Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

prosím pomoc

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
vita007
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 04 led 2011 16:50

prosím pomoc

#1 Příspěvek od vita007 »

Dobrý den,

zřejmě jsem si zaviroval počítač, avast dokonce "něco mele" o MBR, mám docela nahnáno, logy zde:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24.10.2018
Ran by chavel (06-11-2018 11:08:01)
Running from C:\Users\chavel\Downloads
Microsoft Windows 7 Professional Service Pack 1 (X86) (2016-12-28 19:27:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4179066704-3577799771-3630154625-500 - Administrator - Disabled)
chavel (S-1-5-21-4179066704-3577799771-3630154625-1000 - Administrator - Enabled) => C:\Users\chavel
Guest (S-1-5-21-4179066704-3577799771-3630154625-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4179066704-3577799771-3630154625-1000\...\uTorrent) (Version: 3.5.4.44632 - BitTorrent Inc.)
Adobe Acrobat 9 Pro - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}) (Version: 9.0.0 - Adobe Systems)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Backup and Sync from Google (HKLM\...\{36F77FB6-DB7A-4293-ADF6-D8B081F27DD6}) (Version: 3.43.1584.4446 - Google, Inc.)
Broadcom 2070 Bluetooth 2.1 + EDR (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.1100 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.48.35 - Broadcom Corporation)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.02 - Canon Inc.)
Cool Edit Pro 2.1 (HKLM\...\Cool Edit Pro 2.1) (Version: - )
Design & Print (HKLM\...\Design & Print 3.0.0) (Version: 3.0.0 - Avery Products Corp.)
FastDataX 1.20 (HKLM\...\FastDataX_is1) (Version: 1.20 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 70.0.3538.77 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HandBrake 1.0.7 (HKLM\...\HandBrake) (Version: 1.0.7 - )
HL-1110 series (HKLM\...\{4F2442B7-A89E-42A4-8F0E-6937499855CA}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
HP 3D DriveGuard (HKLM\...\{299625B9-6C69-462C-9CEA-8E06D878B1C5}) (Version: 4.0.5.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}) (Version: 3.5.15.1 - Hewlett-Packard Company)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6275.0 - IDT)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2119 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 14.8 - Intel)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.41 - Irfan Skiljan)
Lingea Lexicon 2002 (HKLM\...\Lexicon 4.0) (Version: - )
MEGAsync (HKLM\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.6.2 (HKLM\...\{476F88BA-08DD-32D8-A8B0-E85EE28CB27F}) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Multitimer version 1.0 (HKLM\...\Multitimer_is1) (Version: 1.0 - )
Online Application (HKLM\...\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}) (Version: 2.7.0 - Microleaves) Hidden <==== ATTENTION
Pulover's Macro Creator verze 5.0.5 (HKLM\...\{223FFB42-2D49-4AF6-9EF2-82B7D0CAF8B4}_is1) (Version: 5.0.5 - Rodolfo U. Batista)
RICOH Media Driver (HKLM\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.14.00.05 - RICOH)
SafeFinder (HKLM\...\{CD570DBF-F912-4675-A2FD-09CEEF178610}) (Version: 1.0.0.0 - Linkury) <==== ATTENTION
SafeZone Stable 4.58.2552.909 (HKLM\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.10.0 - Synaptics Incorporated)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.55 - Ghisler Software GmbH)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Validity Fingerprint Driver (HKLM\...\{78365FC6-09CA-4AC3-BC01-70FB46596047}) (Version: 4.0.15.0 - Validity Sensors, Inc.)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (12/16/2009 6.2.0.9414) (HKLM\...\0973B297E079B467E3776E59F763D63FD557795B) (Version: 12/16/2009 6.2.0.9414 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Wondershare Helper Compact 2.5.2 (HKLM\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Wondershare PDFelement 6 Pro(Build 6.8.4) (HKLM\...\{B026557A-EF19-4812-8A79-B30F94AA0A78}_is1) (Version: 6.8.4.3921 - Wondershare Software Co.,Ltd.)
xat.com Image Optimizer (HKLM\...\xat.com Image Optimizer) (Version: - )
Xml Viewer (HKLM\...\{F58E04CD-6E76-43C8-AAF1-482225C2910E}) (Version: 3 - MindFusion Limited)
Yubby (HKLM\...\{D105DFE2-8DF6-4BA0-ABF1-392716658963}) (Version: 1.6.1.1593 - CRM Ltd)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4179066704-3577799771-3630154625-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4179066704-3577799771-3630154625-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4179066704-3577799771-3630154625-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4179066704-3577799771-3630154625-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4179066704-3577799771-3630154625-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4179066704-3577799771-3630154625-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4179066704-3577799771-3630154625-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4179066704-3577799771-3630154625-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4179066704-3577799771-3630154625-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4179066704-3577799771-3630154625-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4179066704-3577799771-3630154625-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4179066704-3577799771-3630154625-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4179066704-3577799771-3630154625-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\chavel\AppData\Local\MEGAsync\ShellExtX32.dll [2017-11-23] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\chavel\AppData\Local\MEGAsync\ShellExtX32.dll [2017-11-23] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\chavel\AppData\Local\MEGAsync\ShellExtX32.dll [2017-11-23] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-09-24] (AVAST Software)
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\chavel\AppData\Local\MEGAsync\ShellExtX32.dll [2017-11-23] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu.dll [2008-06-11] (Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-09-24] (AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-10-04] (Google)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-09-24] (AVAST Software)
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\chavel\AppData\Local\MEGAsync\ShellExtX32.dll [2017-11-23] ()
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-10-04] (Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-04-21] (Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu.dll [2008-06-11] (Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-09-24] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07C736AE-16C2-445B-A4EC-B4E6641FCC46} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-12-28] (Google Inc.)
Task: {21749941-B010-4711-8EF5-BA0F25A3DC6F} - System32\Tasks\{EB82DB64-B639-44CC-9C82-1F93250B1955} => C:\Windows\system32\pcalua.exe -a C:\Users\chavel\AppData\Local\MiPhoneManager\main\uninstall.exe
Task: {3CD01590-4524-41B5-B803-1049115E9ED5} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-4179066704-3577799771-3630154625-1000 => C:\Users\chavel\AppData\Local\MEGAsync\MEGAupdater.exe [2017-11-23] (Mega Limited)
Task: {3F6A04A3-538F-420A-BB2F-67A79C518057} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {7F8819C8-B39B-488E-B396-01B0EF115EDB} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {80098E00-A6CF-4F88-980F-9B8F6F30B6DC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-09-24] (AVAST Software)
Task: {8F612860-6870-457A-93DE-DB53E208D3D6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-11-05] (AVAST Software)
Task: {C891B8C1-3FF4-4E71-AE9C-0CB32426E624} - System32\Tasks\SafeZone scheduled Autoupdate 1482955833 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {DCA52970-BC3F-4800-8E76-6A755BFA9678} - System32\Tasks\Updater_Online_Application => C:\Program Files\Microleaves\Online Application\Online Application Updater.exe [2017-11-02] (Microleaves) <==== ATTENTION
Task: {EF28A7C7-11AE-4D7A-BDA1-682342F2034A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-12-28] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Updater_Online_Application.job => C:\Program Files\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\chavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\chavel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%
ShortcutWithArgument: C:\Users\chavel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> %SNP%
ShortcutWithArgument: C:\Users\chavel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP%

