Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

zmizelé ikony na ploše

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
ubas
Návštěvník
Návštěvník
Příspěvky: 182
Registrován: 26 pro 2007 09:20

zmizelé ikony na ploše

#1 Příspěvek od ubas »

Prosím o kontrolu logu,na ploše ikony jsou ale všechny jen bílé,zmizelo také celé nastavení firefoxu i se všema záložkama.Děkuji za pomoc
.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.02.2019
Ran by Lubas (10-02-2019 20:24:54)
Running from C:\Users\Lubas\Desktop
Windows 10 Pro Version 1809 17763.253 (X64) (2018-12-28 07:19:39)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4036211943-1065916901-1247789584-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4036211943-1065916901-1247789584-503 - Limited - Disabled)
Guest (S-1-5-21-4036211943-1065916901-1247789584-501 - Limited - Disabled)
Lubas (S-1-5-21-4036211943-1065916901-1247789584-1001 - Administrator - Enabled) => C:\Users\Lubas
WDAGUtilityAccount (S-1-5-21-4036211943-1065916901-1247789584-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Microsoft Office Proofing Tools 2016“ – lietuvių k. (HKLM\...\{90160000-001F-0427-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ACDSee Ultimate 10 (64-bit) (HKLM\...\{F1BD782B-A54A-4BC1-9A4E-CF64CFF019BD}) (Version: 10.4.0.912 - ACD Systems International Inc.)
Acronis Disk Director (HKLM-x32\...\{AE372858-B1BD-49EF-8308-648322846008}) (Version: 12.0.3270 - Acronis)
adobe (HKLM\...\{EFEEDD53-78B7-4133-BC99-D2F2FF9180C3}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Audition 2.0 (HKLM-x32\...\Adobe Audition 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Audition 3.0 (HKLM-x32\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Audition CC 2018 (HKLM-x32\...\AUDT_11_1_1) (Version: 11.1.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2019 (HKLM-x32\...\PPRO_13_0_2) (Version: 13.0.2 - Adobe Systems Incorporated)
Aktualizace NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
Alati za jezičnu provjeru u sustavu Microsoft Office 2016 - hrvatski (HKLM\...\{90160000-001F-041A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Aslain's WoT Modpack verze 1.4.0.0.06 (HKLM-x32\...\Aslains_WoT_Modpack_Installer_is1) (Version: 1.4.0.0.06 - Aslain)
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
Avast Pro Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
Công cụ Soát lỗi Microsoft Office 2016 - Tiếng Việt (HKLM\...\{90160000-001F-042A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Cool Edit Pro 2.0 (HKLM-x32\...\Cool Edit Pro 2.0) (Version: - )
CrystalDiskInfo 8.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.0.0 - Crystal Dew World)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 418.81 - NVIDIA Corporation) Hidden
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de Verificação do Microsoft Office 2016 - Português (HKLM\...\{90160000-001F-0816-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
FFmpeg for Audacity on Windows (HKLM-x32\...\FFmpeg for Audacity on Windows_is1) (Version: - )
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.37.5298 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
I-Microsoft Office Proofing Tools 2016 - IsiZulu (HKLM\...\{90160000-001F-0435-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Innealan-dearbhaidh Microsoft Office 2016 - Gàidhlig (HKLM\...\{90160000-001F-0491-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Instrumente de verificare Microsoft Office 2016 - Română (HKLM\...\{90160000-001F-0418-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Korrekturredskaber til Microsoft Office 2016 - Dansk (HKLM\...\{90160000-001F-0406-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (bokmål) (HKLM\...\{90160000-001F-0414-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (nynorsk) (HKLM\...\{90160000-001F-0814-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - )
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2016 (HKLM\...\Office16.PROOFKIT) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4036211943-1065916901-1247789584-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft Project Professional 2016 (HKLM\...\Office16.PRJPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visio Professional 2016 (HKLM\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
MKVToolNix 31.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 31.0.0 - Moritz Bunkus)
Movavi Video Editor 15 (HKU\S-1-5-21-4036211943-1065916901-1247789584-1001\...\Movavi Video Editor 15) (Version: 15.0.1 - Movavi)
Mozilla Firefox 64.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 64.0 (x86 cs)) (Version: 64.0 - Mozilla)
Mozilla Firefox 65.0 (x64 cs) (HKLM\...\Mozilla Firefox 65.0 (x64 cs)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 8.0.0.8504 - MyHeritage.com)
Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (HKLM\...\{90160000-001F-0415-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 418.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 418.81 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 418.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 418.81 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0 (HKLM-x32\...\{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1) (Version: - Orban, Inc.)
Orodja za preverjanje za Microsoft Office 2016 – angleščina (HKLM\...\{90160000-001F-0424-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 418.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 418.81 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM\...\{90160000-001F-0410-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.55a - Ghisler Software GmbH)
Uirlisí Profála Microsoft Office 2016 - Gaeilge (HKLM\...\{90160000-001F-083C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Veglat e kontrollit gjuhësor të Microsoft Office 2016 - shqip (HKLM\...\{90160000-001F-041C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.5 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-4036211943-1065916901-1247789584-1001\...\Wargaming.net Game Center) (Version: 18.9.1.3085 - Wargaming.net)
Windows 10 Codec Pack 2.1.4 (HKLM-x32\...\Windows 10 - Codec Pack) (Version: 2.1.4 - Windows 10 Codec Pack)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinRAR v.5.61 Full (HKLM-x32\...\WinRAR v.5.61 Full) (Version: v.5.61 Full - Libbi)
World of Tanks EU (HKU\S-1-5-21-4036211943-1065916901-1247789584-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2016 - Ελληνικά (HKLM\...\{90160000-001F-0408-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Засоби перевірки правопису Microsoft Office 2016 – українська (HKLM\...\{90160000-001F-0422-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (HKLM\...\{90160000-001F-0419-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
כלי ההגהה של Microsoft Office 2016 - עברית (HKLM\...\{90160000-001F-040D-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ابزارهای تصحیح Microsoft Office 2016 - فارسی (HKLM\...\{90160000-001F-0429-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4036211943-1065916901-1247789584-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-D249075163A3}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-4036211943-1065916901-1247789584-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-08-28] (ACD Systems International -> ACD Systems International Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {17A0042F-9521-4B42-886A-B23DB8FBC42E} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {28139513-CF47-4300-A88A-C6ACC47516B8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {44095062-D49B-4E6D-811C-67C9E2FAA6C4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4B0C185C-3C41-4588-B132-6AEFEBE4AF6C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {4BE7954A-5FF5-497B-9AD0-F6BB78A7D100} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-LCQNPPC-Lubas => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {6853A1A2-AA10-47EC-93A1-52C8FAD23F62} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6CA2D578-F0BC-46BA-A274-678D3E19B7CC} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8926F410-1F41-41FB-9937-2AE020973605} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8AA553D0-1C73-48E9-A77A-41FA8DB5EFB1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AF2E28B8-90B8-4655-B7FC-733E111869C9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {B10EDC0A-F88B-4070-BA90-21C0E6C54083} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated -> Adobe Inc.)
Task: {B3FC4A16-11F4-478F-BD41-D5B7CCA98052} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B86487D8-2686-45CC-B316-5D567678C7C3} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B8BE5478-A4CB-4D6C-809E-B2078DB703C7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C315321E-81E2-4629-A1CB-0BB0CBA0D0C8} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C37D1335-24C7-46D7-AEFC-F048606C9481} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {CD495759-6DC2-4D22-9309-F2374B1CD031} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D85FCCE7-F181-44C4-A1F4-95246B2303FE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {E895AA8E-C395-4759-8880-A14B8F873403} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F1C76D9F-F9A7-45FA-A064-C65C40C76025} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F2340D09-ED6A-4BD4-BA19-E850EBAC9F02} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {F24A73B7-8BF9-4157-A453-0A1B5593FEFA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F394A0B7-094D-403B-8635-ECFAFC9C7134} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-01-14 10:19 - 2019-02-09 15:47 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-12-28 08:57 - 2018-12-06 11:13 - 001314672 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000834088 _____ () C:\Windows\System32\InputHost.dll
2018-03-05 20:47 - 2018-03-05 20:47 - 000614848 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-28 10:57 - 2018-12-28 10:57 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 001740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-09-15 18:41 - 2018-09-15 18:41 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-01-31 15:12 - 2019-01-31 15:12 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-01-31 15:12 - 2019-01-31 15:12 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2019-01-10 15:48 - 2019-01-10 15:48 - 005172224 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\YourPhone.exe
2019-01-10 15:48 - 2019-01-10 15:48 - 002172928 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\YourPhone.AppCore.dll
2019-01-10 15:48 - 2019-01-10 15:48 - 001795584 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\PhoneContentDataStore.dll
2018-12-28 08:55 - 2018-12-28 08:56 - 001004032 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2019-01-10 15:48 - 2019-01-10 15:48 - 002907136 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\PhoneCommunicationAppService.dll
2019-02-08 19:19 - 2019-02-08 19:19 - 028028416 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-02-07 18:53 - 2019-02-07 18:53 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-12-28 08:57 - 2018-12-28 08:57 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-12-28 08:57 - 2018-12-28 08:57 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-02-07 18:53 - 2019-02-07 18:53 - 006033408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-02-07 18:53 - 2019-02-07 18:53 - 009338368 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-01-08 16:23 - 2019-01-08 16:23 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-08 16:23 - 2019-01-08 16:23 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-04-25 05:04 - 2018-12-28 11:23 - 003427272 _____ () C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe
2018-12-10 11:09 - 2018-12-10 11:09 - 000093648 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-12-28 08:52 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-28 08:52 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2019-01-31 15:11 - 2019-01-31 15:12 - 000282624 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-12-28 08:58 - 2018-12-28 08:58 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-31 15:11 - 2019-01-31 15:12 - 001757696 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2018-12-28 08:59 - 2018-12-28 08:59 - 004220928 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1811.3241.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-12-28 08:56 - 2018-12-28 08:56 - 004380232 _____ () C:\Program Files\WindowsApps\Microsoft.UI.Xaml.2.0_2.1810.18003.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-05 14:25 - 2018-11-05 14:25 - 000142888 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\fs-ext\build\Release\fs-ext.node
2018-11-05 14:25 - 2018-11-05 14:25 - 000278056 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2018-11-05 14:25 - 2018-11-05 14:25 - 000142888 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\ref\build\Release\binding.node
2018-11-05 14:25 - 2018-11-05 14:25 - 000152616 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\ffi\build\Release\ffi_bindings.node
2018-11-05 14:25 - 2018-11-05 14:25 - 000097320 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2018-11-05 14:25 - 2018-11-05 14:25 - 000110120 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\idle-gc\build\Release\idle-gc.node
2018-10-17 10:38 - 2018-10-17 10:38 - 000142872 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\fs-ext\build\Release\fs-ext.node
2018-10-17 10:38 - 2018-10-17 10:38 - 000142360 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\ref\build\Release\binding.node
2018-10-17 10:38 - 2018-10-17 10:38 - 000150552 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\ffi\build\Release\ffi_bindings.node
2018-10-17 10:37 - 2018-10-17 10:37 - 000271384 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2018-10-17 10:37 - 2018-10-17 10:37 - 000097816 _____ () C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2018-10-17 10:38 - 2018-10-17 10:38 - 000122392 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\bufferutil\build\Release\bufferutil.node
2018-10-17 10:38 - 2018-10-17 10:38 - 000110104 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\idle-gc\build\Release\idle-gc.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 08:31 - 2019-01-12 13:18 - 000000929 ____R C:\Windows\system32\drivers\etc\hosts

