Preventivka, pročištění NTB

[Raynar7]

Dobrý den, poprosím o kontrolu, poprosil bych nějaké pročištění či odstranění verbeše, pokud se nějaká najde Děkuji.

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.09.2018
Ran by bea (administrator) on BEA-PC (18-09-2018 23:09:07)
Running from C:\Users\bea\Desktop
Loaded Profiles: bea (Available Profiles: bea)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Users\bea\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\bea\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Users\bea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\bea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\bea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\bea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\bea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\bea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\bea\AppData\Local\Google\Update\GoogleUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Users\bea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\bea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\bea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\bea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\bea\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-09-05] (AVAST Software)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2180680 2016-09-17] ()
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
HKU\S-1-5-21-614828451-1911938367-3141255420-1000\...\Run: [Google Update] => C:\Users\bea\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-17] (Google Inc.)
HKU\S-1-5-21-614828451-1911938367-3141255420-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\bea\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-21-614828451-1911938367-3141255420-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\bea\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-614828451-1911938367-3141255420-1000\...\Run: [AvastBrowserAutoLaunch_82DFC5E707C7C2FF96253791EBB363F2] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1727312 2018-08-13] (AVAST Software)
HKU\S-1-5-21-614828451-1911938367-3141255420-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-11] (Piriform Ltd)
HKU\S-1-5-21-614828451-1911938367-3141255420-1000\...\MountPoints2: F - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-614828451-1911938367-3141255420-1000\...\MountPoints2: {5f503578-d4ba-11e6-9487-00269ecbdea5} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-614828451-1911938367-3141255420-1000\...\MountPoints2: {5f503582-d4ba-11e6-9487-00269ecbdea5} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{D8642F69-C45D-479E-8AEA-9A47B67960A6}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Internet Explorer:
==================
HKU\S-1-5-21-614828451-1911938367-3141255420-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={D51D35C0-DAA2-49A9-80B9-443F2ABCAA17}&mid=957690acfd5e47cc8d9ed16fd82f3756-4f3699cee1b0cd0c14b35c7fbde56dda11a9f8a0&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0316tb&pr=fr&d=2016-02-04 16:10:27&v=4.3.1.831&pid=wtu&sg=&sap=hp
SearchScopes: HKU\S-1-5-21-614828451-1911938367-3141255420-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={D51D35C0-DAA2-49A9-80B9-443F2ABCAA17}&mid=957690acfd5e47cc8d9ed16fd82f3756-4f3699cee1b0cd0c14b35c7fbde56dda11a9f8a0&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0316tb&pr=fr&d=2016-02-04 16:10:27&v=4.3.5.160&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-614828451-1911938367-3141255420-1000 -> {6AC6C258-FD07-4690-B53B-921FF0DCD921} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_27368
SearchScopes: HKU\S-1-5-21-614828451-1911938367-3141255420-1000 -> {6FD7A59F-8CAE-4293-AE20-E004B6958D44} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_27368
SearchScopes: HKU\S-1-5-21-614828451-1911938367-3141255420-1000 -> {78B593AD-3F9A-4315-BF9F-2A4B7D707EB4} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_27368
SearchScopes: HKU\S-1-5-21-614828451-1911938367-3141255420-1000 -> {8823B874-A63F-4217-A1E8-19CE4F58FD5F} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-614828451-1911938367-3141255420-1000 -> {89ABD109-2BC0-4FFE-A811-9D55A0AADBA3} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-614828451-1911938367-3141255420-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={D51D35C0-DAA2-49A9-80B9-443F2ABCAA17}&mid=957690acfd5e47cc8d9ed16fd82f3756-4f3699cee1b0cd0c14b35c7fbde56dda11a9f8a0&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0316tb&pr=fr&d=2016-02-04 16:10:27&v=4.3.5.160&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-614828451-1911938367-3141255420-1000 -> {A8FEA574-A2A0-41DE-AD2F-B4E81521B851} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-614828451-1911938367-3141255420-1000 -> {B7B39CDE-9FF2-4FE7-9C71-06212D6FE891} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_27368
SearchScopes: HKU\S-1-5-21-614828451-1911938367-3141255420-1000 -> {D3A790BA-AC15-431B-86AB-DFF4DA76466C} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-614828451-1911938367-3141255420-1000 -> {F9107B00-2DC5-4D80-BC3D-2333BD1B3B8E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_27368