==================== Loaded Modules (Whitelisted) ==============

2018-09-24 12:28 - 2018-09-24 12:28 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-11-06 10:11 - 2018-11-06 10:11 - 005712528 _____ () C:\Program Files\AVAST Software\Avast\defs\18110601\algo.dll
2018-09-24 12:28 - 2018-09-24 12:28 - 000896216 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-09-24 12:28 - 2018-09-24 12:28 - 000986840 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-09-24 12:28 - 2018-09-24 12:28 - 000541400 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-09-24 12:28 - 2018-09-24 12:28 - 000151768 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-05-03 09:38 - 2018-05-03 09:38 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-01 15:15 - 2017-11-23 16:46 - 000570368 _____ () C:\Users\chavel\AppData\Local\MEGAsync\ShellExtX32.dll
2017-03-29 06:49 - 2009-02-27 15:38 - 000139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2018-10-04 19:44 - 2018-10-04 19:44 - 042832888 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2009-12-29 13:31 - 2009-12-29 13:31 - 000132384 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2018-11-06 10:17 - 2018-11-06 10:17 - 000719360 _____ () C:\Users\chavel\AppData\Local\Temp\is-63OE9.tmp\gw2psy0nl13.tmp
2018-11-06 10:17 - 2008-10-15 16:44 - 000205312 _____ () C:\Users\chavel\AppData\Local\Temp\is-3UQTQ.tmp\itdownload.dll
2018-11-06 10:17 - 2018-11-06 10:17 - 000089088 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\_ctypes.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000069120 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\bz2.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000992256 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\_hashlib.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000098816 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\win32api.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000110080 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\pywintypes27.dll
2018-11-06 10:17 - 2018-11-06 10:17 - 000364544 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\pythoncom27.dll
2018-11-06 10:17 - 2018-11-06 10:17 - 000686080 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\unicodedata.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000320512 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\win32com.shell.shell.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 001177088 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\wx._core_.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000806912 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\wx._gdi_.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000816640 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\wx._windows_.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 001067520 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\wx._controls_.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000733696 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\wx._misc_.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000736256 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\pysqlite2._sqlite.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000119808 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\win32file.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000108544 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\win32security.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000007168 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\hashobjs_ext.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000017920 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\thumbnails_ext.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000082432 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\usb_ext.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000046080 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\_socket.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 001311744 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\_ssl.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000013824 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\common.time34.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000018432 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\win32event.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000028160 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\windows.conditional.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000017408 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\windows.winwrap.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000094208 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\windows.volumes.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000167936 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\win32gui.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000135680 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\_elementtree.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000133632 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\pyexpat.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000038912 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\win32inet.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000077824 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\wx._html2.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000036864 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\_psutil_windows.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000525752 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\windows._cacheinvalidation.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000011264 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\win32crypt.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000218624 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\PIL._imaging.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000027648 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\_multiprocessing.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 004603392 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\cello.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000020480 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\_yappi.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000035840 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\win32process.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000024064 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\win32pipe.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000010240 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\select.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000025600 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\win32pdh.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000032256 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\windows.connectivity.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000060416 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\windows.device_monitor.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000017408 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\win32profile.pyd
2018-11-06 10:17 - 2018-11-06 10:17 - 000022528 _____ () C:\Users\chavel\AppData\Local\Temp\_MEI40843\win32ts.pyd
2016-12-28 20:57 - 2010-06-17 07:55 - 000123536 _____ () C:\Program Files\totalcmd\wcmzip32.dll
2016-12-28 20:57 - 2010-06-17 07:55 - 000165376 _____ () C:\Program Files\totalcmd\unRAR.dll
2018-11-01 08:48 - 2018-10-23 22:45 - 004238168 _____ () C:\Program Files\Google\Chrome\Application\70.0.3538.77\libglesv2.dll
2018-11-01 08:48 - 2018-10-23 22:45 - 000096600 _____ () C:\Program Files\Google\Chrome\Application\70.0.3538.77\libegl.dll
2018-11-06 10:42 - 2016-10-08 16:48 - 001506304 _____ () C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2018-11-06 10:42 - 2016-07-21 10:54 - 000137728 _____ () C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2006-10-26 21:30 - 2006-10-26 21:30 - 000065312 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2008-06-11 22:32 - 2008-06-11 22:32 - 002666496 _____ () C:\Program Files\Adobe\Acrobat 9.0\PDFMaker\Common\AdobePDFMakerX.dll
2006-10-27 15:35 - 2006-10-27 15:35 - 000436512 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2006-10-26 13:56 - 2006-10-26 13:56 - 000757008 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4179066704-3577799771-3630154625-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-4179066704-3577799771-3630154625-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2018-10-17 13:21 - 000000868 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4179066704-3577799771-3630154625-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\chavel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.44.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{FA1E312F-6472-4657-B17B-57ADF1A93B42}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{BE88E8C2-7AA6-4378-BDCA-4ECC53DC75D7}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{BF571656-88B1-4D55-A96D-88285AF17B5D}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [TCP Query User{64CBDF45-64DE-438E-9414-E2871A78FCB2}C:\users\chavel\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\chavel\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe
FirewallRules: [UDP Query User{4C4BB429-0472-45A2-BD60-4CA234E461BB}C:\users\chavel\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\chavel\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe
FirewallRules: [{86FB77F4-1D65-4EF9-8F78-760E59078E4C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{14FC3489-7707-461C-88CB-6B1391AD5484}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{3BFB2334-520A-4965-BA79-3C7AA7C57BE0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{F147754A-9E89-4E70-A02C-B41F1B30E25F}] => (Allow) C:\Users\chavel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E89625FE-892D-4119-B4D1-F6AD981ADFA2}] => (Allow) C:\Users\chavel\AppData\Roaming\uTorrent\uTorrent.exe