0.0.0.0 telemetry.malwarebytes.com
0.0.0.0 keystone.mwbsys.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\
HKU\S-1-5-21-4036211943-1065916901-1247789584-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lubas\AppData\Roaming\ACD Systems\ACDSee\ACD Wallpaper.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B7CA76BD-6C94-4516-8338-33761516C032}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{638269C8-68AD-4D67-BC18-36DC792AE350}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C9C516C1-0203-40F8-9E7F-19492CA7E59C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FD7BB982-7702-4BF1-94EB-A15D97E53C5C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{478468AA-63CF-4B31-AF04-CF1D08A2E4CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E04E254A-B3ED-410B-AEC2-562790BB9476}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2DAFFE6F-6B3D-476F-934C-DEA23835AC17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DE07F22B-CF79-42C3-A38F-31423EFC33F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{908D87FF-8D53-4FC5-8C46-4F4874DA9D76}] => (Allow) C:\Users\Lubas\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.)
FirewallRules: [{E0ADE025-FEC3-4FD2-ABC0-5B21ACEFF74A}] => (Allow) C:\Users\Lubas\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.)
FirewallRules: [{EC72F5E4-7F07-4FCB-A30A-32740807379B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{15987BC8-34C2-4EA2-8D01-8FD6557B1F72}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{2F91E773-4F30-46A5-B085-A3111FD4A97D}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe No File
FirewallRules: [UDP Query User{4690542D-E892-4541-A0BC-A4174EF7AB59}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe No File
FirewallRules: [TCP Query User{81C89416-51CF-4FDF-A60A-F1BDE1B88506}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{7E8F5EE9-7FAD-45EC-A15F-7F893C69725E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{E873127D-928E-4928-8311-F71F0E102E6A}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{723FC698-4AFF-43CA-8495-7B881E360268}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{0BFBBB4B-60CE-456D-996D-4AF206F89D5F}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6A06E406-0485-4435-972A-C2ADEB488843}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2397DDE8-090D-4507-BAC0-F21CE4902CE8}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{05BCB91D-A531-4A8A-9C65-3753B988E847}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{85FAB074-3336-4738-B0F3-7951392C8F0B}G:\world_of_tanks_eu\worldoftanks.exe] => (Allow) G:\world_of_tanks_eu\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{A39A1A9B-1C1A-4447-93DB-054971F19639}G:\world_of_tanks_eu\worldoftanks.exe] => (Allow) G:\world_of_tanks_eu\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{3AADC0C8-E058-452B-9CA5-D9BFB8964D02}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{22792381-F47A-4A64-B8EF-901ABF49F5E1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{AB59F0E7-1ED2-401B-B086-82CED66C1DB0}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{7169D9C5-DFD0-4BF1-84E7-49DA2A334970}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{096ED0CF-864B-4AAD-B585-A2E71A33A02E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{D446705C-24B0-4B8A-B8BE-98C1168EE751}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{4718633F-3F44-464C-BB4B-84C375003694}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

18-01-2019 22:12:21 Naplánovaný kontrolní bod
28-01-2019 22:11:30 Naplánovaný kontrolní bod
08-02-2019 20:55:20 Naplánovaný kontrolní bod
10-02-2019 20:17:04 Removed Apple Software Update

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/10/2019 03:32:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program AvastUI.exe verze 19.1.4142.454 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1040

Čas spuštění: 01d4c11db9540b1e

Čas ukončení: 21193

Cesta k aplikaci: C:\Program Files\AVAST Software\Avast\AvastUI.exe

ID hlášení: 2089b23f-16de-4c24-912a-517950a2491d

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (02/10/2019 03:04:01 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\Windows\system32\sysmain.dll (kód chyby Win32 126).