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.5.160\AVG Web TuneUp.dll [2016-09-17] (AVG)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.5\\npsitesafety.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-614828451-1911938367-3141255420-1000: @tools.google.com/Google Update;version=3 -> C:\Users\bea\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-614828451-1911938367-3141255420-1000: @tools.google.com/Google Update;version=9 -> C:\Users\bea\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> mysearch.avg.com
CHR NewTab: Default -> Not-active:"chrome-extension://blmojkbhnkkphngknkmgccmlenfaelkd/speeddial/newTab.html", Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> hxxps://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\bea\AppData\Local\Google\Chrome\User Data\Default [2018-09-18]
CHR Extension: (Prezentace) - C:\Users\bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-22]
CHR Extension: (Dokumenty) - C:\Users\bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-22]
CHR Extension: (Disk Google) - C:\Users\bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Seznam doplněk - Email) - C:\Users\bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-09-07]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-09-11]
CHR Extension: (YouTube) - C:\Users\bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (AVG Secure Search) - C:\Users\bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2018-07-29]
CHR Extension: (Vyhledávání Google) - C:\Users\bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Adobe Acrobat) - C:\Users\bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-12-05]
CHR Extension: (Tabulky) - C:\Users\bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-20]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-09-07]
CHR Extension: (Gmail) - C:\Users\bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-18]
CHR HKU\S-1-5-21-614828451-1911938367-3141255420-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-614828451-1911938367-3141255420-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-614828451-1911938367-3141255420-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.OUWBEF7ZLCWBUPIQ7RDLV2QDWE - C:\Users\bea\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKLM\SYSTEM\CurrentControlSet\Services\avgSP <==== ATTENTION (Rootkit!)
HKLM\SYSTEM\CurrentControlSet\Services\avgMonFlt <==== ATTENTION (Rootkit!)
HKLM\SYSTEM\CurrentControlSet\Services\avgSnx <==== ATTENTION (Rootkit!)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-09-05] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-12] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-09-05] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-12] (AVAST Software)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-11-25] () [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [980552 2016-09-17] ()
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [199712 2018-09-05] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229384 2018-09-05] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201320 2018-09-05] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-09-05] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59568 2018-09-05] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249016 2018-09-05] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-09-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163392 2018-09-11] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111864 2018-09-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87904 2018-09-05] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-09-05] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467320 2018-09-05] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215920 2018-09-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381560 2018-09-05] (AVAST Software)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18816 2016-11-25] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
U1 aswbdisk; no ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-18 23:09 - 2018-09-18 23:09 - 000017284 _____ C:\Users\bea\Desktop\FRST.txt
2018-09-18 23:08 - 2018-09-18 23:09 - 000000000 ____D C:\FRST
2018-09-18 23:07 - 2018-09-18 23:07 - 002413568 _____ (Farbar) C:\Users\bea\Desktop\FRST64.exe
2018-09-07 12:30 - 2018-09-07 12:30 - 000009118 _____ C:\Users\bea\Downloads\cpub-OUTLOOK-term_fischer-CmsRdsh.rdp
2018-09-07 12:30 - 2018-09-07 12:30 - 000009118 _____ C:\Users\bea\Downloads\cpub-OUTLOOK-term_fischer-CmsRdsh (1).rdp
2018-09-05 23:10 - 2018-09-05 23:09 - 000379608 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-18 23:01 - 2009-07-14 06:45 - 000021024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-18 23:01 - 2009-07-14 06:45 - 000021024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-18 22:59 - 2016-01-25 18:49 - 000000000 ____D C:\Users\bea\AppData\Roaming\Seznam.cz
2018-09-18 22:51 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-18 22:49 - 2018-08-12 19:48 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-09-18 21:12 - 2018-08-12 19:52 - 000003428 _____ C:\Windows\System32\Tasks\AvastUpdateTaskMachineUA