==================== Restore Points =========================

02-09-2018 23:00:00 Scheduled Checkpoint
09-09-2018 23:00:01 Scheduled Checkpoint
16-09-2018 23:00:01 Scheduled Checkpoint
23-09-2018 23:00:02 Scheduled Checkpoint
01-10-2018 23:00:00 Scheduled Checkpoint
09-10-2018 23:00:01 Scheduled Checkpoint
16-10-2018 23:00:01 Scheduled Checkpoint
24-10-2018 23:00:01 Scheduled Checkpoint
01-11-2018 00:00:01 Scheduled Checkpoint
06-11-2018 09:29:23 Installed PDF2Text Pilot
06-11-2018 09:30:57 Removed PDF2Text Pilot
06-11-2018 10:42:29 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215

==================== Faulty Device Manager Devices =============

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/06/2018 10:47:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: a3.exe, version: 0.0.0.0, time stamp: 0x5be0434f
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x004500a9
Faulting process id: 0x1a5c
Faulting application start time: 0x01d475b5c4852d32
Faulting application path: C:\Users\chavel\AppData\Local\Temp\r0l3erlc0vw\a3.exe
Faulting module path: unknown
Report Id: 06b19459-e1a9-11e8-93a6-70f395a1e66b

Error: (11/06/2018 10:42:30 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service Quoteex since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (11/06/2018 10:42:30 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service MicroV2Service since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (11/06/2018 10:42:30 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service CRMSvc since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (11/06/2018 10:42:30 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service Background Logic Handler since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (11/06/2018 10:26:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.23537, time stamp: 0x57c44cc4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x03672353
Faulting process id: 0x780
Faulting application start time: 0x01d475b185f6211c
Faulting application path: C:\Windows\Explorer.EXE
Faulting module path: unknown
Report Id: 1b546a0f-e1a6-11e8-93a6-70f395a1e66b

Error: (11/06/2018 10:17:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/06/2018 10:09:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 70.0.3538.77, time stamp: 0x5bceaad0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x770a4e93
Faulting process id: 0x20bc
Faulting application start time: 0x01d475b059e52838
Faulting application path: C:\Program Files\Google\Chrome\Application\chrome.exe
Faulting module path: unknown
Report Id: 99648dc7-e1a3-11e8-ba68-70f395a1e66b


System errors:
=============
Error: (11/06/2018 10:47:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CRMSvc service failed to start due to the following error:
The system cannot find the path specified.

Error: (11/06/2018 10:18:44 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Background Logic Handler service hung on starting.

Error: (11/06/2018 10:17:20 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:16:09 AM on ‎11/‎6/‎2018 was unexpected.

Error: (11/06/2018 09:12:31 AM) (Source: BTHUSB) (EventID: 16) (User: )
Description: The mutual authentication between the local Bluetooth adapter and a device with Bluetooth adapter address (d8:32:e3:a9:6b:9f) failed.

Error: (11/06/2018 09:11:22 AM) (Source: BTHUSB) (EventID: 16) (User: )
Description: The mutual authentication between the local Bluetooth adapter and a device with Bluetooth adapter address (d8:32:e3:a9:6b:9f) failed.

Error: (11/06/2018 09:10:57 AM) (Source: BTHUSB) (EventID: 16) (User: )
Description: The mutual authentication between the local Bluetooth adapter and a device with Bluetooth adapter address (d8:32:e3:a9:6b:9f) failed.

Error: (11/06/2018 09:10:47 AM) (Source: BTHUSB) (EventID: 16) (User: )
Description: The mutual authentication between the local Bluetooth adapter and a device with Bluetooth adapter address (d8:32:e3:a9:6b:9f) failed.

Error: (09/25/2018 11:14:59 AM) (Source: BTHUSB) (EventID: 16) (User: )
Description: The mutual authentication between the local Bluetooth adapter and a device with Bluetooth adapter address (d8:32:e3:a9:6b:9f) failed.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 450 @ 2.40GHz
Percentage of memory in use: 90%
Total physical RAM: 2991.43 MB
Available physical RAM: 281.35 MB
Total Virtual: 5981.18 MB
Available Virtual: 3126.42 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:184.02 GB) (Free:136.97 GB) NTFS
Drive h: (pojištění) (Fixed) (Total:39.06 GB) (Free:9.14 GB) NTFS