Error: (02/10/2019 01:17:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.17763.1, časové razítko: 0x5b9c8bd8
Název chybujícího modulu: Windows.UI.ActionCenter.dll, verze: 10.0.17763.194, časové razítko: 0x5c061bbd
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000008fbaf
ID chybujícího procesu: 0x9c4
Čas spuštění chybující aplikace: 0x01d4c11db1758366
Cesta k chybující aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\Windows\ShellExperiences\Windows.UI.ActionCenter.dll
ID zprávy: 2c591268-e47e-4fed-9f5d-d91aca0e4b01
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App

Error: (02/08/2019 07:17:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://ctldl.windowsupdate.com/msdownlo ... ootstl.cab>. Došlo k chybě: Neplatné údaje.
.

Error: (02/08/2019 07:17:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://ctldl.windowsupdate.com/msdownlo ... ootstl.cab>. Došlo k chybě: Neplatné údaje.
.

Error: (02/08/2019 07:17:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://ctldl.windowsupdate.com/msdownlo ... ootstl.cab>. Došlo k chybě: Neplatné údaje.
.

Error: (02/08/2019 07:17:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://ctldl.windowsupdate.com/msdownlo ... ootstl.cab>. Došlo k chybě: Neplatné údaje.
.

Error: (02/08/2019 07:17:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://ctldl.windowsupdate.com/msdownlo ... ootstl.cab>. Došlo k chybě: Neplatné údaje.
.


System errors:
=============
Error: (02/10/2019 08:16:31 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-LCQNPPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-LCQNPPC\Lubas (SID: S-1-5-21-4036211943-1065916901-1247789584-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/10/2019 08:15:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/10/2019 08:15:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/10/2019 08:14:09 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba aswbIDSAgent skončila s následující chybou specifickou pro službu:
%%3758213659

Error: (02/10/2019 08:13:48 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\pfc.sys

Error: (02/10/2019 08:13:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AdobeUpdateService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/10/2019 08:13:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (02/10/2019 08:13:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.


CodeIntegrity:
===================================

Date: 2019-02-10 20:14:09.478
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-10 20:14:09.475
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-10 20:14:09.468
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-10 20:14:09.466
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-10 20:06:39.775
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-10 20:06:39.772
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-10 20:06:39.765
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-10 20:06:39.762
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 31%
Total physical RAM: 16312.05 MB
Available physical RAM: 11254.93 MB
Total Virtual: 18744.05 MB
Available Virtual: 11148.32 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.53 GB) (Free:384.08 GB) NTFS
Drive d: (DOWNLOAD) (Fixed) (Total:931.51 GB) (Free:354.65 GB) NTFS
Drive e: (MOVIES) (Fixed) (Total:931.51 GB) (Free:127.86 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (FILMY) (Fixed) (Total:931.51 GB) (Free:124.88 GB) NTFS
Drive g: (Games) (Fixed) (Total:111.79 GB) (Free:66.35 GB) NTFS