2018-09-18 21:12 - 2018-08-12 19:52 - 000003300 _____ C:\Windows\System32\Tasks\AvastUpdateTaskMachineCore
2018-09-18 21:12 - 2018-04-18 10:49 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-09-18 21:12 - 2016-11-11 14:24 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-09-18 21:12 - 2016-05-11 12:03 - 000003558 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-614828451-1911938367-3141255420-1000UA1d1ab6c54d6626a
2018-09-18 21:12 - 2016-05-11 12:03 - 000003286 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-614828451-1911938367-3141255420-1000Core1d1ab6c545aef0b
2018-09-18 21:12 - 2015-08-04 19:05 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-09-18 21:12 - 2015-01-27 16:28 - 000000000 ____D C:\Users\bea\AppData\Roaming\vlc
2018-09-18 21:12 - 2015-01-10 22:31 - 000002768 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-09-18 17:44 - 2015-01-27 15:40 - 000000000 ____D C:\Users\bea\AppData\Roaming\uTorrent
2018-09-18 17:35 - 2015-01-10 22:18 - 000002389 _____ C:\Users\bea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-18 17:35 - 2015-01-10 22:18 - 000002352 _____ C:\Users\bea\Desktop\Google Chrome.lnk
2018-09-18 17:27 - 2009-07-14 17:18 - 000669116 _____ C:\Windows\system32\perfh005.dat
2018-09-18 17:27 - 2009-07-14 17:18 - 000141744 _____ C:\Windows\system32\perfc005.dat
2018-09-18 17:27 - 2009-07-14 07:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-18 17:27 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-09-17 18:07 - 2017-01-07 15:31 - 000461824 ___SH C:\Users\bea\Thumbs.db
2018-09-17 18:07 - 2015-01-10 22:10 - 000000000 ____D C:\Users\bea
2018-09-17 17:15 - 2017-04-24 14:26 - 000208216 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw3003bc0124099db7.tmp
2018-09-17 16:52 - 2018-08-12 19:48 - 000215920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-09-17 15:53 - 2015-01-10 22:32 - 000000000 ____D C:\ProgramData\AVAST Software
2018-09-17 15:14 - 2015-01-10 22:31 - 000000000 ____D C:\Program Files\CCleaner
2018-09-11 17:18 - 2018-08-12 19:48 - 000163392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-09-11 17:17 - 2017-04-24 14:26 - 000155664 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw a5d8c903d9e3208.tmp
2018-09-07 12:23 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2018-09-06 12:14 - 2017-04-24 14:26 - 000459624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\aswfe8e079077493f00.tmp
2018-09-06 12:14 - 2017-04-24 14:26 - 000078864 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asweafe4dea0bd07717.tmp
2018-09-05 23:23 - 2018-08-12 19:48 - 000467320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-09-05 23:23 - 2018-08-12 19:48 - 000087904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-09-05 23:11 - 2017-11-30 22:20 - 000192104 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\aswc1bd1abf1bddcce8.tmp
2018-09-05 23:11 - 2017-04-24 14:26 - 000373944 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw 933018209a75f64.tmp
2018-09-05 23:11 - 2017-04-24 14:26 - 000104256 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw58775a6a6da5beb4.tmp
2018-09-05 23:11 - 2017-04-24 14:26 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asweb7ae4bd67787801.tmp
2018-09-05 23:09 - 2018-08-12 19:48 - 000381560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-09-05 23:09 - 2018-08-12 19:48 - 000199712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-09-05 23:09 - 2018-08-12 19:48 - 000111864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-09-05 23:09 - 2018-08-12 19:48 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-09-05 23:09 - 2017-04-24 14:26 - 001020112 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw416a13da97b1edee.tmp
2018-09-05 23:07 - 2017-04-24 14:26 - 000339048 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw7a9dc4de9016cd37.tmp
2018-09-05 23:07 - 2017-04-24 14:26 - 000222288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw786acd57c3878e8e.tmp
2018-09-05 23:07 - 2017-04-24 14:26 - 000194224 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw98c8738719d4f31e.tmp
2018-09-05 23:07 - 2017-04-24 14:26 - 000051952 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\aswf6e2c059c75cdd98.tmp
2018-09-05 23:05 - 2018-08-12 19:48 - 001027720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-09-05 23:04 - 2018-08-12 19:48 - 000249016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-09-05 23:02 - 2018-08-12 19:48 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-09-05 23:02 - 2018-08-12 19:48 - 000229384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-09-05 23:02 - 2018-08-12 19:48 - 000201320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-09-05 23:02 - 2018-08-12 19:48 - 000059568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-08-23 12:02 - 2018-08-12 19:52 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-08-23 12:02 - 2018-08-12 19:52 - 000002386 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk

Some files in TEMP:
====================
2018-04-11 16:02 - 2018-06-06 07:41 - 000534528 _____ () C:\Users\bea\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-03-29 16:06

==================== End of FRST.txt ============================

ADDITION

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.09.2018
Ran by bea (18-09-2018 23:10:20)
Running from C:\Users\bea\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2015-01-10 20:10:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-614828451-1911938367-3141255420-500 - Administrator - Disabled)
bea (S-1-5-21-614828451-1911938367-3141255420-1000 - Administrator - Enabled) => C:\Users\bea
Guest (S-1-5-21-614828451-1911938367-3141255420-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-614828451-1911938367-3141255420-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Crystal Eye Webcam (HKLM-x32\...\{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2624.00 - CyberLink Corp.) Hidden
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2624.00 - CyberLink Corp.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Aktualizace NVIDIA 15.3.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 15.3.33 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 68.0.746.60 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.5.160 - AVG Technologies)
Booking.com version 1.1.0.5019 (HKLM-x32\...\{F9B4E180-69C1-4414-81E6-DF79F5F971B1}_is1) (Version: 1.1.0.5019 - Booking.com) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
csWord v.3 (HKLM-x32\...\csWord_is1) (Version: - XSoft)
Dropbox (HKU\S-1-5-21-614828451-1911938367-3141255420-1000\...\Dropbox) (Version: 3.0.5 - Dropbox, Inc.)
Google Chrome (HKU\S-1-5-21-614828451-1911938367-3141255420-1000\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.29.02 - JMicron Technology Corp.)
LINGWA slovní zásoba (HKLM\...\LINGWA_Vocabulary_is1) (Version: 1.09 - 1st EasySoft)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA Ovladač HD audia 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Ovládací panel NVIDIA 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 340.52 - NVIDIA Corporation) Hidden
PDF Editor 4 (HKLM-x32\...\PDF Editor 4) (Version: - )
Seznam Software (HKU\S-1-5-21-614828451-1911938367-3141255420-1000\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Zoner Photo Studio 13 FREE (HKLM-x32\...\ZonerPhotoStudio13_EN_is1) (Version: 13.0.1.7 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\bea\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\bea\AppData\Local\Google\Update\1.3.33.6\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\bea\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\bea\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\bea\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\bea\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\bea\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\bea\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\bea\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\bea\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\bea\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\bea\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\bea\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\bea\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\bea\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\bea\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bea\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bea\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bea\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bea\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bea\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bea\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bea\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-614828451-1911938367-3141255420-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bea\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-05] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-05] (AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-05] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-05] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-01] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-05] (AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2014-07-02] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-05] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-01] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-614828451-1911938367-3141255420-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bea\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2015-01-09] (Dropbox, Inc.)