\\?\Volume{6e828643-cd7e-11e6-99b7-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 34EB483A)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=184 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=39.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24.10.2018
Ran by chavel (administrator) on CHAVEL-PC (06-11-2018 11:07:31)
Running from C:\Users\chavel\Downloads
Loaded Profiles: chavel (Available Profiles: chavel)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\stacsv.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\AEstSrv.exe
() C:\Windows\Temp\_avast_\unp223246228.tmp
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.EXE
(TODO: <Company name>) C:\Windows\Temp\_avast_\unp237392214.tmp
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(File Handler) C:\Windows\Temp\_avast_\unp237517514.tmp
(File Handler) C:\Windows\Temp\_avast_\unp223195549.tmp
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Brother Industries, Ltd.) C:\Program Files\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files\BrownyInd\Brother\BrIndicator.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Text ) C:\Users\chavel\AppData\Roaming\2m3lnjyob1c\gw2psy0nl13.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Users\chavel\AppData\Local\Temp\is-63OE9.tmp\gw2psy0nl13.tmp
() C:\Program Files\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PRIVACYICONCLIENT.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Brother Industries, Ltd.) C:\Program Files\Browny02\BrYNSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [QLBController] => C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-03-01] (Hewlett-Packard Company)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-17] (IDT, Inc.)
HKLM\...\Run: [IMSS] => C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111640 2010-03-04] ()
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2010-01-08] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-09-24] (AVAST Software)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM\...\Run: [BrStsMon00] => C:\Program Files\Browny02\Brother\BrStMonW.exe [4509184 2012-12-27] (Brother Industries, Ltd.)
HKLM\...\Run: [BrStsInd00] => C:\Program Files\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.)
HKLM\...\Run: [Multitimer] => C:\Program Files\Multitimer\Multitimer.exe [281600 2017-12-12] ()
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare)
HKLM\...\RunOnce: [SBrowserCheck] => C:\ProgramData\Avast Software\Avast\SecureBrowser\avast_browser_setup_checker.exe [4788840 2018-04-05] ()
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4179066704-3577799771-3630154625-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [42832888 2018-10-04] ()
HKU\S-1-5-21-4179066704-3577799771-3630154625-1000\...\Run: [uTorrent] => C:\Users\chavel\AppData\Roaming\uTorrent\uTorrent.exe [1991608 2018-11-06] (BitTorrent Inc.)
HKU\S-1-5-21-4179066704-3577799771-3630154625-1000\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-4179066704-3577799771-3630154625-1000\...\Run: [1E5YL5L9P6941LD] => "C:\Program Files\3Y95KSW6HE\3Y95KSW6H.exe"
HKU\S-1-5-21-4179066704-3577799771-3630154625-1000\...\Run: [7358555] => C:\Users\chavel\AppData\Roaming\2m3lnjyob1c\gw2psy0nl13.exe [497897 2018-11-06] (Text )
HKU\S-1-5-21-4179066704-3577799771-3630154625-1000\...\MountPoints2: {6e828647-cd7e-11e6-99b7-806e6f6e6963} - D:\SWSETUP\APPINSTL\hpsoftwaresetup.exe
AppInit_DLLs: C:\ProgramData\Quoteex\Condox.dll => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-12-28]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\chavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-02-28]
ShortcutTarget: MEGAsync.lnk -> C:\Users\chavel\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\chavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2018-11-06]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\chavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbuhjcti.lnk [2018-11-06]
ShortcutTarget: tbuhjcti.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
BootExecute: autocheck autochk * aswBoot.exe /M:1771d907 /dir:"C:\Program Files\AVAST Software\Avast"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.44.1
Tcpip\..\Interfaces\{761C487B-4F21-456B-A108-09DE23807A13}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{FE8BCDC1-14C0-4585-BB5B-9658AA84EF5E}: [DhcpNameServer] 192.168.44.1

Internet Explorer:
==================
HKU\S-1-5-21-4179066704-3577799771-3630154625-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHoTG1nEZQLY5WthBvIicd81A9SsG3aZ83dz9OG4mFGgHhTTdI4I54Pw4KRSYYrMmd0NATVOqGqNhNtGRgGRf07y3Ecaxf4HYrxXohBviCiEBxqDK-0ygg1XmS9E_KKrLXSOBlSx_p4EOQfF68XY1FbmKxrSNl4Oemz1gTFdfw,,&q={searchTerms}
HKU\S-1-5-21-4179066704-3577799771-3630154625-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHoTG1nEZQLY5WthBvIicd81A9SsG3aZ83dz9OG4mFGgHhTTdI4I54Pw4KRSYYrMmd0NATVOqGqNhNtKgm8fxewFsSuUDLcm-6bsvsLwBDpu9J_Rjntz1ok3TQL7mLnAWXjb40XxpdNpmcBjtNo9KN5AzAqAMe23r2viV3PdIw,,
SearchScopes: HKLM -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHoTG1nEZQLY5WthBvIicd81A9SsG3aZ83dz9OG4mFGgHhTTdI4I54Pw4KRSYYrMmd0NATVOqGqNhNtGRgGRf07y3Ecaxf4HYrxXohBviCiEBxqDK-0ygg1XmS9E_KKrLXSOBlSx_p4EOQfF68XY1FbmKxrSNl4Oemz1gTFdfw,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4179066704-3577799771-3630154625-1000 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10454__181106&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4179066704-3577799771-3630154625-1000 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHoTG1nEZQLY5WthBvIicd81A9SsG3aZ83dz9OG4mFGgHhTTdI4I54Pw4KRSYYrMmd0NATVOqGqNhNtGRgGRf07y3Ecaxf4HYrxXohBviCiEBxqDK-0ygg1XmS9E_KKrLXSOBlSx_p4EOQfF68XY1FbmKxrSNl4Oemz1gTFdfw,,&q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
DPF: {62789780-B744-11D0-986B-00609731A21D} hxxps://mapa.katasterportal.sk/kapor2/lib/mgaxctrl.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-22] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-22] (Google Inc.)