\\?\Volume{bd9813b6-a923-4af2-84f2-1c8f424e62b4}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{03043c13-706e-4084-ada9-2a0459533696}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: CE624EDC)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 447.1 GB) (Disk ID: 9105D0E6)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: B2F14EC0)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: B1357FBF)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (Size: 931.5 GB) (Disk ID: 0F72A5F5)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.02.2019
Ran by Lubas (administrator) on DESKTOP-LCQNPPC (10-02-2019 20:24:15)
Running from C:\Users\Lubas\Desktop
Loaded Profiles: Lubas (Available Profiles: Lubas)
Platform: Windows 10 Pro Version 1809 17763.253 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\YourPhone.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ACD Systems) C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(BitTorrent, Inc.) C:\Users\Lubas\AppData\Roaming\uTorrent\utorrent.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(MyHeritage) D:\MyHeritage\Bin\FTBCheckUpdates.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1811.3241.0_x64__8wekyb3d8bbwe\Calculator.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269352 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-08] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [ACUW10EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe [2157000 2018-12-28] (ACD Systems International -> ACD Systems) [File not signed]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM\...\Run: [Služba Acronis Scheduler2] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [383624 2015-12-25] (Acronis International GmbH -> Acronis)
HKLM-x32\...\Run: [Family Tree Builder Update] => D:\MyHeritage\Bin\FTBCheckUpdates.exe [17682608 2018-12-30] (MyHeritage (USA) Inc. -> MyHeritage)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-08] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [27648 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Winlogon [Shell] explorer.exe [3730352 2018-10-29] (Microsoft Windows -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4036211943-1065916901-1247789584-1001\...\Run: [uTorrent] => C:\Users\Lubas\AppData\Roaming\uTorrent\utorrent.exe [398760 2014-04-14] (uTorrent.CZ -> BitTorrent, Inc.)
HKU\S-1-5-21-4036211943-1065916901-1247789584-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4036211943-1065916901-1247789584-1001\...\Run: [ACDSeeCommanderUltimate10] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe [3427272 2018-12-28] (ACD Systems International -> )
HKU\S-1-5-21-4036211943-1065916901-1247789584-1001\...\Run: [Codec Pack Update Checker] => "C:\Windows\system32\Codecs\UpdateChecker.exe"
HKLM\...\Drivers32-x32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2017-12-08] ()
HKLM\...\Drivers32-x32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project)
HKLM\...\Drivers32-x32: [vidc.lags] => C:\Windows\SysWOW64\lagarith.dll [230080 2016-09-21] ( )
HKLM\...\Drivers32-x32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2013-12-17] (Packed With Joy !)
HKLM\...\Drivers32-x32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] ()
HKLM\...\Drivers32-x32: [msacm.avis] => C:\Windows\SysWOW64\ff_acm.acm [47616 2014-07-17] ()
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-28] (Google Inc -> Google Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{564c9276-e1b9-4797-bafe-e2f948797906}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-4036211943-1065916901-1247789584-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-17] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 8g88vksv.default
FF ProfilePath: C:\Users\Lubas\AppData\Roaming\Mozilla\Firefox\Profiles\8g88vksv.default [2019-02-10]
FF Homepage: Mozilla\Firefox\Profiles\8g88vksv.default -> hxxps://www.seznam.cz/?clid=22668
FF NewTab: Mozilla\Firefox\Profiles\8g88vksv.default -> about:newtab
FF SearchPlugin: C:\Users\Lubas\AppData\Roaming\Mozilla\Firefox\Profiles\8g88vksv.default\searchplugins\seznam-avast.xml [2019-02-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-08] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-12-20] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-08] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-01-30] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-01-30] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Lubas\AppData\Local\Google\Chrome\User Data\Default [2019-02-10]
CHR Extension: (Prezentace) - C:\Users\Lubas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-28]
CHR Extension: (Dokumenty) - C:\Users\Lubas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-28]
CHR Extension: (Disk Google) - C:\Users\Lubas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-28]
CHR Extension: (YouTube) - C:\Users\Lubas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-28]
CHR Extension: (chrome_filter) - C:\Users\Lubas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcmpcimhblobepnlhjlcbalhlloiejpb [2019-02-10]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Lubas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-05]
CHR Extension: (Tabulky) - C:\Users\Lubas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lubas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-28]
CHR Extension: (AdBlock) - C:\Users\Lubas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-02-09]
CHR Extension: (Avast Online Security) - C:\Users\Lubas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-01-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lubas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-28]
CHR Extension: (Gmail) - C:\Users\Lubas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-12-28]
CHR Extension: (Chrome Media Router) - C:\Users\Lubas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-28]
CHR Profile: C:\Users\Lubas\AppData\Local\Google\Chrome\User Data\System Profile [2019-02-10]
CHR Extension: (chrome_filter) - C:\Users\Lubas\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\dcmpcimhblobepnlhjlcbalhlloiejpb [2019-02-10]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2018-12-28] (Adobe Systems) [File not signed]
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-08] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-08] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-01-08] (AVAST Software s.r.o. -> AVAST Software)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381128 2019-01-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3830488 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [223056 2019-01-14] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [15488 2019-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-08] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-08] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166792 2019-01-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-08] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-08] (AVAST Software s.r.o. -> AVAST Software)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [261032 2019-02-10] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4aa19ae78d94d8a3\nvlddmkm.sys [20706184 2019-02-01] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2006-01-19] (Padus, Inc.) [File not signed]
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1122200 2018-08-30] (Realtek Semiconductor Corp. -> Realtek )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-10 20:24 - 2019-02-10 20:24 - 000023703 _____ C:\Users\Lubas\Desktop\FRST.txt
2019-02-10 20:24 - 2019-02-10 20:24 - 000000000 ____D C:\FRST
2019-02-10 20:23 - 2019-02-10 20:23 - 002434048 _____ (Farbar) C:\Users\Lubas\Desktop\FRST64.exe
2019-02-10 20:14 - 2019-02-10 20:14 - 000261032 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-02-10 20:12 - 2019-02-10 20:13 - 000000000 ____D C:\AdwCleaner
2019-02-10 20:10 - 2019-02-10 20:11 - 007316688 _____ (Malwarebytes) C:\Users\Lubas\Desktop\adwcleaner_7.2.7.0.exe
2019-02-10 15:34 - 2019-02-10 15:34 - 000000270 __RSH C:\Users\Lubas\ntuser.pol
2019-02-10 15:34 - 2019-02-10 15:34 - 000000020 ___SH C:\Users\Lubas\ntuser.ini
2019-02-10 15:29 - 2019-02-10 15:29 - 000000000 ___HD C:\$SysReset
2019-02-10 15:03 - 2019-02-10 15:35 - 000000000 ____D C:\Users\Lubas\AppData\Roaming\fn2a5f4grho
2019-02-10 15:03 - 2019-02-10 15:06 - 000000000 ____D C:\Users\Lubas\AppData\Local\{01801827-6513-4a10-9443-a405dbafb4d3}
2019-02-10 15:03 - 2019-02-10 15:03 - 007882672 _____ C:\Users\Lubas\AppData\Local\agent.dat.crypt
2019-02-10 15:03 - 2019-02-10 15:03 - 002038528 _____ C:\Users\Lubas\AppData\Local\Alphadax.tst.crypt
2019-02-10 15:03 - 2019-02-10 15:03 - 000279452 _____ C:\Users\Lubas\AppData\Local\Mattip.bin.crypt
2019-02-10 15:03 - 2019-02-10 15:03 - 000127408 _____ C:\Users\Lubas\AppData\Local\noah.dat.crypt
2019-02-10 15:03 - 2019-02-10 15:03 - 000071840 _____ C:\Users\Lubas\AppData\Local\Config.xml.crypt
2019-02-10 15:03 - 2019-02-10 15:03 - 000032982 _____ C:\Users\Lubas\AppData\Local\uninstall_temp.ico.crypt
2019-02-10 15:03 - 2019-02-10 15:03 - 000019376 _____ C:\Users\Lubas\AppData\Local\Main.dat.crypt
2019-02-10 15:03 - 2019-02-10 15:03 - 000006512 _____ C:\Users\Lubas\AppData\Local\md.xml.crypt
2019-02-10 15:03 - 2019-02-10 15:03 - 000004816 _____ C:\Users\Lubas\AppData\Local\how_to_back_files.html
2019-02-10 15:03 - 2019-02-10 15:03 - 000000000 ____D C:\ProgramData\{F35E6E7C-1CD5-4DAB-AD01-28C1ADE67190}
2019-02-10 15:03 - 2019-02-10 15:03 - 000000000 ____D C:\ProgramData\{56412A6D-58C4-E8B4-BC45-3764BCA26E35}
2019-02-10 15:02 - 2019-02-10 20:03 - 000000000 ____D C:\ProgramData\iceq
2019-02-10 15:02 - 2019-02-10 15:04 - 000000000 ____D C:\ProgramData\cwcd
2019-02-10 15:02 - 2019-02-10 15:03 - 000723888 _____ C:\Users\Lubas\AppData\Local\sha.db.crypt
2019-02-10 15:02 - 2019-02-10 15:03 - 000141744 _____ C:\Users\Lubas\AppData\Local\installer.dat.crypt
2019-02-10 15:02 - 2019-02-10 15:03 - 000122288 _____ C:\Users\Lubas\AppData\Local\CA96.tmp.exe.crypt