ContextMenuHandlers1_S-1-5-21-614828451-1911938367-3141255420-1000-x32: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files (x86)\Zoner\Photo Studio 13\Program32\SHELLEXT.DLL [2011-06-08] (ZONER software)
ContextMenuHandlers2_S-1-5-21-614828451-1911938367-3141255420-1000-x32: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files (x86)\Zoner\Photo Studio 13\Program32\SHELLEXT.DLL [2011-06-08] (ZONER software)
ContextMenuHandlers4_S-1-5-21-614828451-1911938367-3141255420-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bea\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2015-01-09] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-614828451-1911938367-3141255420-1000-x32: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files (x86)\Zoner\Photo Studio 13\Program32\SHELLEXT.DLL [2011-06-08] (ZONER software)
ContextMenuHandlers5_S-1-5-21-614828451-1911938367-3141255420-1000: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bea\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2015-01-09] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {059C8C7E-F341-48E7-8FBD-55A3A06DD10D} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {1BA6AE72-8892-441A-83CA-273CCBB229DA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-614828451-1911938367-3141255420-1000UA => C:\Users\bea\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {2BBAC52B-F6CB-4CF4-B9B5-88807634C67B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-09-05] (AVAST Software)
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {3AA3D4ED-6FAB-4E29-8AE3-F53E6FF1FA8E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-08-12] (AVAST Software)
Task: {4587F01F-AC7D-483C-91AC-A01DC668E857} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-09-18] (AVAST Software)
Task: {4804EB85-8167-4274-AFC5-D9702CCD4CCB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-11] (Piriform Ltd)
Task: {4B631769-3748-477E-A379-EE054E03E18F} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {68C907F7-B5AB-4708-A4EE-931CEC2E3104} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-09-18] (AVG Technologies CZ, s.r.o.)
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe
Task: {A3A7D1FD-C52B-46CE-9F15-54AC7F25703A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-11] (Piriform Ltd)
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {BB0D8B7D-8EDB-44D9-A8E3-58B71467C487} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {D6F3A664-E636-4C7D-9636-367A73BB3F5A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-614828451-1911938367-3141255420-1000UA1d1ab6c54d6626a => C:\Users\bea\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {DE78729E-08E1-4583-9908-1E7B91609D4E} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-08-12] (AVAST Software)
Task: {E9436581-1012-4509-B7D2-74EC8AA84AC3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {E9758640-D7E8-439C-A9AD-CF8F429DDE48} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-614828451-1911938367-3141255420-1000Core => C:\Users\bea\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {FD9E570C-907F-4B5B-8904-829E9DD2C8CD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-614828451-1911938367-3141255420-1000Core1d1ab6c545aef0b => C:\Users\bea\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-614828451-1911938367-3141255420-1000Core.job => C:\Users\bea\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-614828451-1911938367-3141255420-1000UA.job => C:\Users\bea\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\bea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk -> C:\Users\bea\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1440,900
ShortcutWithArgument: C:\Users\bea\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk -> C:\Users\bea\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1440,900