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Adaware Secure
CHR Profile: C:\Users\chavel\AppData\Local\Google\Chrome\User Data\Default [2018-11-06]
CHR Extension: (Google Translate) - C:\Users\chavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-10-25]
CHR Extension: (Slides) - C:\Users\chavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-06]
CHR Extension: (Docs) - C:\Users\chavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-06]
CHR Extension: (Google Drive) - C:\Users\chavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-28]
CHR Extension: (YouTube) - C:\Users\chavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-28]
CHR Extension: (Sheets) - C:\Users\chavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-06]
CHR Extension: (AdBlock) - C:\Users\chavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-11-01]
CHR Extension: (Avast Online Security) - C:\Users\chavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-15]
CHR Extension: (crxMouse Chrome™ Gestures) - C:\Users\chavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2018-10-18]
CHR Extension: (Adaware Secure) - C:\Users\chavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj [2018-11-06]
CHR Extension: (Bazz Search) - C:\Users\chavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh [2018-11-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\chavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-09]
CHR Extension: (Gmail) - C:\Users\chavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-28]
CHR Extension: (Chrome Media Router) - C:\Users\chavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-06]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4179066704-3577799771-3630154625-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6488376 2018-09-24] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-09-24] (AVAST Software)
R3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2016-12-28] (Macrovision Europe Ltd.) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-03-01] (Hewlett-Packard Company)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe [229458 2010-03-17] (IDT, Inc.)
R2 vcsFPService; C:\Windows\system32\vcsFPService.exe [1664304 2010-02-18] (Validity Sensors, Inc.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167552 2018-09-24] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188336 2018-09-24] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [164944 2018-09-24] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284320 2018-09-24] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57968 2018-09-24] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [196008 2018-09-24] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42808 2018-09-24] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [39784 2017-09-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135376 2018-09-24] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [101056 2018-09-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [73264 2018-09-24] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784112 2018-09-24] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [396536 2018-09-24] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [165928 2018-09-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [311328 2018-09-24] (AVAST Software)
R2 risdpcie; C:\Windows\System32\DRIVERS\risdpe86.sys [47616 2009-10-28] (REDC)
R2 rixdpcie; C:\Windows\System32\DRIVERS\rixdpe86.sys [38912 2009-12-11] (REDC)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-06 11:07 - 2018-11-06 11:07 - 001774592 _____ (Farbar) C:\Users\chavel\Downloads\FRST.exe
2018-11-06 11:07 - 2018-11-06 11:07 - 000019447 _____ C:\Users\chavel\Downloads\FRST.txt
2018-11-06 11:07 - 2018-11-06 11:07 - 000000000 ____D C:\FRST
2018-11-06 10:44 - 2018-11-06 10:44 - 000000044 _____ C:\sdk.cf
2018-11-06 10:43 - 2018-11-06 10:44 - 000000000 ____D C:\ProgramData\Wondershare
2018-11-06 10:42 - 2018-11-06 10:43 - 000000000 ____D C:\Users\chavel\AppData\Roaming\Wondershare
2018-11-06 10:42 - 2018-11-06 10:42 - 000001250 _____ C:\Users\Public\Desktop\PDFelement 6 Pro.lnk
2018-11-06 10:42 - 2018-11-06 10:42 - 000000000 ____D C:\Users\chavel\AppData\Local\Wondershare
2018-11-06 10:42 - 2018-11-06 10:42 - 000000000 ____D C:\ProgramData\PDFelement 6 Pro
2018-11-06 10:42 - 2018-11-06 10:42 - 000000000 ____D C:\ProgramData\Package Cache
2018-11-06 10:42 - 2018-11-06 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2018-11-06 10:42 - 2018-11-06 10:42 - 000000000 ____D C:\Program Files\Common Files\Wondershare
2018-11-06 10:42 - 2017-10-19 10:17 - 000228864 _____ (Wondershare Software) C:\Windows\system32\WSPDFelementMonitor.dll
2018-11-06 10:41 - 2018-11-06 10:41 - 000000000 ____D C:\Program Files\Wondershare
2018-11-06 10:41 - 2018-10-25 17:23 - 011011136 _____ C:\Windows\system32\WSPECRT.dll