2019-02-10 15:02 - 2019-02-10 15:03 - 000017024 _____ C:\Users\Lubas\AppData\Local\InstallationConfiguration.xml.crypt
2019-02-10 15:02 - 2019-02-10 15:02 - 000004816 _____ C:\Users\Public\Desktop\how_to_back_files.html
2019-02-10 15:02 - 2019-02-10 15:02 - 000004816 _____ C:\Users\Lubas\how_to_back_files.html
2019-02-10 15:02 - 2019-02-10 15:02 - 000004816 _____ C:\Users\Lubas\Downloads\how_to_back_files.html
2019-02-10 15:02 - 2019-02-10 15:02 - 000004816 _____ C:\Users\Lubas\Documents\how_to_back_files.html
2019-02-10 15:02 - 2019-02-10 15:02 - 000004816 _____ C:\Users\Lubas\Desktop\how_to_back_files.html
2019-02-10 15:01 - 2019-02-10 15:04 - 000000000 ____D C:\Program Files (x86)\Cta
2019-02-10 15:01 - 2019-02-10 15:02 - 000255502 _____ C:\Users\Lubas\Downloads\Win iPhone X.ico.crypt
2019-02-10 15:01 - 2019-02-10 15:02 - 000003168 _____ C:\Users\Lubas\Desktop\TigerTrade.lnk.crypt
2019-02-10 15:01 - 2019-02-10 15:02 - 000002000 _____ C:\Users\Lubas\Desktop\Win iPhone X.lnk.crypt
2019-02-10 15:01 - 2019-02-10 15:02 - 000002000 _____ C:\Users\Lubas\Desktop\Adult Dating.lnk.crypt
2019-02-10 15:01 - 2019-02-10 15:02 - 000001744 _____ C:\Users\Lubas\Desktop\UinstallCashSlip.lnk.crypt
2019-02-10 15:01 - 2019-02-10 15:01 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2019-02-10 15:01 - 2019-02-10 15:01 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2019-02-10 15:01 - 2019-02-10 15:01 - 000004816 _____ C:\Users\Public\how_to_back_files.html
2019-02-10 15:01 - 2019-02-10 15:01 - 000004816 _____ C:\Users\Public\Downloads\how_to_back_files.html
2019-02-10 15:01 - 2019-02-10 15:01 - 000004816 _____ C:\Users\Public\Documents\how_to_back_files.html
2019-02-10 15:01 - 2019-02-10 15:01 - 000004816 _____ C:\Users\how_to_back_files.html
2019-02-10 15:01 - 2019-02-10 15:01 - 000001026 _____ C:\Users\Public\C9DA6621AD4B465ACD075FC12083638E7EC67731CFCDA0EB1D7FB550B964237A
2019-02-10 15:01 - 2019-02-10 15:01 - 000000000 ____D C:\ProgramData\R6U94JTA0R6TA0AC6A3N
2019-02-10 15:01 - 2019-02-10 15:01 - 000000000 ____D C:\Program Files (x86)\TigerTrade
2019-02-10 15:00 - 2019-02-10 15:02 - 000225934 _____ C:\Users\Lubas\Downloads\Adult Dating.ico.crypt
2019-02-10 13:57 - 2019-02-10 13:58 - 000000000 ____D C:\Users\Lubas\AppData\Local\Movavi
2019-02-10 13:57 - 2019-02-10 13:57 - 000000000 ____D C:\Users\Lubas\AppData\Local\VideoEditor
2019-02-10 13:57 - 2019-02-10 13:57 - 000000000 ____D C:\Users\Lubas\AppData\Local\CrashRpt
2019-02-10 13:56 - 2019-02-10 15:02 - 000001920 _____ C:\Users\Lubas\Desktop\Movavi Video Editor 15.lnk.crypt
2019-02-10 13:56 - 2019-02-10 15:02 - 000000000 ____D C:\Users\Lubas\AppData\Roaming\Movavi Video Editor 15
2019-02-10 13:56 - 2019-02-10 13:56 - 000000000 ____D C:\Users\Lubas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movavi Video Editor 15
2019-02-10 13:55 - 2019-02-10 13:55 - 000012720 _____ C:\ProgramData\sokqucqi.nri
2019-02-10 13:55 - 2019-02-10 13:55 - 000000016 _____ C:\ProgramData\mntemp
2019-02-10 13:45 - 2019-02-10 20:17 - 000003274 _____ C:\Windows\System32\Tasks\Adobe Uninstaller
2019-02-10 13:17 - 2019-02-10 13:17 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2019-02-10 12:22 - 2019-02-10 12:22 - 000000000 ____D C:\Users\Lubas\AppData\Local\bunkus.org
2019-02-10 12:20 - 2019-02-10 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2019-02-10 12:20 - 2019-02-10 12:20 - 000000000 ____D C:\Program Files\MKVToolNix
2019-02-10 12:17 - 2019-02-10 12:17 - 000000000 ____D C:\Users\Lubas\AppData\Roaming\mkvtoolnix
2019-02-05 17:08 - 2019-02-05 17:08 - 000000000 ____D C:\ProgramData\Mozilla
2019-02-04 18:53 - 2019-02-04 18:53 - 000000000 ____D C:\Windows\LastGood
2019-02-04 18:53 - 2019-01-30 21:07 - 000133512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2019-02-04 18:51 - 2019-02-01 22:36 - 000047592 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2019-02-04 18:51 - 2019-02-01 02:40 - 001005984 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2019-02-04 18:51 - 2019-02-01 02:40 - 001005984 _____ C:\Windows\system32\vulkan-1.dll
2019-02-04 18:51 - 2019-02-01 02:40 - 000869792 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2019-02-04 18:51 - 2019-02-01 02:40 - 000869792 _____ C:\Windows\SysWOW64\vulkan-1.dll
2019-02-04 18:51 - 2019-02-01 02:40 - 000551680 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-02-04 18:51 - 2019-02-01 02:40 - 000456640 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-02-04 18:51 - 2019-02-01 02:40 - 000269752 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2019-02-04 18:51 - 2019-02-01 02:40 - 000269752 _____ C:\Windows\system32\vulkaninfo.exe
2019-02-04 18:51 - 2019-02-01 02:40 - 000244128 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-02-04 18:51 - 2019-02-01 02:40 - 000244128 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2019-02-04 18:51 - 2019-02-01 02:38 - 010894304 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2019-02-04 18:51 - 2019-02-01 02:38 - 009254696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2019-02-04 18:51 - 2019-02-01 02:38 - 005273048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2019-02-04 18:51 - 2019-02-01 02:38 - 004624184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2019-02-04 18:51 - 2019-02-01 02:38 - 002031896 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2019-02-04 18:51 - 2019-02-01 02:38 - 001734560 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441881.dll
2019-02-04 18:51 - 2019-02-01 02:38 - 001534912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2019-02-04 18:51 - 2019-02-01 02:38 - 001467864 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441881.dll
2019-02-04 18:51 - 2019-02-01 02:38 - 001464008 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2019-02-04 18:51 - 2019-02-01 02:38 - 001129352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2019-02-04 18:51 - 2019-02-01 02:38 - 000752440 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2019-02-04 18:51 - 2019-02-01 02:38 - 000668640 _____ C:\Windows\system32\nvofapi64.dll
2019-02-04 18:51 - 2019-02-01 02:38 - 000631688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2019-02-04 18:51 - 2019-02-01 02:38 - 000611744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2019-02-04 18:51 - 2019-02-01 02:38 - 000534544 _____ C:\Windows\SysWOW64\nvofapi.dll
2019-02-04 18:51 - 2019-02-01 02:38 - 000522120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2019-02-04 18:51 - 2019-02-01 02:37 - 040235120 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2019-02-04 18:51 - 2019-02-01 02:37 - 035140696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2019-02-04 18:51 - 2019-02-01 02:37 - 020101600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2019-02-04 18:51 - 2019-02-01 02:37 - 017428328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2019-02-04 18:51 - 2019-02-01 02:37 - 001471816 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2019-02-04 18:51 - 2019-02-01 02:37 - 001462232 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2019-02-04 18:51 - 2019-02-01 02:37 - 001169152 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2019-02-04 18:51 - 2019-02-01 02:37 - 001152200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2019-02-04 18:51 - 2019-02-01 02:37 - 001145720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2019-02-04 18:51 - 2019-02-01 02:37 - 000915120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2019-02-04 18:51 - 2019-02-01 02:37 - 000822784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2019-02-04 18:51 - 2019-02-01 02:37 - 000794656 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2019-02-04 18:51 - 2019-02-01 02:37 - 000638200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2019-02-04 18:51 - 2019-02-01 02:36 - 004296808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2019-01-15 18:34 - 2019-02-10 15:02 - 000097327 _____ C:\Users\Lubas\Documents\Simona.jpg.crypt
2019-01-15 18:23 - 2019-02-10 15:02 - 000206189 _____ C:\Users\Lubas\Documents\simča 1.jpg.crypt
2019-01-15 18:20 - 2019-02-10 15:02 - 000290367 _____ C:\Users\Lubas\Documents\simča.jpg.crypt
2019-01-15 17:50 - 2019-01-15 17:50 - 000000000 ____D C:\Windows\LastGood.Tmp
2019-01-15 17:48 - 2019-01-12 05:04 - 002018392 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441771.dll
2019-01-15 17:48 - 2019-01-12 05:04 - 001467864 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441771.dll
2019-01-14 18:17 - 2019-01-14 18:17 - 000223056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-14 14:32 - 2019-02-10 15:02 - 000571703 _____ C:\Users\Lubas\Documents\svc20bro.pdf.crypt
2019-01-14 10:19 - 2019-02-10 15:02 - 000002864 _____ C:\Users\Public\Desktop\Malwarebytes.lnk.crypt
2019-01-14 10:19 - 2019-01-14 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-01-14 10:15 - 2019-02-09 15:47 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-01-14 10:15 - 2019-01-14 10:15 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-01-12 13:34 - 2019-01-12 13:34 - 000000000 ____D C:\Users\Lubas\AppData\Local\mbam
2019-01-12 13:33 - 2019-01-12 13:33 - 000000000 ____D C:\Users\Lubas\AppData\Local\mbamtray
2019-01-12 13:29 - 2019-01-14 10:15 - 000000000 ____D C:\Program Files\Malwarebytes
2019-01-11 12:15 - 2019-02-10 15:02 - 000002224 _____ C:\Users\Lubas\Desktop\CrystalDiskInfo.lnk.crypt
2019-01-11 12:15 - 2019-01-11 12:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2019-01-11 12:15 - 2019-01-11 12:15 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2019-01-11 12:03 - 2019-02-10 15:02 - 000002208 _____ C:\Users\Public\Desktop\Acronis Disk Director 12.lnk.crypt
2019-01-11 12:03 - 2019-01-11 12:04 - 000000000 ____D C:\ProgramData\Acronis
2019-01-11 12:03 - 2019-01-11 12:03 - 000339288 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2019-01-11 12:03 - 2019-01-11 12:03 - 000160600 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2019-01-11 12:03 - 2019-01-11 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2019-01-11 12:03 - 2019-01-11 12:03 - 000000000 ____D C:\Program Files (x86)\Acronis

