BAA4-202205A9D152} => C:\Users\Admin\Desktop\Instalace\CRYPTEXT 3.4\CRYPTEXT.EXE
  Task: {EC8EF2CD-A83B-4B51-81F1-62B4841D230B} - System32\Tasks\{339848FA-267D-4843-895F-159E08EDA0B5} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
  Task: {EF65ECF7-4C92-4048-B2DC-E32C359C9D61} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
  Task: {F4DDCCB6-006F-40F5-A128-1CD802A14DB8} - System32\Tasks\{FD9D3541-72F6-4025-8F62-997DD5A425A3} => C:\Windows\system32\pcalua.exe -a C:\Users\Admin\Desktop\MOBIL\drivers_Sterwoniki_1203925675\sterowniki\setup.exe -d C:\Users\Admin\Desktop\MOBIL\drivers_Sterwoniki_1203925675\sterowniki
  Task: {FBDBB270-3544-4AD1-B430-30DD1C4DB078} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
  
  REG: reg export "HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Options" "C:\FRST\comodobackup.reg"
  DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Options\Langs.cce
  DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Options|Langs.cce
  
  Hosts:
  EmptyTemp:
  End

• Klikni na Subor a potom na Ulozit
• Vpravo dole vyber kodovanie Unicode
• Subor uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[vlazy]

Tak jsem to provedl, ale bohužel soubor Fixlog.txt nikde nevidím. Snad to není tím, že jsem to neprovedl na ploše ale ve složce. To by snad na to nemělo mít vliv. Zkusil jsem to hledat s pomoci hledání ve Windows a našlo mi to v C:\VTRoot\HarddiskVolume2\FRST\Logs nějaký soubor Fixlog_16-09-2018 19.52.29.txt a tak to snad bude to. Dnešní datum a čas u toho by asi odpovídal tomu kdy jsem to prováděl. Obsah z toho dávám sem a nyní by mne zajímalo co se tím provedlo a případně docílilo a také jak postupovat dál pokud je ještě dobré nebo třeba něco provést.

Fix result of Farbar Recovery Scan Tool (x64) Version: 15.09.2018
Ran by Admin (16-09-2018 19:47:10) Run:1
Running from C:\Users\Admin\Desktop\VIRY
Loaded Profiles: Admin (Available Profiles: Admin & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
File: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2016\DfsdkS64.exe
File: C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
File: C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
File: C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
File: C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe
File: C:\WINDOWS\ehome\ehPrivJob.exe
File: C:\Users\Admin\Desktop\Instalace\CRYPTEXT 3.4\CRYPTEXT.EXE
File: C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll [No File]
CHR HomePage: Default -> hxxps://mysearch.avg.com?cid={4669E67E-67FC-4DE9-AA61-3A65CEEE972E}&mid=a35fcc87b5c847d2a3b06de7836a7dd3-37426f6650395e3706f1825e059166d843a24dec&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-08-30 10:24:11&v=18.1.9.799&pid=safeguard&sg=&sap=hp
CHR StartupUrls: Default -> "hxxps://mysearch.avg.com?cid={4669E67E-67FC-4DE9-AA61-3A65CEEE972E}&mid=a35fcc87b5c847d2a3b06de7836a7dd3-37426f6650395e3706f1825e059166d843a24dec&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-08-30 10:24:11&v=18.1.9.799&pid=safeguard&sg=&sap=hp"
U3 aswbdisk; no ImagePath
U3 idsvc; no ImagePath

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
Task: {0075047A-0C17-406E-B0CC-169ED3A1DF66} - System32\Tasks\{2ED52D4E-05E5-46E5-964D-94324713081D} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
Task: {043AF31D-66A7-4986-B59B-6547AEE091C4} - System32\Tasks\{D0E5CACA-B5FB-45B9-A0D4-CCFEFB10E29D} => C:\Users\Admin\Desktop\Instalace\CRYPTEXT 3.4\CRYPTEXT.EXE
Task: {048E9D9B-15E4-4767-8454-1E87DD66C8CF} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {04B0D92D-5994-451B-BA91-31DBA823211D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {08BB75DD-EF20-4E5E-BF82-2129B5B6519F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {0D1794D5-39F4-4E28-9E51-9F95938A44E0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {1673453B-07AE-4418-BCA6-6136169CDDDF} - System32\Tasks\{7E77A8B1-A1DD-4AF4-8130-6A804C6F99A7} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
Task: {26417ACD-D4D6-4F96-A194-820D3FBDEB94} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {2A8C4295-C887-4EED-923F-BB2AE202F7D5} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {2CEA2CD7-230E-410D-A51F-8509E4F119B2} - System32\Tasks\{F5C44B8F-8860-4551-AFD4-3A438D270FF1} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
Task: {31BDBED9-543F-49C0-8A51-ABD6269AC2F0} - System32\Tasks\{2E595A9D-E2D3-4C88-8A43-87C069FAAF28} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
Task: {37481F78-7791-48E4-ADCC-547E7029C6B7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {3AD2C34A-2002-4341-AE79-BDC2FFA1DB78} - System32\Tasks\{5B0DEB96-FAA3-43A6-9A9A-54C6C5DB7120} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
Task: {41E0A35D-BC5C-4040-AE94-1E15C04D8D7C} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {429C0586-605D-4D14-B07D-AEDC0C607A8A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {49631686-F098-40DB-AE5E-F0D10CAC1F10} - System32\Tasks\{DA70EFF7-C408-4214-BCF5-78D3FC95E92B} => C:\Users\Admin\Desktop\STAŽENÉ\WonderFoxDVDVideoConverter86-dp4fh72\Setup.exe
Task: {64684BB1-5728-4E15-84D2-A0A61BAF31A8} - System32\Tasks\{84D29ABF-E1DB-4FD0-9999-806D3ECD4399} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
Task: {86D4A4EF-B209-47C8-96E3-2632C491E8CC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9599259D-D7C3-4321-84B5-ACF6DBBE6498} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {A6D2C352-6F0F-469A-868C-D65562BF2C72} - System32\Tasks\{FD92923C-BEFD-4F94-ABE9-7A4F66D0FD48} => C:\Users\Admin\Desktop\Instalace\CRYPTEXT 3.4\CRYPTEXT.EXE
Task: {ABCCFB85-EE70-4A94-8475-2EE359028D85} - System32\Tasks\{A8162E04-5A43-448C-8A5B-552E875F0DEC} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
Task: {B5ACD352-105B-4B8D-BEC4-365C7DCBB2BC} - System32\Tasks\{440D0B85-4D03-46F6-997F-82E7E7DED13A} => C:\Users\Admin\Desktop\Instalace\CRYPTEXT 3.4\CRYPTEXT.EXE
Task: {BD6A7DB3-C908-4349-BACE-F7D6BF085806} - System32\Tasks\{86825F77-39FB-4048-894B-8FA83566CCE5} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
Task: {BDF80F5B-B0BB-4C07-AAAF-C48DBCFF0FB8} - System32\Tasks\{0817238E-3D33-4326-990E-02EE743E5F9D} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Handset Manager\Install.exe" -d "C:\Program Files (x86)\Handset Manager"
Task: {C00868FC-56BC-4F15-A11E-130742FC64FC} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {C099DDBE-D8C6-4986-9925-8AD21CC0207D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C5D465DF-F7BB-4653-B01A-D3FF1A589412} - System32\Tasks\{4CE93009-E6FA-4387-B7BF-DD1806EA82A3} => C:\Users\Admin\Desktop\Instalace\CRYPTEXT 3.4\CRYPTEXT.EXE
Task: {DEAE3D12-4C2E-4741-A98E-B002F41F627E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E04BB851-BF0A-42B8-8A2E-0B886E3777DC} - System32\Tasks\{36089806-21CA-40E7-B313-BB138333902F} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
Task: {E6C1ED6C-E1A0-4748-BB03-8EECEA9039F7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E87249D3-0ED7-4586-810F-6CF9F68EA5A0} - System32\Tasks\{1C87C160-26C6-47A2-BAA4-202205A9D152} => C:\Users\Admin\Desktop\Instalace\CRYPTEXT 3.4\CRYPTEXT.EXE
Task: {EC8EF2CD-A83B-4B51-81F1-62B4841D230B} - System32\Tasks\{339848FA-267D-4843-895F-159E08EDA0B5} => C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE
Task: {EF65ECF7-4C92-4048-B2DC-E32C359C9D61} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F4DDCCB6-006F-40F5-A128-1CD802A14DB8} - System32\Tasks\{FD9D3541-72F6-4025-8F62-997DD5A425A3} => C:\Windows\system32\pcalua.exe -a C:\Users\Admin\Desktop\MOBIL\drivers_Sterwoniki_1203925675\sterowniki\setup.exe -d C:\Users\Admin\Desktop\MOBIL\drivers_Sterwoniki_1203925675\sterowniki
Task: {FBDBB270-3544-4AD1-B430-30DD1C4DB078} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

REG: reg export "HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Options" "C:\FRST\comodobackup.reg"
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Options\Langs.cce
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Options|Langs.cce

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Error: (0) Failed to create a restore point.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 104807
Average :
Sum : 49658158741
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe ========================

C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
File not signed
MD5: 58BF7714A312698108A96D0DE2BB6825
Creation and modification date: 2016-01-27 03:20 - 2013-03-08 00:07
Size: 000067584
Attributes: ----A
Company Name: CobianSoft, Luis Cobian
Internal Name: cbVSCService11.exe
Original Name: cbVSCService11.exe
Product: Cobian Backup Gravity
Description: Cobian Backup Gravity VSC Requester
File Version: 11.0.0.0
Product Version: 11.0.0.0
Copyright: Copyright © CobianSoft, Luis Cobian 2000-2011
VirusTotal: https://www.virustotal.com/file/87e0ec2 ... 537090842/

====== End of File: ======


========================= File: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2016\DfsdkS64.exe ========================

C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2016\DfsdkS64.exe
File not signed
MD5: D51B32BA3897F630D99713B74B40D6A2
Creation and modification date: 2016-07-19 13:44 - 2009-08-24 22:16
Size: 000544768
Attributes: ----A
Company Name: mst software GmbH, Germany
Internal Name: mstDfSDK.exe
Original Name: mstDfSDK.exe
Product: mst Defrag SDK
Description: mst Defrag SDK Service
File Version: 3,6,0,6165
Product Version: 3,6,0,0
Copyright: Copyright (C) 2005-2009, mst software GmbH.
VirusTotal: https://www.virustotal.com/file/5eb136a ... 536845330/

====== End of File: ======


========================= File: C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll ========================

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
File not signed
MD5: 1DAE5C46D42B02A6D5862E1482EFB390
Creation and modification date: 2009-09-20 12:36 - 2009-09-20 12:36
Size: 000249344
Attributes: ----A
Company Name: Hewlett-Packard Co.
Internal Name: HPQCXS00
Original Name: HPQCXS00.DLL
Product: HP Digital Imaging
Description: HP CUE Context Manager Objects
File Version: 130.0.80.000
Product Version: 130.000.999.000
Copyright: Copyright (C) Hewlett-Packard Co. 1995-2009
VirusTotal: https://www.virustotal.com/file/90b14e0 ... 536758082/

====== End of File: ======


========================= File: C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll ========================

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
File not signed
MD5: 99E8EEF42FE2F4AF29B08C3355DD7685
Creation and modification date: 2009-09-20 12:24 - 2009-09-20 12:24
Size: 000133120
Attributes: ----A
Company Name: Hewlett-Packard Co.
Internal Name: HPQDDSVC
Original Name: HPQDDSVC.DLL
Product: HP Digital Imaging
Description: HP CUE DeviceDiscovery Service
File Version: 130.0.465.000
Product Version: 130.000.999.000
Copyright: Copyright (C) Hewlett-Packard Co. 1995-2009
VirusTotal: https://www.virustotal.com/file/d57bc21 ... 530509162/

====== End of File: ======


========================= File: C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe ========================

C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
File not signed
MD5: 3A4F2C0BB87A0895ABEBA341AA1E341B
Creation and modification date: 2012-02-09 12:00 - 2013-02-04 18:43
Size: 000155824
Attributes: ----A
Company Name: Avanquest Software
Internal Name: PCCService.exe
Original Name: PCCService.exe
Product: Sony PC Companion
Description: Sony PCCompanion Service
File Version: 1.0.0.0
Product Version: 2.0.0
Copyright: Copyright © Avanquest Software
VirusTotal: 0

====== End of File: ======


========================= File: C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe ========================

C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe
File not signed
MD5: 8E996074137AD035060802A15C4F9A06
Creation and modification date: 2015-08-12 18:18 - 2015-05-21 14:23
Size: 000018432
Attributes: ----A
Company Name: Clarus, Inc.
Internal Name: SZDrvSvc.exe
Original Name: SZDrvSvc.exe
Product: SZDrvSvc
Description: SZDrvSvc
File Version: 1.0.173.0
Product Version: 1.0.0.0
Copyright: Copyright 2011 Clarus,Inc.
VirusTotal: 0

====== End of File: ======


========================= File: C:\WINDOWS\ehome\ehPrivJob.exe ========================

"C:\WINDOWS\ehome\ehPrivJob.exe" => not found
====== End of File: ======


========================= File: C:\Users\Admin\Desktop\Instalace\CRYPTEXT 3.4\CRYPTEXT.EXE ========================

"C:\Users\Admin\Desktop\Instalace\CRYPTEXT 3.4\CRYPTEXT.EXE" => not found
====== End of File: ======


========================= File: C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE ========================

"C:\Users\Admin\Desktop\Instalace\HRY\Člověče, nezlob se!\Člověče, nezlob se!\MENSCH2\INSTALL.EXE" => not found
====== End of File: ======

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removed successfully
HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233}" => removed successfully
"HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@pages.tvunetworks.com/WebPlayer" => removed successfully
"Chrome HomePage" => removed successfully
"Chrome StartupUrls" => removed successfully
"HKLM\System\CurrentControlSet\Services\aswbdisk" => removed successfully
aswbdisk => service removed successfully
"HKLM\System\CurrentControlSet\Services\idsvc" => removed successfully
idsvc => service removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay" => removed successfully
HKLM\Software\Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets" => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0075047A-0C17-406E-B0CC-169ED3A1DF66}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0075047A-0C17-406E-B0CC-169ED3A1DF66}" => removed successfully
C:\WINDOWS\System32\Tasks\{2ED52D4E-05E5-46E5-964D-94324713081D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2ED52D4E-05E5-46E5-964D-94324713081D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{043AF31D-66A7-4986-B59B-6547AEE091C4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{043AF31D-66A7-4986-B59B-6547AEE091C4}" => removed successfully
C:\WINDOWS\System32\Tasks\{D0E5CACA-B5FB-45B9-A0D4-CCFEFB10E29D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D0E5CACA-B5FB-45B9-A0D4-CCFEFB10E29D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{048E9D9B-15E4-4767-8454-1E87DD66C8CF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{048E9D9B-15E4-4767-8454-1E87DD66C8CF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{04B0D92D-5994-451B-BA91-31DBA823211D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04B0D92D-5994-451B-BA91-31DBA823211D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08BB75DD-EF20-4E5E-BF82-2129B5B6519F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08BB75DD-EF20-4E5E-BF82-2129B5B6519F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D1794D5-39F4-4E28-9E51-9F95938A44E0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D1794D5-39F4-4E28-9E51-9F95938A44E0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1673453B-07AE-4418-BCA6-6136169CDDDF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1673453B-07AE-4418-BCA6-6136169CDDDF}" => removed successfully
C:\WINDOWS\System32\Tasks\{7E77A8B1-A1DD-4AF4-8130-6A804C6F99A7} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7E77A8B1-A1DD-4AF4-8130-6A804C6F99A7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{26417ACD-D4D6-4F96-A194-820D3FBDEB94}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26417ACD-D4D6-4F96-A194-820D3FBDEB94}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2A8C4295-C887-4EED-923F-BB2AE202F7D5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A8C4295-C887-4EED-923F-BB2AE202F7D5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2CEA2CD7-230E-410D-A51F-8509E4F119B2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2CEA2CD7-230E-410D-A51F-8509E4F119B2}" => removed successfully
C:\WINDOWS\System32\Tasks\{F5C44B8F-8860-4551-AFD4-3A438D270FF1} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F5C44B8F-8860-4551-AFD4-3A438D270FF1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31BDBED9-543F-49C0-8A51-ABD6269AC2F0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31BDBED9-543F-49C0-8A51-ABD6269AC2F0}" => removed successfully
C:\WINDOWS\System32\Tasks\{2E595A9D-E2D3-4C88-8A43-87C069FAAF28} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2E595A9D-E2D3-4C88-8A43-87C069FAAF28}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{37481F78-7791-48E4-ADCC-547E7029C6B7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37481F78-7791-48E4-ADCC-547E7029C6B7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3AD2C34A-2002-4341-AE79-BDC2FFA1DB78}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3AD2C34A-2002-4341-AE79-BDC2FFA1DB78}" => removed successfully
C:\WINDOWS\System32\Tasks\{5B0DEB96-FAA3-43A6-9A9A-54C6C5DB7120} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5B0DEB96-FAA3-43A6-9A9A-54C6C5DB7120}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{41E0A35D-BC5C-4040-AE94-1E15C04D8D7C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41E0A35D-BC5C-4040-AE94-1E15C04D8D7C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{429C0586-605D-4D14-B07D-AEDC0C607A8A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{429C0586-605D-4D14-B07D-AEDC0C607A8A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49631686-F098-40DB-AE5E-F0D10CAC1F10}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49631686-F098-40DB-AE5E-F0D10CAC1F10}" => removed successfully
C:\WINDOWS\System32\Tasks\{DA70EFF7-C408-4214-BCF5-78D3FC95E92B} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DA70EFF7-C408-4214-BCF5-78D3FC95E92B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64684BB1-5728-4E15-84D2-A0A61BAF31A8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64684BB1-5728-4E15-84D2-A0A61BAF31A8}" => removed successfully
C:\WINDOWS\System32\Tasks\{84D29ABF-E1DB-4FD0-9999-806D3ECD4399} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{84D29ABF-E1DB-4FD0-9999-806D3ECD4399}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{86D4A4EF-B209-47C8-96E3-2632C491E8CC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86D4A4EF-B209-47C8-96E3-2632C491E8CC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9599259D-D7C3-4321-84B5-ACF6DBBE6498}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9599259D-D7C3-4321-84B5-ACF6DBBE6498}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A6D2C352-6F0F-469A-868C-D65562BF2C72}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6D2C352-6F0F-469A-868C-D65562BF2C72}" => removed successfully
C:\WINDOWS\System32\Tasks\{FD92923C-BEFD-4F94-ABE9-7A4F66D0FD48} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FD92923C-BEFD-4F94-ABE9-7A4F66D0FD48}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ABCCFB85-EE70-4A94-8475-2EE359028D85}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ABCCFB85-EE70-4A94-8475-2EE359028D85}" => removed successfully
C:\WINDOWS\System32\Tasks\{A8162E04-5A43-448C-8A5B-552E875F0DEC} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A8162E04-5A43-448C-8A5B-552E875F0DEC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B5ACD352-105B-4B8D-BEC4-365C7DCBB2BC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5ACD352-105B-4B8D-BEC4-365C7DCBB2BC}" => removed successfully
C:\WINDOWS\System32\Tasks\{440D0B85-4D03-46F6-997F-82E7E7DED13A} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{440D0B85-4D03-46F6-997F-82E7E7DED13A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD6A7DB3-C908-4349-BACE-F7D6BF085806}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD6A7DB3-C908-4349-BACE-F7D6BF085806}" => removed successfully
C:\WINDOWS\System32\Tasks\{86825F77-39FB-4048-894B-8FA83566CCE5} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{86825F77-39FB-4048-894B-8FA83566CCE5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BDF80F5B-B0BB-4C07-AAAF-C48DBCFF0FB8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDF80F5B-B0BB-4C07-AAAF-C48DBCFF0FB8}" => removed successfully
C:\WINDOWS\System32\Tasks\{0817238E-3D33-4326-990E-02EE743E5F9D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0817238E-3D33-4326-990E-02EE743E5F9D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C00868FC-56BC-4F15-A11E-130742FC64FC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C00868FC-56BC-4F15-A11E-130742FC64FC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C099DDBE-D8C6-4986-9925-8AD21CC0207D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C099DDBE-D8C6-4986-9925-8AD21CC0207D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5D465DF-F7BB-4653-B01A-D3FF1A589412}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5D465DF-F7BB-4653-B01A-D3FF1A589412}" => removed successfully
C:\WINDOWS\System32\Tasks\{4CE93009-E6FA-4387-B7BF-DD1806EA82A3} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4CE93009-E6FA-4387-B7BF-DD1806EA82A3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DEAE3D12-4C2E-4741-A98E-B002F41F627E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DEAE3D12-4C2E-4741-A98E-B002F41F627E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E04BB851-BF0A-42B8-8A2E-0B886E3777DC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E04BB851-BF0A-42B8-8A2E-0B886E3777DC}" => removed successfully
C:\WINDOWS\System32\Tasks\{36089806-21CA-40E7-B313-BB138333902F} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{36089806-21CA-40E7-B313-BB138333902F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E6C1ED6C-E1A0-4748-BB03-8EECEA9039F7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6C1ED6C-E1A0-4748-BB03-8EECEA9039F7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E87249D3-0ED7-4586-810F-6CF9F68EA5A0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E87249D3-0ED7-4586-810F-6CF9F68EA5A0}" => removed successfully
C:\WINDOWS\System32\Tasks\{1C87C160-26C6-47A2-BAA4-202205A9D152} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1C87C160-26C6-47A2-BAA4-202205A9D152}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC8EF2CD-A83B-4B51-81F1-62B4841D230B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC8EF2CD-A83B-4B51-81F1-62B4841D230B}" => removed successfully
C:\WINDOWS\System32\Tasks\{339848FA-267D-4843-895F-159E08EDA0B5} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{339848FA-267D-4843-895F-159E08EDA0B5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF65ECF7-4C92-4048-B2DC-E32C359C9D61}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF65ECF7-4C92-4048-B2DC-E32C359C9D61}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F4DDCCB6-006F-40F5-A128-1CD802A14DB8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4DDCCB6-006F-40F5-A128-1CD802A14DB8}" => removed successfully
C:\WINDOWS\System32\Tasks\{FD9D3541-72F6-4025-8F62-997DD5A425A3} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FD9D3541-72F6-4025-8F62-997DD5A425A3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FBDBB270-3544-4AD1-B430-30DD1C4DB078}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FBDBB270-3544-4AD1-B430-30DD1C4DB078}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully

========= reg export "HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Options" "C:\FRST\comodobackup.reg" =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========

"HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Options\Langs.cce" => removed successfully
"HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Options\\Langs.cce" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 45075842 B
Java, Flash, Steam htmlcache => 1124 B
Windows/system/drivers => 70132861 B
Edge => 71929 B
Chrome => 519634 B
Firefox => 82002307 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 16674 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Admin => 109914412 B
DefaultAppPool => 16674 B

RecycleBin => 4827368 B
EmptyTemp: => 305.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:50:58 ====

[Conder]

Log vyzera cisty. Nastala nejaka zmena alebo su este nejake problemy?

Plocha ma vyse 40 GB. Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

[vlazy]

Prozatím to vypadá, že se počítač celkově trochu zrychlil a myš se už tolik neseká, ale to může být částečně i tím, že jsem včera a dnes několikrát také pročistil počítač CCleanerem. Snad to tak nějakou dobu zůstane než se zase počítač něčím zaneřádí. Jestli se něco skutečně zlepšilo to se asi pozná až po několika dnech

Pokud jde o tu plochu tak mám ve zvyku na ní dávat kde co co mi připadá, že by mi to ještě někdy mohlo být k něčemu dobré nebo to co často používám. Mám ji zaplněnou celou ikonami složek, různých zástupců atp.. Vím, že zaplněná plocha trochu zpomaluje počítač a tak až budu mít někdy trochu více času tak to budu muset alespoň trochu pouklízet a povkládat do složek.

Je ještě něco co by bylo ještě dobré provézt a zkontrolovat?

Prozatím děkují za pomoc a ochotu se tím zabývat.

[Conder]

Zbytok uz vyzera OK.

Tak este upraceme po pouzitych nastrojoch:

• Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
• Uloz na plochu a spusti
• Nechaj oznacenu moznost "Remove disinfection tools"
• Klikni na "Run"