2018-11-06 10:32 - 2018-11-06 10:42 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2018-11-06 10:31 - 2018-11-06 10:31 - 000986728 _____ C:\Users\chavel\Downloads\pdfelement6-pro_setup_full2990.exe
2018-11-06 10:20 - 2018-11-06 10:20 - 000000000 ___HD C:\$AV_ASW
2018-11-06 10:16 - 2018-11-06 10:47 - 000000000 ____D C:\Users\chavel\AppData\Roaming\CRMSvc
2018-11-06 10:16 - 2018-11-06 10:28 - 000000000 ____D C:\Program Files\FastDataX
2018-11-06 10:16 - 2018-11-06 10:16 - 000000000 ____D C:\ProgramData\9c568996-75d3-1
2018-11-06 10:16 - 2018-11-06 10:16 - 000000000 ____D C:\ProgramData\9c568996-0cc7-0
2018-11-06 10:15 - 2018-11-06 10:15 - 000000000 ____D C:\Users\chavel\AppData\Roaming\2m3lnjyob1c
2018-11-06 10:15 - 2018-11-06 10:15 - 000000000 ____D C:\Program Files\Multitimer
2018-11-06 10:14 - 2018-11-06 10:21 - 000000000 ____D C:\Program Files\Sound
2018-11-06 10:14 - 2018-11-06 10:14 - 000000000 ____D C:\Users\chavel\AppData\Roaming\Mozilla
2018-11-06 10:13 - 2018-11-06 10:13 - 000000000 ____D C:\Program Files\Common Files\X-dom
2018-11-06 10:12 - 2018-11-06 10:57 - 000000000 ____D C:\ProgramData\Quoteex
2018-11-06 10:12 - 2018-11-06 10:21 - 000000000 ____D C:\ProgramData\Logic Cramble
2018-11-06 10:12 - 2018-11-06 10:13 - 000015606 _____ C:\Windows\system32\findit.xml
2018-11-06 10:12 - 2018-11-06 10:12 - 007800320 _____ C:\Users\chavel\AppData\Local\agent.dat
2018-11-06 10:12 - 2018-11-06 10:12 - 002020460 _____ C:\Users\chavel\AppData\Local\Zotron.tst
2018-11-06 10:12 - 2018-11-06 10:12 - 001895381 _____ C:\Users\chavel\AppData\Local\Zaamqvocom.bin
2018-11-06 10:12 - 2018-11-06 10:12 - 000278510 _____ C:\Users\chavel\AppData\Local\S-Zunla.tst
2018-11-06 10:12 - 2018-11-06 10:12 - 000126464 _____ C:\Users\chavel\AppData\Local\noah.dat
2018-11-06 10:12 - 2018-11-06 10:12 - 000070896 _____ C:\Users\chavel\AppData\Local\Config.xml
2018-11-06 10:12 - 2018-11-06 10:12 - 000018432 _____ C:\Users\chavel\AppData\Local\Main.dat
2018-11-06 10:12 - 2018-11-06 10:12 - 000005568 _____ C:\Users\chavel\AppData\Local\md.xml
2018-11-06 10:12 - 2018-11-06 10:12 - 000000000 ____D C:\ProgramData\Quoteexs
2018-11-06 10:12 - 2018-11-06 10:10 - 001995264 _____ (TODO: <Company name>) C:\Users\chavel\AppData\Local\Zotron.exe
2018-11-06 10:11 - 2018-11-06 10:11 - 000722944 _____ C:\Users\chavel\AppData\Local\sham.db
2018-11-06 10:11 - 2018-11-06 10:11 - 000140800 _____ C:\Users\chavel\AppData\Local\installer.dat
2018-11-06 10:11 - 2018-11-06 10:11 - 000016416 _____ C:\Users\chavel\AppData\Local\InstallationConfiguration.xml
2018-11-06 10:11 - 2018-11-06 10:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-11-06 10:11 - 2018-11-06 10:10 - 001995264 _____ (TODO: <Company name>) C:\Users\chavel\AppData\Local\S-Zunla.exe
2018-11-06 10:10 - 2018-11-06 10:10 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2018-11-06 10:09 - 2018-11-06 10:16 - 000000362 _____ C:\Windows\Tasks\Updater_Online_Application.job
2018-11-06 10:09 - 2018-11-06 10:09 - 000000000 ____D C:\Users\chavel\AppData\Local\AdvinstAnalytics
2018-11-06 10:09 - 2018-11-06 10:09 - 000000000 ____D C:\Program Files\Microleaves
2018-11-06 10:08 - 2018-11-06 10:21 - 000000000 ____D C:\Users\chavel\AppData\Local\William
2018-11-06 10:08 - 2018-11-06 10:08 - 000000000 ____D C:\Users\chavel\AppData\Roaming\Microleaves
2018-11-06 10:03 - 2018-11-06 10:03 - 000000000 ____D C:\Users\chavel\Downloads\ABBYY FineReader 15.14.1.106.234 Enterprise Editions Full
2018-11-06 10:03 - 2018-11-06 10:03 - 000000000 ____D C:\Users\chavel\Downloads\ABBYY FineReader 12.5.101.483 Professional And Corporate Edition
2018-11-06 09:56 - 2018-11-06 09:56 - 000000000 ____D C:\Users\chavel\AppData\Local\Opera Software
2018-11-06 09:48 - 2018-11-06 10:29 - 000000000 ____D C:\Users\chavel\AppData\Roaming\uTorrent
2018-11-06 09:48 - 2018-11-06 09:48 - 000000000 ____D C:\Users\chavel\AppData\Roaming\Opera Software
2018-11-06 09:38 - 2018-11-06 09:38 - 000000000 ____D C:\Users\chavel\Documents\OneNote Notebooks
2018-11-06 09:30 - 2018-11-06 09:30 - 000000000 ____D C:\Users\chavel\AppData\Local\PDF2TextConverter
2018-11-06 09:29 - 2018-11-06 09:29 - 000000000 ____D C:\Program Files\Two Pilots
2018-10-15 09:31 - 2018-10-15 09:33 - 000000000 ____D C:\Users\chavel\AppData\Roaming\HandBrake
2018-10-15 09:31 - 2018-10-15 09:31 - 000000000 ____D C:\Users\chavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2018-10-15 09:31 - 2018-10-15 09:31 - 000000000 ____D C:\Users\chavel\AppData\Roaming\HandBrake Team
2018-10-15 09:31 - 2018-10-15 09:31 - 000000000 ____D C:\Program Files\HandBrake
2018-10-15 09:09 - 2018-10-15 09:10 - 000000000 ____D C:\Users\chavel\AppData\Local\Movavi
2018-10-15 09:09 - 2018-10-15 09:09 - 000005083 _____ C:\ProgramData\vfiakfjk.zeu
2018-10-15 09:09 - 2018-10-15 09:09 - 000000016 _____ C:\ProgramData\mntemp
2018-10-15 09:09 - 2018-10-15 09:09 - 000000000 ____D C:\Users\chavel\AppData\Local\ConverterAgent
2018-10-15 09:09 - 2018-10-15 09:09 - 000000000 ____D C:\Users\chavel\AppData\Local\converter

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-06 10:43 - 2016-12-28 20:32 - 000111656 _____ C:\Users\chavel\AppData\Local\GDIPFONTCACHEV1.DAT
2018-11-06 10:30 - 2016-12-28 22:17 - 000000000 ___RD C:\temp
2018-11-06 10:25 - 2009-07-14 05:34 - 000031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-06 10:25 - 2009-07-14 05:34 - 000031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-06 10:22 - 2010-11-20 22:01 - 000785302 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-06 10:22 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2018-11-06 10:17 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-06 10:13 - 2016-12-28 21:10 - 000002176 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-06 10:13 - 2016-12-28 20:27 - 000001405 _____ C:\Users\chavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-11-06 10:02 - 2017-09-26 06:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-11-06 09:14 - 2018-07-25 08:30 - 000000000 ____D C:\Users\chavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2018-10-29 01:00 - 2017-03-15 13:46 - 000000000 ____D C:\Users\chavel\AppData\Local\ElevatedDiagnostics

==================== Files in the root of some directories =======

2018-11-06 10:12 - 2018-11-06 10:12 - 007800320 _____ () C:\Users\chavel\AppData\Local\agent.dat
2018-11-06 10:12 - 2018-11-06 10:12 - 000070896 _____ () C:\Users\chavel\AppData\Local\Config.xml
2017-01-02 15:26 - 2017-01-02 15:26 - 000003584 _____ () C:\Users\chavel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-11-06 10:11 - 2018-11-06 10:11 - 000016416 _____ () C:\Users\chavel\AppData\Local\InstallationConfiguration.xml
2018-11-06 10:11 - 2018-11-06 10:11 - 000140800 _____ () C:\Users\chavel\AppData\Local\installer.dat
2018-05-22 08:04 - 2018-05-22 08:04 - 000004096 ____H () C:\Users\chavel\AppData\Local\keyfile3.drm
2018-11-06 10:12 - 2018-11-06 10:12 - 000018432 _____ () C:\Users\chavel\AppData\Local\Main.dat
2018-11-06 10:12 - 2018-11-06 10:12 - 000005568 _____ () C:\Users\chavel\AppData\Local\md.xml
2018-11-06 10:12 - 2018-11-06 10:12 - 000126464 _____ () C:\Users\chavel\AppData\Local\noah.dat
2018-11-06 10:11 - 2018-11-06 10:10 - 001995264 _____ (TODO: <Company name>) C:\Users\chavel\AppData\Local\S-Zunla.exe
2018-11-06 10:12 - 2018-11-06 10:12 - 000278510 _____ () C:\Users\chavel\AppData\Local\S-Zunla.tst
2018-11-06 10:11 - 2018-11-06 10:11 - 000722944 _____ () C:\Users\chavel\AppData\Local\sham.db
2018-11-06 10:13 - 2018-11-06 10:13 - 000032038 _____ () C:\Users\chavel\AppData\Local\uninstall_temp.ico
2018-11-06 10:12 - 2018-11-06 10:12 - 001895381 _____ () C:\Users\chavel\AppData\Local\Zaamqvocom.bin
2018-11-06 10:12 - 2018-11-06 10:10 - 001995264 _____ (TODO: <Company name>) C:\Users\chavel\AppData\Local\Zotron.exe
2018-11-06 10:12 - 2018-11-06 10:12 - 002020460 _____ () C:\Users\chavel\AppData\Local\Zotron.tst

Some files in TEMP:
====================
2018-11-06 10:16 - 2018-11-06 10:16 - 000549799 _____ () C:\Users\chavel\AppData\Local\Temp\48E7.tmp.exe
2013-05-10 06:10 - 2013-05-10 06:10 - 000785904 _____ () C:\Users\chavel\AppData\Local\Temp\DeltaTB.exe
2018-11-06 09:48 - 2018-11-06 09:48 - 001925192 ____N (Opera Software) C:\Users\chavel\AppData\Local\Temp\i4jct1ot.zdb.exe
2018-11-06 10:14 - 2018-11-06 10:15 - 000375522 _____ ( ) C:\Users\chavel\AppData\Local\Temp\pxyyv2fjvcc.exe
2018-11-05 22:01 - 2018-11-05 22:01 - 012317956 _____ () C:\Users\chavel\AppData\Local\Temp\setup.dll
2010-02-10 01:04 - 2010-02-10 01:04 - 001301118 ____R (Hewlett-Packard) C:\Users\chavel\AppData\Local\Temp\Setup.exe
2018-11-06 10:15 - 2018-11-06 10:15 - 000375522 _____ ( ) C:\Users\chavel\AppData\Local\Temp\wuepqugzkmo.exe
2017-03-29 06:47 - 2006-05-24 18:10 - 000455600 _____ (Macrovision Corporation) C:\Users\chavel\AppData\Local\Temp\_isC52D.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-04 00:46

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15214
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: prosím pomoc

#2 Příspěvek od JaRon »

ahoj,
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
() C:\Users\chavel\AppData\Local\Temp\is-63OE9.tmp\gw2psy0nl13.tmp
() C:\Windows\Temp\_avast_\unp223246228.tmp
(File Handler) C:\Windows\Temp\_avast_\unp237517514.tmp
(File Handler) C:\Windows\Temp\_avast_\unp223195549.tmp
(TODO: <Company name>) C:\Windows\Temp\_avast_\unp237392214.tmp
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
AppInit_DLLs: C:\ProgramData\Quoteex\Condox.dll => No File
HKU\S-1-5-21-4179066704-3577799771-3630154625-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%7 ... TFdfw,,&q={searchTerms}
HKU\S-1-5-21-4179066704-3577799771-3630154625-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72 ... 2viV3PdIw,,
SearchScopes: HKLM -> DefaultScope {ielnksrch} URL = 
SearchScopes: HKLM -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%7 ... TFdfw,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4179066704-3577799771-3630154625-1000 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/resul ... _181106&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4179066704-3577799771-3630154625-1000 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%7 ... TFdfw,,&q={searchTerms}
2018-11-06 10:16 - 2018-11-06 10:16 - 000549799 _____ () C:\Users\chavel\AppData\Local\Temp\48E7.tmp.exe
2013-05-10 06:10 - 2013-05-10 06:10 - 000785904 _____ () C:\Users\chavel\AppData\Local\Temp\DeltaTB.exe
2018-11-06 09:48 - 2018-11-06 09:48 - 001925192 ____N (Opera Software) C:\Users\chavel\AppData\Local\Temp\i4jct1ot.zdb.exe
2018-11-06 10:14 - 2018-11-06 10:15 - 000375522 _____ ( ) C:\Users\chavel\AppData\Local\Temp\pxyyv2fjvcc.exe
2018-11-05 22:01 - 2018-11-05 22:01 - 012317956 _____ () C:\Users\chavel\AppData\Local\Temp\setup.dll
2010-02-10 01:04 - 2010-02-10 01:04 - 001301118 ____R (Hewlett-Packard) C:\Users\chavel\AppData\Local\Temp\Setup.exe
2018-11-06 10:15 - 2018-11-06 10:15 - 000375522 _____ ( ) C:\Users\chavel\AppData\Local\Temp\wuepqugzkmo.exe
2017-03-29 06:47 - 2006-05-24 18:10 - 000455600 _____ (Macrovision Corporation) C:\Users\chavel\AppData\Local\Temp\_isC52D.exe



EmptyTemp:
Reboot:
End
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

:arrow: Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

:arrow: Restart PC a dejte mi sem fixlog.txt
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
vita007
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 04 led 2011 16:50

Re: prosím pomoc

#3 Příspěvek od vita007 »

Fix result of Farbar Recovery Scan Tool (x86) Version: 24.10.2018
Ran by chavel (06-11-2018 12:15:34) Run:1
Running from C:\temp\frst
Loaded Profiles: chavel (Available Profiles: chavel)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
() C:\Users\chavel\AppData\Local\Temp\is-63OE9.tmp\gw2psy0nl13.tmp
() C:\Windows\Temp\_avast_\unp223246228.tmp
(File Handler) C:\Windows\Temp\_avast_\unp237517514.tmp
(File Handler) C:\Windows\Temp\_avast_\unp223195549.tmp
(TODO: <Company name>) C:\Windows\Temp\_avast_\unp237392214.tmp
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
AppInit_DLLs: C:\ProgramData\Quoteex\Condox.dll => No File
HKU\S-1-5-21-4179066704-3577799771-3630154625-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%7 ... TFdfw,,&q={searchTerms}
HKU\S-1-5-21-4179066704-3577799771-3630154625-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72 ... 2viV3PdIw,,
SearchScopes: HKLM -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%7 ... TFdfw,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4179066704-3577799771-3630154625-1000 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/resul ... _181106&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4179066704-3577799771-3630154625-1000 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%7 ... TFdfw,,&q={searchTerms}
2018-11-06 10:16 - 2018-11-06 10:16 - 000549799 _____ () C:\Users\chavel\AppData\Local\Temp\48E7.tmp.exe
2013-05-10 06:10 - 2013-05-10 06:10 - 000785904 _____ () C:\Users\chavel\AppData\Local\Temp\DeltaTB.exe
2018-11-06 09:48 - 2018-11-06 09:48 - 001925192 ____N (Opera Software) C:\Users\chavel\AppData\Local\Temp\i4jct1ot.zdb.exe
2018-11-06 10:14 - 2018-11-06 10:15 - 000375522 _____ ( ) C:\Users\chavel\AppData\Local\Temp\pxyyv2fjvcc.exe
2018-11-05 22:01 - 2018-11-05 22:01 - 012317956 _____ () C:\Users\chavel\AppData\Local\Temp\setup.dll
2010-02-10 01:04 - 2010-02-10 01:04 - 001301118 ____R (Hewlett-Packard) C:\Users\chavel\AppData\Local\Temp\Setup.exe
2018-11-06 10:15 - 2018-11-06 10:15 - 000375522 _____ ( ) C:\Users\chavel\AppData\Local\Temp\wuepqugzkmo.exe
2017-03-29 06:47 - 2006-05-24 18:10 - 000455600 _____ (Macrovision Corporation) C:\Users\chavel\AppData\Local\Temp\_isC52D.exe



EmptyTemp:
Reboot:
End
*****************

[1732] C:\Users\chavel\AppData\Local\Temp\is-63OE9.tmp\gw2psy0nl13.tmp => process closed successfully.
[2064] C:\Windows\Temp\_avast_\unp223246228.tmp => process closed successfully.
[3356] C:\Windows\Temp\_avast_\unp237517514.tmp => process closed successfully.
[3448] C:\Windows\Temp\_avast_\unp223195549.tmp => process closed successfully.
[2456] C:\Windows\Temp\_avast_\unp237392214.tmp => process closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
"C:\ProgramData\Quoteex\Condox.dll" => Value data removed successfully.
HKU\S-1-5-21-4179066704-3577799771-3630154625-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-4179066704-3577799771-3630154625-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ielnksrch => removed successfully.
HKLM\Software\Classes\CLSID\ielnksrch => not found
HKU\S-1-5-21-4179066704-3577799771-3630154625-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9} => removed successfully.
HKLM\Software\Classes\CLSID\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9} => not found
HKU\S-1-5-21-4179066704-3577799771-3630154625-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} => removed successfully.
HKLM\Software\Classes\CLSID\{ielnksrch} => not found
C:\Users\chavel\AppData\Local\Temp\48E7.tmp.exe => moved successfully
C:\Users\chavel\AppData\Local\Temp\DeltaTB.exe => moved successfully
C:\Users\chavel\AppData\Local\Temp\i4jct1ot.zdb.exe => moved successfully
C:\Users\chavel\AppData\Local\Temp\pxyyv2fjvcc.exe => moved successfully
C:\Users\chavel\AppData\Local\Temp\setup.dll => moved successfully
C:\Users\chavel\AppData\Local\Temp\Setup.exe => moved successfully
C:\Users\chavel\AppData\Local\Temp\wuepqugzkmo.exe => moved successfully
C:\Users\chavel\AppData\Local\Temp\_isC52D.exe => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25762963 B
Java, Flash, Steam htmlcache => 379 B
Windows/system/drivers => 17071635 B
Edge => 0 B
Chrome => 804116282 B
Firefox => 0 B
Opera => 19328516 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16674 B
LocalService => 0 B
NetworkService => 0 B
chavel => 1098449867 B

RecycleBin => 3584702415 B
EmptyTemp: => 5.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:17:33 ====
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15214
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: prosím pomoc

#4 Příspěvek od JaRon »

podstatnu cast smejdov sme zmazali, teraz skontroluj PC s CureIT https://forum.viry.cz/viewtopic.php?f=29&t=151000
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
vita007
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 04 led 2011 16:50

Re: prosím pomoc

#5 Příspěvek od vita007 »

ahoj, vše spraveno, posílám na účet 190 CZK. Moc děkuji.
:thumbsup:
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15214
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: prosím pomoc

#6 Příspěvek od JaRon »

Ahoj,
to ma tesi a dakujeme
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“