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-10 20:19 - 2018-12-28 08:23 - 000000000 ____D C:\Users\Lubas\AppData\Local\Packages
2019-02-10 20:19 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-10 20:19 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\AppReadiness
2019-02-10 20:16 - 2018-12-28 09:00 - 000000000 ____D C:\Users\Lubas\AppData\Local\Adobe
2019-02-10 20:15 - 2018-12-28 09:12 - 000000000 ____D C:\Users\Lubas\AppData\Roaming\uTorrent
2019-02-10 20:15 - 2018-12-28 08:38 - 000000000 ____D C:\Users\Lubas\AppData\LocalLow\Mozilla
2019-02-10 20:15 - 2018-12-28 08:25 - 000000000 ____D C:\ProgramData\NVIDIA
2019-02-10 20:14 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-10 20:13 - 2018-12-28 08:15 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-10 20:13 - 2018-09-15 07:09 - 000524288 _____ C:\Windows\system32\config\BBI
2019-02-10 20:06 - 2018-12-28 08:15 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-02-10 15:35 - 2018-12-28 10:01 - 000002238 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-02-10 15:34 - 2018-12-28 08:22 - 000000000 ____D C:\Users\Lubas
2019-02-10 15:27 - 2018-12-28 08:33 - 000001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-02-10 15:24 - 2019-01-03 10:50 - 000002880 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-LCQNPPC-Lubas
2019-02-10 15:24 - 2018-12-28 11:42 - 000003542 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-02-10 15:24 - 2018-12-28 10:01 - 000003048 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-02-10 15:24 - 2018-12-28 09:01 - 000003878 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-02-10 15:24 - 2018-12-28 09:01 - 000003590 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-02-10 15:24 - 2018-12-28 08:57 - 000003458 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-10 15:24 - 2018-12-28 08:57 - 000003256 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-10 15:24 - 2018-12-28 08:57 - 000003212 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-10 15:24 - 2018-12-28 08:57 - 000003076 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-10 15:24 - 2018-12-28 08:57 - 000003076 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-10 15:24 - 2018-12-28 08:57 - 000003076 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-10 15:24 - 2018-12-28 08:57 - 000003044 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-10 15:24 - 2018-12-28 08:57 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-10 15:24 - 2018-12-28 08:57 - 000002974 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-10 15:24 - 2018-12-28 08:57 - 000002898 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-10 15:24 - 2018-12-28 08:57 - 000002804 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-10 15:24 - 2018-12-28 08:25 - 000002920 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4036211943-1065916901-1247789584-1001
2019-02-10 15:13 - 2018-12-30 15:18 - 000000000 ____D C:\Users\Lubas\AppData\Roaming\Mobon
2019-02-10 15:03 - 2019-01-10 18:58 - 000002830 __RSH C:\ProgramData\ntuser.pol
2019-02-10 15:03 - 2018-12-28 10:20 - 000000000 ____D C:\Users\Lubas\AppData\Roaming\GHISLER
2019-02-10 15:03 - 2018-12-28 09:58 - 000000000 ____D C:\Users\Lubas\AppData\Roaming\Audacity
2019-02-10 15:03 - 2018-12-28 08:37 - 000034320 ____H C:\Users\Lubas\AppData\Local\IconCache.db.crypt
2019-02-10 15:03 - 2018-09-15 08:33 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-02-10 15:02 - 2019-01-04 18:10 - 000001664 _____ C:\Users\Lubas\Desktop\Aslains WoT Logs Archiver.lnk.crypt
2019-02-10 15:02 - 2019-01-03 10:53 - 000002752 _____ C:\Users\Lubas\Desktop\Adobe Audition CC – zástupce.lnk.crypt
2019-02-10 15:02 - 2019-01-03 10:24 - 000000000 ___RD C:\Users\Lubas\Creative Cloud Files
2019-02-10 15:02 - 2019-01-03 10:23 - 000002352 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk.crypt
2019-02-10 15:02 - 2019-01-03 09:21 - 000001872 _____ C:\Users\Public\Desktop\VLC media player.lnk.crypt
2019-02-10 15:02 - 2019-01-03 08:41 - 000000000 ____D C:\Users\Lubas\AppData\Roaming\REAPER
2019-02-10 15:02 - 2019-01-01 10:27 - 000001648 _____ C:\Users\Public\Desktop\MyHeritage Family Tree Builder.lnk.crypt
2019-02-10 15:02 - 2018-12-28 11:42 - 000003072 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk.crypt
2019-02-10 15:02 - 2018-12-28 11:29 - 000002192 _____ C:\Users\Public\Desktop\GOM Player.lnk.crypt
2019-02-10 15:02 - 2018-12-28 11:21 - 000003424 _____ C:\Users\Public\Desktop\ACDSee Ultimate 10 (64-bit).lnk.crypt
2019-02-10 15:02 - 2018-12-28 10:50 - 000001280 _____ C:\Users\Lubas\Desktop\computer (2).lnk.crypt
2019-02-10 15:02 - 2018-12-28 10:31 - 000001632 _____ C:\Users\Lubas\Desktop\World of Tanks EU.lnk.crypt
2019-02-10 15:02 - 2018-12-28 10:30 - 000002848 _____ C:\Users\Lubas\Desktop\Game Center.lnk.crypt
2019-02-10 15:02 - 2018-12-28 10:27 - 000002288 _____ C:\Users\Lubas\Desktop\frd – zástupce.lnk.crypt
2019-02-10 15:02 - 2018-12-28 10:20 - 000001616 _____ C:\Users\Public\Desktop\Total Commander.lnk.crypt
2019-02-10 15:02 - 2018-12-28 10:04 - 000002032 _____ C:\Users\Public\Desktop\Cool Edit Pro 2.0.lnk.crypt
2019-02-10 15:02 - 2018-12-28 10:01 - 000001808 _____ C:\Users\Public\Desktop\CCleaner.lnk.crypt
2019-02-10 15:02 - 2018-12-28 09:57 - 000002032 _____ C:\Users\Public\Desktop\Audacity.lnk.crypt
2019-02-10 15:02 - 2018-12-28 09:47 - 000003056 _____ C:\Users\Public\Desktop\Adobe Audition 3.0.lnk.crypt
2019-02-10 15:02 - 2018-12-28 09:42 - 000003056 _____ C:\Users\Public\Desktop\Adobe Audition 2.0.lnk.crypt
2019-02-10 15:02 - 2018-12-28 09:39 - 000000000 ____D C:\Users\Lubas\AppData\Roaming\WinRAR
2019-02-10 15:02 - 2018-12-28 09:38 - 000002672 _____ C:\Users\Lubas\Desktop\WinRAR 64b.lnk.crypt
2019-02-10 15:02 - 2018-12-28 09:12 - 000001920 _____ C:\Users\Lubas\Desktop\µTorrent.lnk.crypt
2019-02-10 15:02 - 2018-12-28 08:57 - 000002400 _____ C:\Users\Public\Desktop\GeForce Experience.lnk.crypt
2019-02-10 15:02 - 2018-12-28 08:54 - 000003024 _____ C:\Users\Public\Desktop\Avast Pro Antivirus.lnk.crypt
2019-02-10 15:02 - 2018-12-28 08:52 - 000003280 _____ C:\Users\Public\Desktop\Google Chrome.lnk.crypt
2019-02-10 15:02 - 2018-12-28 08:33 - 000001952 _____ C:\Users\Public\Desktop\Firefox.lnk.crypt
2019-02-10 15:02 - 2018-12-28 08:25 - 000000000 ___RD C:\Users\Lubas\OneDrive
2019-02-10 15:02 - 2018-12-28 08:23 - 000001504 ___SH C:\Users\Lubas\Desktop\desktop.ini.crypt
2019-02-10 15:02 - 2018-12-28 08:23 - 000001360 ___SH C:\Users\Lubas\Documents\desktop.ini.crypt
2019-02-10 15:02 - 2018-12-28 08:23 - 000001232 ___SH C:\Users\Lubas\Downloads\desktop.ini.crypt
2019-02-10 15:02 - 2018-12-28 08:23 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-02-10 15:02 - 2018-12-28 08:22 - 000000976 ___SH C:\Users\Lubas\ntuser.ini.crypt
2019-02-10 15:02 - 2018-09-15 08:31 - 000001360 ___SH C:\Users\Public\Desktop\desktop.ini.crypt
2019-02-10 15:01 - 2018-09-15 08:33 - 000000000 __RHD C:\Users\Public\Libraries
2019-02-10 15:01 - 2018-09-15 08:31 - 000001232 ___SH C:\Users\Public\Documents\desktop.ini.crypt
2019-02-10 15:01 - 2018-09-15 08:31 - 000001120 ___SH C:\Users\Public\Downloads\desktop.ini.crypt
2019-02-10 15:01 - 2018-09-15 08:31 - 000001120 ___SH C:\Users\Public\desktop.ini.crypt
2019-02-10 15:01 - 2018-09-15 08:31 - 000001120 ___SH C:\Users\desktop.ini.crypt
2019-02-10 13:51 - 2019-01-03 09:56 - 000000000 ____D C:\Program Files\Adobe
2019-02-10 13:17 - 2018-12-28 09:19 - 000000000 ____D C:\Users\Lubas\AppData\Local\CrashDumps
2019-02-10 13:17 - 2018-09-15 08:31 - 000000000 ____D C:\Windows\INF
2019-02-10 11:10 - 2018-12-28 08:57 - 000000000 ____D C:\Users\Lubas\AppData\Local\NVIDIA
2019-02-10 10:24 - 2018-12-28 08:22 - 000002391 _____ C:\Users\Lubas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-09 08:54 - 2019-01-03 12:10 - 000000000 ____D C:\Users\Lubas\AppData\Local\ElevatedDiagnostics
2019-02-09 08:43 - 2018-12-28 16:37 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-02-09 08:43 - 2018-12-28 10:01 - 000000000 ____D C:\Program Files\CCleaner
2019-02-09 08:43 - 2018-12-28 08:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-08 19:19 - 2018-12-28 08:39 - 000000000 ____D C:\ProgramData\Packages
2019-02-07 17:19 - 2018-12-28 08:51 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-02-04 18:54 - 2018-12-28 08:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-02-04 18:54 - 2018-12-28 08:25 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-02-04 18:54 - 2018-12-28 08:25 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-02-03 18:57 - 2018-12-28 08:51 - 000004264 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-02-01 22:36 - 2017-11-09 04:38 - 001682392 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2019-02-01 22:36 - 2017-11-09 04:38 - 000228768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2019-02-01 02:37 - 2017-11-09 04:25 - 005036824 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2019-01-31 07:09 - 2018-12-28 08:56 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2019-01-31 07:09 - 2017-11-09 03:57 - 000049634 _____ C:\Windows\system32\nvinfo.pb
2019-01-30 21:09 - 2018-12-28 08:25 - 005364776 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2019-01-30 21:09 - 2018-12-28 08:25 - 002624824 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2019-01-30 21:09 - 2018-12-28 08:25 - 001767920 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2019-01-30 21:09 - 2018-12-28 08:25 - 000651248 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2019-01-30 21:09 - 2018-12-28 08:25 - 000450600 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2019-01-30 21:09 - 2018-12-28 08:25 - 000124968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2019-01-30 21:09 - 2018-12-28 08:25 - 000082800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2019-01-30 14:15 - 2018-12-28 08:25 - 008488852 _____ C:\Windows\system32\nvcoproc.bin
2019-01-26 15:03 - 2018-12-28 08:25 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2019-01-18 14:17 - 2018-12-28 08:50 - 000166792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-17 13:11 - 2018-12-28 10:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-01-17 13:11 - 2018-12-28 10:24 - 000000000 ____D C:\Program Files (x86)\Java
2019-01-17 13:10 - 2018-12-28 10:25 - 000099192 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2019-01-15 17:43 - 2018-12-28 08:57 - 000000000 ____D C:\Users\Lubas\AppData\Local\NVIDIA Corporation
2019-01-12 15:37 - 2018-09-15 08:33 - 000000000 ____D C:\Windows\system32\NDF
2019-01-11 13:42 - 2018-12-28 10:30 - 000000000 ____D C:\Users\Lubas\AppData\Local\D3DSCache
2019-01-11 12:36 - 2018-12-28 08:24 - 001694324 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-11 12:36 - 2018-09-15 18:39 - 000717106 _____ C:\Windows\system32\perfh005.dat
2019-01-11 12:36 - 2018-09-15 18:39 - 000145186 _____ C:\Windows\system32\perfc005.dat