==================== Loaded Modules (Whitelisted) ==============

2016-02-04 17:10 - 2016-09-17 18:32 - 000980552 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-01-10 22:47 - 2014-07-02 20:55 - 000116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-11-25 08:16 - 2016-11-25 08:16 - 000192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2018-09-05 23:07 - 2018-09-05 23:07 - 000703192 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2018-04-11 16:02 - 2017-11-13 16:46 - 000092368 _____ () C:\Users\bea\AppData\Roaming\Seznam.cz\bin\28058libfoxloader-x64.dll
2016-01-25 18:50 - 2017-11-13 16:38 - 000506064 _____ () C:\Users\bea\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2016-01-25 18:50 - 2017-02-08 13:39 - 000080576 _____ () C:\Users\bea\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2016-02-04 17:10 - 2016-09-17 18:32 - 002180680 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2018-09-05 23:07 - 2018-09-05 23:07 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-09-18 17:15 - 2018-09-18 17:15 - 005695632 _____ () C:\Program Files\AVAST Software\Avast\defs\18091800\algo.dll
2018-09-05 23:08 - 2018-09-05 23:08 - 000896216 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-09-05 23:05 - 2018-09-05 23:05 - 000541400 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-09-05 23:04 - 2018-09-05 23:04 - 000151768 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-09-05 23:05 - 2018-09-05 23:05 - 000986840 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2017-11-22 19:29 - 2017-11-13 16:49 - 000085200 _____ () C:\Users\bea\AppData\Roaming\Seznam.cz\bin\20848libfoxloader.dll
2016-01-25 18:50 - 2018-02-21 11:36 - 000869584 _____ () C:\Users\bea\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2018-08-12 19:50 - 2018-08-12 19:50 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-09-18 17:35 - 2018-09-15 10:48 - 004317528 _____ () C:\Users\bea\AppData\Local\Google\Chrome\Application\69.0.3497.100\libglesv2.dll
2018-09-18 17:35 - 2018-09-15 10:48 - 000096600 _____ () C:\Users\bea\AppData\Local\Google\Chrome\Application\69.0.3497.100\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2018-09-17 16:32 - 000000878 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-614828451-1911938367-3141255420-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\bea\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{325AD74D-1FD2-4444-94BD-81D51B9AB53B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C675746C-D472-40DB-8E06-66AA229E6F4A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D111ED32-A892-4AEC-976D-C7F9027D0F10}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4C8550E4-A8BE-4274-99B7-9432BA38791D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{F7CE2B88-4E41-4B85-93E5-DAB11A342A50}C:\users\bea\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bea\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{D217C0A1-0DA7-42B2-8584-C88D48F52428}C:\users\bea\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bea\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{D9BEFF04-24CB-44E8-B586-FE39D7375711}C:\users\bea\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\bea\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{FDB8D71E-544F-411D-9976-6420B8CA66B8}C:\users\bea\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\bea\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{55829FCC-1D06-4344-8B7D-1CC5ABEDD4CA}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{B4CFB360-75EF-483F-8FC5-BA7B2C01810F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{69F1BB5A-F354-4C38-8AF1-A6B8D60985EC}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{02A085A6-B398-429C-8872-4218AC6722B2}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{9FA04634-E775-4F3E-905B-3C5C7F2F9E1C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{E5AABB45-296D-4524-9520-A1432F23E4D8}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{91E1A9BB-5749-42A0-99F7-DFBAB1AE84F0}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{0DA90B06-3E48-4B2F-BFF6-1CB27AA05D78}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{18DEED84-B20C-4664-9F01-C42C42AF52CA}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{B36C29E8-E45B-4904-A7E4-B3B4620E7966}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{BF52FC33-5694-4B67-808B-FC20960016CE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/18/2018 10:49:39 PM) (Source: Avast Browser Update) (EventID: 1) (User: NT AUTHORITY)
Description: Event-ID 1

Error: (09/18/2018 10:49:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NvNetworkService.exe, verze: 1.0.8.24, časové razítko: 0x53d0a628
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00127454
ID chybujícího procesu: 0x664
Čas spuštění chybující aplikace: 0x01d44f8fe4848d90
Cesta k chybující aplikaci: C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5a8aa965-bb84-11e8-9826-00269ecbdea5

Error: (09/18/2018 10:49:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: armsvc.exe, verze: 1.824.27.2646, časové razítko: 0x5ab222cf
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00127454
ID chybujícího procesu: 0x580
Čas spuštění chybující aplikace: 0x01d44f8fe2c9cd9d
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5a39ba9c-bb84-11e8-9826-00269ecbdea5

Error: (09/18/2018 10:49:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WtuSystemSupport.exe, verze: 4.3.5.160, časové razítko: 0x57bc261c
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00127454
ID chybujícího procesu: 0x32c
Čas spuštění chybující aplikace: 0x01d44f8fd416cbc7
Cesta k chybující aplikaci: C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 58d70d93-bb84-11e8-9826-00269ecbdea5

Error: (09/18/2018 10:38:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NvNetworkService.exe, verze: 1.0.8.24, časové razítko: 0x53d0a628
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x001a7454
ID chybujícího procesu: 0x9c0
Čas spuštění chybující aplikace: 0x01d44f6321c0860f
Cesta k chybující aplikaci: C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: d7f6281f-bb82-11e8-a7e2-00242ccaf2b8

Error: (09/18/2018 10:38:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: armsvc.exe, verze: 1.824.27.2646, časové razítko: 0x5ab222cf
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x001a7454
ID chybujícího procesu: 0x518
Čas spuštění chybující aplikace: 0x01d44f631bc12e7e
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: d6f9d642-bb82-11e8-a7e2-00242ccaf2b8

Error: (09/18/2018 10:38:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WtuSystemSupport.exe, verze: 4.3.5.160, časové razítko: 0x57bc261c
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x001a7454
ID chybujícího procesu: 0x344
Čas spuštění chybující aplikace: 0x01d44f630e54a6dc
Cesta k chybující aplikaci: C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: d604a885-bb82-11e8-a7e2-00242ccaf2b8

Error: (09/18/2018 05:16:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NvNetworkService.exe, verze: 1.0.8.24, časové razítko: 0x53d0a628
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000e7454
ID chybujícího procesu: 0x998
Čas spuštění chybující aplikace: 0x01d44e88729eda49
Cesta k chybující aplikaci: C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: dec91673-bb55-11e8-8816-00269ecbdea5


System errors:
=============
Error: (09/18/2018 10:51:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba VBoxAsw Support Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.

Error: (09/18/2018 10:49:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Network Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/18/2018 10:49:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/18/2018 10:49:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba WtuSystemSupport byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/18/2018 10:40:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba VBoxAsw Support Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.

Error: (09/18/2018 10:38:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Network Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/18/2018 10:38:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/18/2018 10:38:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba WtuSystemSupport byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2015-08-05 03:13:47.072
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{0BEE40A3-E819-4CA4-B463-AA72EE00FF56}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

CodeIntegrity:
===================================

Date: 2018-05-18 00:01:03.954
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-05-17 23:20:38.343
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-05-17 22:44:40.618
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-05-17 22:42:56.211
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-05-17 22:42:27.302
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-05-17 11:23:28.531
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-05-17 11:04:39.792
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-05-17 10:23:41.354
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T6670 @ 2.20GHz
Percentage of memory in use: 63%
Total physical RAM: 3066.93 MB
Available physical RAM: 1128.13 MB
Total Virtual: 6132.04 MB
Available Virtual: 4003.72 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.06 GB) (Free:50.68 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:150.03 GB) (Free:129.01 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 47014701)
Partition 1: (Active) - (Size=148.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=150 GB) - (Type=0F Extended)

==================== End of Addition.txt ============================

[Raynar7]

Dobrý den, strašně se omlouvám až teď jsem si všiml, že to hážu do špatné sekce. Mohu poprosit o přehození, případně smazání abych hodil správně. Díky moc.

[Conder]

Ahoj

Ak nepouzivas, odorucam odinstalovat Seznam Software (Seznam Listicka).

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

[Raynar7]

# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: 2018-09-17.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-18-2018
# Duration: 00:00:07
# OS: Windows 7 Ultimate
# Cleaned: 30
# Failed: 0


***** [ Services ] *****

Deleted WtuSystemSupport

***** [ Folders ] *****

Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.com
Deleted C:\Program Files (x86)\Booking.com
Deleted C:\ProgramData\avg web tuneup
Deleted C:\Program Files (x86)\avg web tuneup
Deleted C:\Users\bea\AppData\Local\avg web tuneup
Deleted C:\ProgramData\AVG Security Toolbar
Deleted C:\ProgramData\AVG Secure Search
Deleted C:\Program Files\Common Files\AVG Secure Search
Deleted C:\Program Files (x86)\Common Files\AVG Secure Search

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F9B4E180-69C1-4414-81E6-DF79F5F971B1}_is1
Deleted HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
Deleted HKCU\Software\csastats
Deleted HKLM\Software\Wow6432Node\AVG Tuneup
Deleted HKCU\Software\UpdateStar
Deleted HKLM\Software\Wow6432Node\Google\Chrome\NativeMessagingHosts\avgsh
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Deleted HKLM\Software\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com
Deleted HKCU\Software\PRODUCTSETUP

***** [ Chromium (and derivatives) ] *****

Deleted AVG Web TuneUp
Deleted bopakagnckmlgajfccecajhnimjiiedh

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3763 octets] - [18/09/2018 23:38:19]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Conder]

Poprosim o nove logy z FRST.