==================== Files in the root of some directories =======

2019-02-10 15:01 - 2019-02-10 15:01 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2019-02-10 15:01 - 2019-02-10 15:01 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2018-12-28 14:55 - 2018-12-28 14:55 - 000000000 _____ () C:\Users\Lubas\AppData\Roaming\unp227871667.tmp
2019-02-10 15:03 - 2019-02-10 15:03 - 007882672 _____ () C:\Users\Lubas\AppData\Local\agent.dat.crypt
2019-02-10 15:03 - 2019-02-10 15:03 - 002038528 _____ () C:\Users\Lubas\AppData\Local\Alphadax.tst.crypt
2019-02-10 15:02 - 2019-02-10 15:03 - 000122288 _____ () C:\Users\Lubas\AppData\Local\CA96.tmp.exe.crypt
2019-02-10 15:03 - 2019-02-10 15:03 - 000071840 _____ () C:\Users\Lubas\AppData\Local\Config.xml.crypt
2019-02-10 15:03 - 2019-02-10 15:03 - 000004816 _____ () C:\Users\Lubas\AppData\Local\how_to_back_files.html
2019-02-10 15:02 - 2019-02-10 15:03 - 000017024 _____ () C:\Users\Lubas\AppData\Local\InstallationConfiguration.xml.crypt
2019-02-10 15:02 - 2019-02-10 15:03 - 000141744 _____ () C:\Users\Lubas\AppData\Local\installer.dat.crypt
2019-02-10 15:03 - 2019-02-10 15:03 - 000019376 _____ () C:\Users\Lubas\AppData\Local\Main.dat.crypt
2019-02-10 15:03 - 2019-02-10 15:03 - 000279452 _____ () C:\Users\Lubas\AppData\Local\Mattip.bin.crypt
2019-02-10 15:03 - 2019-02-10 15:03 - 000006512 _____ () C:\Users\Lubas\AppData\Local\md.xml.crypt
2019-02-10 15:03 - 2019-02-10 15:03 - 000127408 _____ () C:\Users\Lubas\AppData\Local\noah.dat.crypt
2019-01-03 10:50 - 2019-01-03 10:50 - 000000000 _____ () C:\Users\Lubas\AppData\Local\oobelibMkey.log
2019-02-10 15:02 - 2019-02-10 15:03 - 000723888 _____ () C:\Users\Lubas\AppData\Local\sha.db.crypt
2019-02-10 15:03 - 2019-02-10 15:03 - 000032982 _____ () C:\Users\Lubas\AppData\Local\uninstall_temp.ico.crypt

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zmizelé ikony na ploše

#2 Příspěvek od Rudy »

Zdravím!
Nemazal jste něco?. Tohle vypadá na odregistrované položky. Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ubas
Návštěvník
Návštěvník
Příspěvky: 182
Registrován: 26 pro 2007 09:20

Re: zmizelé ikony na ploše

#3 Příspěvek od ubas »

právě že jsem nic nemazal...zničeho nic to tam bylo.

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-02-07.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-10-2019
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 0
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Not Deleted suggestqueries.google.com


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3318 octets] - [10/02/2019 20:13:12]
AdwCleaner[C00].txt - [3064 octets] - [10/02/2019 20:13:21]
AdwCleaner[S01].txt - [1396 octets] - [10/02/2019 21:01:02]
AdwCleaner[S02].txt - [1457 octets] - [10/02/2019 21:01:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zmizelé ikony na ploše

#4 Příspěvek od Rudy »

OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
C:\ProgramData\{F35E6E7C-1CD5-4DAB-AD01-28C1ADE67190}
C:\ProgramData\{56412A6D-58C4-E8B4-BC45-3764BCA26E35}
C:\Users\Public\C9DA6621AD4B465ACD075FC12083638E7EC67731CFCDA0EB1D7FB550B964237A
C:\ProgramData\R6U94JTA0R6TA0AC6A3N
C:\ProgramData\sokqucqi.nri
C:\Windows\LastGood.Tmp
C:\Users\Lubas\AppData\Roaming\unp227871667.tmp

RmptyTemp:
Hosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ubas
Návštěvník
Návštěvník
Příspěvky: 182
Registrován: 26 pro 2007 09:20

Re: zmizelé ikony na ploše

#5 Příspěvek od ubas »

log se neobjevil...tak doufám že vkládám ten správný.Jinak pc je zatím beze změny.

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.02.2019 01
Ran by Lubas (10-02-2019 22:08:34) Run:1
Running from C:\Users\Lubas\Desktop
Loaded Profiles: Lubas (Available Profiles: Lubas)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
C:\ProgramData\{F35E6E7C-1CD5-4DAB-AD01-28C1ADE67190}
C:\ProgramData\{56412A6D-58C4-E8B4-BC45-3764BCA26E35}
C:\Users\Public\C9DA6621AD4B465ACD075FC12083638E7EC67731CFCDA0EB1D7FB550B964237A
C:\ProgramData\R6U94JTA0R6TA0AC6A3N
C:\ProgramData\sokqucqi.nri
C:\Windows\LastGood.Tmp
C:\Users\Lubas\AppData\Roaming\unp227871667.tmp

RmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
C:\ProgramData\{F35E6E7C-1CD5-4DAB-AD01-28C1ADE67190} => moved successfully
C:\ProgramData\{56412A6D-58C4-E8B4-BC45-3764BCA26E35} => moved successfully
C:\Users\Public\C9DA6621AD4B465ACD075FC12083638E7EC67731CFCDA0EB1D7FB550B964237A => moved successfully
C:\ProgramData\R6U94JTA0R6TA0AC6A3N => moved successfully
C:\ProgramData\sokqucqi.nri => moved successfully
C:\Windows\LastGood.Tmp => moved successfully
C:\Users\Lubas\AppData\Roaming\unp227871667.tmp => moved successfully
RmptyTemp: => Error: No automatic fix found for this entry.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.


The system needed a reboot.

==== End of Fixlog 22:08:35 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zmizelé ikony na ploše

#6 Příspěvek od Rudy »

Udělal jsem tam překlep a nesmazaly se dočasné soubory. Spusťte ještě jedno tímto skriptem:
Start

CloseProcesses:

EmptyTemp:
End
Omlouvám se.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ubas
Návštěvník
Návštěvník
Příspěvky: 182
Registrován: 26 pro 2007 09:20

Re: zmizelé ikony na ploše

#7 Příspěvek od ubas »

Nemáte se proč omlouvat.Dívám se že všechny ikony na ploše mají koncovku .lnk

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.02.2019 01
Ran by Lubas (11-02-2019 16:07:51) Run:2
Running from C:\Users\Lubas\Desktop
Loaded Profiles: Lubas (Available Profiles: Lubas)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:

EmptyTemp:
End
*****************

Processes closed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 7626752 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 72181193 B
Java, Flash, Steam htmlcache => 1349 B
Windows/system/drivers => 2268052 B
Edge => 1085052 B
Chrome => 932809753 B
Firefox => 1131172322 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 7676274 B
systemprofile32 => 0 B
LocalService => 33512 B
LocalService => 0 B
NetworkService => 1668 B
NetworkService => 0 B
Lubas => 372419488 B

RecycleBin => 0 B
EmptyTemp: => 2.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:10:26 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zmizelé ikony na ploše

#8 Příspěvek od Rudy »

Jj. Teď je to v pořádku. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ubas
Návštěvník
Návštěvník
Příspěvky: 182
Registrován: 26 pro 2007 09:20

Re: zmizelé ikony na ploše

#9 Příspěvek od ubas »

nenastala,ikony jsou pořád bílé :cry: a ty programy nefungují i když nastavím cestu k programu tak to napíše že program crypt nelze otevřít.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zmizelé ikony na ploše

#10 Příspěvek od Rudy »

Zkuste obnovu systému k datu, kdy korektně fungoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ubas
Návštěvník
Návštěvník
Příspěvky: 182
Registrován: 26 pro 2007 09:20

Re: zmizelé ikony na ploše

#11 Příspěvek od ubas »

začínám s win 10,kde to tam prosím vás najdu?

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zmizelé ikony na ploše

#12 Příspěvek od Rudy »

Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ubas
Návštěvník
Návštěvník
Příspěvky: 182
Registrován: 26 pro 2007 09:20

Re: zmizelé ikony na ploše

#13 Příspěvek od ubas »

Děkuji

ubas
Návštěvník
Návštěvník
Příspěvky: 182
Registrován: 26 pro 2007 09:20

Re: zmizelé ikony na ploše

#14 Příspěvek od ubas »

Tak většina souborů v pc je zašifrovaná..je zde odkaz který mě otevře tuhle stránku
Přílohy
crypte.jpg
crypte.jpg (84.78 KiB) Zobrazeno 1879 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zmizelé ikony na ploše

#15 Příspěvek od Rudy »

Není zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět