Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Uživatelský avatar
CamillaNails
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 13 led 2017 20:41

Prosím o kontrolu logu

#1 Příspěvek od CamillaNails »

děkuji předem

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.03.2019 01
Ran by Kamila (administrator) on CAMILLANAILS (04-03-2019 12:43:07)
Running from C:\Users\Kamila\Desktop
Loaded Profiles: Kamila (Available Profiles: Kamila & DefaultAppPool)
Platform: Windows 10 Home Version 1803 17134.590 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\MsMpEng.exe
(Qualcomm Atheros -> Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19021.10411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe\DvdPlayer.UI.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1812.10048.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\athbttray.exe [801920 2012-11-29] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291280 2015-02-03] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [406328 2013-09-09] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [205624 2013-05-30] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [HPUsageTracking] => "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] (Seznam.cz, a.s. -> )
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Kamila\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Kamila\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] (Seznam.cz, a.s. -> )
HKLM\...\Drivers32: [vidc.x264] => C:\WINDOWS\system32\x264vfw.dll [3570688 2014-12-21] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\WINDOWS\system32\ac3filter.acm [2231296 2013-04-05] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\WINDOWS\SysWOW64\ac3filter.acm [1679360 2013-04-05] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\SysWOW64\x264vfw.dll [3588608 2014-12-21] (x264vfw project) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\Installer\chrmstp.exe [2019-02-22] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-11-29] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-11-29] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-03-04]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{2678ba83-d4d5-4c94-9b77-d9230bc705a8}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{5cd304e8-8b70-44d3-8c0e-1e8e6333e567}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-11-29] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-20] (Oracle America, Inc. -> Oracle Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2218426051-1343921682-1280377330-1000 -> hxxp://www.seznam.cz/
Edge Session Restore: HKU\S-1-5-21-2218426051-1343921682-1280377330-1000 -> is enabled.

FireFox:
========
FF ProfilePath: C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168 [2017-11-27]
FF Homepage: Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168 -> hxxp://www.google.cz/
FF Session Restore: Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168 -> is enabled.
FF Extension: (Disconnect) - C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168\Extensions\2.0@disconnect.me.xpi [2016-09-03] [Legacy]
FF Extension: (Firefox Hotfix) - C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31] [Legacy]
FF Extension: (Flashblock) - C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2016-09-03] [Legacy]
FF Extension: (NoScript) - C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-09-03] [Legacy]
FF Extension: (Seznam lištička) - C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-04-22] [Legacy]
FF ProfilePath: C:\Users\Kamila\AppData\Roaming\KompoZer\Profiles\c3m9hg9e.default [2017-05-13]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-02-15] (Adobe Systems Incorporated -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-15] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc -> Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchURL: Default -> hxxps://www.facebook.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default [2019-03-04]
CHR Extension: (Prezentace) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-28]
CHR Extension: (Dokumenty) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-28]
CHR Extension: (Disk Google) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-25]
CHR Extension: (YouTube) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-03]
CHR Extension: (Adobe Acrobat) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-08-03]
CHR Extension: (Tabulky) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (Tlačítko Uložit) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2019-03-03]
CHR Extension: (Cuttlefish Damask Black) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\iadoejdcofeifcanjdnmbpamnacmmlnm [2018-12-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-12]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-02-17]
CHR Extension: (Gmail) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-17]
CHR Profile: C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-03-03]
CHR Extension: (Prezentace) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-06]
CHR Extension: (Dokumenty) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-06]
CHR Extension: (Disk Google) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-06]
CHR Extension: (YouTube) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-06]
CHR Extension: (Adobe Acrobat) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-03-06]
CHR Extension: (Tabulky) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-08]
CHR Extension: (Gmail) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-06]
CHR Extension: (Chrome Media Router) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-01]
CHR Profile: C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2 [2019-03-04]
CHR Extension: (Prezentace) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-07]
CHR Extension: (Dokumenty) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-07]
CHR Extension: (Disk Google) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-26]
CHR Extension: (YouTube) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-26]
CHR Extension: (Adobe Acrobat) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-10-02]
CHR Extension: (Tabulky) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-12]
CHR Extension: (Gmail) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-23]
CHR Profile: C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\System Profile [2018-08-22]
CHR HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-02-22] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-02-22] (Microsoft Corporation -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-11-29] (Qualcomm Atheros -> Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S3 HPFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [20504 2007-07-16] (Hewlett-Packard Company -> Hewlett Packard)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-03-03] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-03-03] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72864 2019-03-03] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-03-03] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [114040 2019-03-03] (Malwarebytes Corporation -> Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek Semiconductor Corp -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-02-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [333792 2019-02-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-02-22] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-04 12:43 - 2019-03-04 12:44 - 000027058 _____ C:\Users\Kamila\Desktop\FRST.txt
2019-03-04 12:41 - 2019-03-04 12:41 - 002434560 _____ (Farbar) C:\Users\Kamila\Desktop\FRST64.exe
2019-03-03 21:32 - 2019-03-03 21:33 - 062158736 _____ (Malwarebytes ) C:\Users\Kamila\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.538-1.0.9430 (1).exe
2019-03-03 21:17 - 2019-03-03 21:17 - 000072864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-03-03 21:17 - 2019-03-03 21:17 - 000000000 ____D C:\Users\Kamila\AppData\Local\mbam
2019-03-03 21:16 - 2019-03-03 21:16 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-03-03 21:16 - 2019-03-03 21:16 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-03-03 21:16 - 2019-03-03 21:16 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-03-03 21:16 - 2019-03-03 21:16 - 000114040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-03-03 21:16 - 2019-03-03 21:16 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-03-03 21:16 - 2019-03-03 21:16 - 000000000 ____D C:\Users\Kamila\AppData\Local\mbamtray
2019-03-03 21:16 - 2019-03-03 21:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-03-03 21:16 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-03-03 21:15 - 2019-03-03 21:16 - 062158736 _____ (Malwarebytes ) C:\Users\Kamila\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.538-1.0.9430.exe
2019-02-15 13:15 - 2019-02-06 04:00 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-15 13:15 - 2019-02-06 04:00 - 006572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-15 13:14 - 2019-02-06 08:54 - 004527584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-15 13:14 - 2019-02-06 08:53 - 001634704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-15 13:14 - 2019-02-06 08:35 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-15 13:14 - 2019-02-06 08:32 - 003648512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-15 13:14 - 2019-02-06 08:30 - 004052992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-15 13:14 - 2019-02-06 08:30 - 001662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-15 13:14 - 2019-02-06 08:30 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-15 13:14 - 2019-02-06 08:11 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-15 13:14 - 2019-02-06 07:57 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-15 13:14 - 2019-02-06 07:52 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-15 13:14 - 2019-02-06 07:52 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-15 13:14 - 2019-02-06 07:52 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-15 13:14 - 2019-02-06 04:01 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-15 13:14 - 2019-02-06 04:01 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-15 13:14 - 2019-02-06 04:01 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-15 13:14 - 2019-02-06 04:01 - 000720480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-15 13:14 - 2019-02-06 04:01 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-02-15 13:14 - 2019-02-06 04:01 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-15 13:14 - 2019-02-06 04:01 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-02-15 13:14 - 2019-02-06 04:01 - 000033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-15 13:14 - 2019-02-06 04:00 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-15 13:14 - 2019-02-06 04:00 - 002719760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-15 13:14 - 2019-02-06 04:00 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-15 13:14 - 2019-02-06 04:00 - 002421264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-15 13:14 - 2019-02-06 04:00 - 001257904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-15 13:14 - 2019-02-06 04:00 - 001140680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-15 13:14 - 2019-02-06 04:00 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-02-15 13:14 - 2019-02-06 04:00 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-02-15 13:14 - 2019-02-06 04:00 - 000945680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-15 13:14 - 2019-02-06 04:00 - 000899728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-15 13:14 - 2019-02-06 04:00 - 000466960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-15 13:14 - 2019-02-06 04:00 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-15 13:14 - 2019-02-06 04:00 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-15 13:14 - 2019-02-06 04:00 - 000038792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-15 13:14 - 2019-02-06 03:59 - 001922064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-15 13:14 - 2019-02-06 03:59 - 001457248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-15 13:14 - 2019-02-06 03:59 - 000983128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-15 13:14 - 2019-02-06 03:59 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-15 13:14 - 2019-02-06 03:52 - 022014464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-15 13:14 - 2019-02-06 03:45 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-15 13:14 - 2019-02-06 03:42 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-15 13:14 - 2019-02-06 03:41 - 025853952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-15 13:14 - 2019-02-06 03:41 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-02-15 13:14 - 2019-02-06 03:40 - 005792256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-15 13:14 - 2019-02-06 03:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-15 13:14 - 2019-02-06 03:38 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-15 13:14 - 2019-02-06 03:38 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-02-15 13:14 - 2019-02-06 03:37 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-15 13:14 - 2019-02-06 03:37 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-15 13:14 - 2019-02-06 03:33 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-15 13:14 - 2019-02-06 03:29 - 004865536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-15 13:14 - 2019-02-06 03:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-15 13:14 - 2019-02-06 03:28 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-15 13:14 - 2019-02-06 03:27 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-15 13:14 - 2019-02-06 03:27 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-15 13:14 - 2019-02-06 03:27 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-15 13:14 - 2019-02-06 03:27 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-15 13:14 - 2019-02-06 03:26 - 007599616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-15 13:14 - 2019-02-06 03:26 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-02-15 13:14 - 2019-02-06 03:26 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-15 13:14 - 2019-02-06 03:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-15 13:14 - 2019-02-06 03:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-02-15 13:14 - 2019-02-06 03:25 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-15 13:14 - 2019-02-06 03:25 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-15 13:14 - 2019-02-06 03:24 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-15 13:14 - 2019-02-06 03:24 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-02-15 13:14 - 2019-02-06 03:23 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-15 13:14 - 2019-02-06 03:22 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-15 13:14 - 2019-02-06 03:22 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-15 13:14 - 2019-02-06 03:21 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-15 13:14 - 2019-02-06 02:04 - 000001314 _____ C:\WINDOWS\system32\tcbres.wim
2019-02-15 13:14 - 2019-01-12 09:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-15 13:14 - 2019-01-12 03:28 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-15 13:14 - 2019-01-09 19:08 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-02-15 13:14 - 2019-01-09 18:57 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-15 13:14 - 2019-01-09 18:42 - 004716032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-15 13:14 - 2019-01-09 18:41 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-02-15 13:14 - 2019-01-09 18:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-02-15 13:14 - 2019-01-09 18:40 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-02-15 13:14 - 2019-01-09 18:36 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-02-15 13:14 - 2019-01-09 18:35 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-02-15 13:14 - 2019-01-09 11:14 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-15 13:14 - 2019-01-09 10:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-02-15 13:14 - 2019-01-09 10:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-02-15 13:14 - 2019-01-09 09:55 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-02-15 13:14 - 2019-01-09 09:48 - 000527368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-02-15 13:14 - 2019-01-09 06:59 - 000611848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-15 13:14 - 2019-01-09 06:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 001981280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
2019-02-15 13:14 - 2019-01-09 06:42 - 001035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-15 13:14 - 2019-01-09 06:42 - 000092704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-02-15 13:14 - 2019-01-09 06:40 - 002765336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-15 13:14 - 2019-01-09 06:40 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-15 13:14 - 2019-01-09 06:40 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-02-15 13:14 - 2019-01-09 06:40 - 000226104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-15 13:14 - 2019-01-09 06:40 - 000090872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 001943128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 000789696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 000349656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-15 13:14 - 2019-01-09 06:39 - 000164192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 000085472 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2019-02-15 13:14 - 2019-01-09 06:33 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-15 13:14 - 2019-01-09 06:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-15 13:14 - 2019-01-09 06:29 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-02-15 13:14 - 2019-01-09 06:29 - 002500096 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-02-15 13:14 - 2019-01-09 06:27 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-02-15 13:14 - 2019-01-09 06:27 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-15 13:14 - 2019-01-09 06:27 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-15 13:14 - 2019-01-09 06:26 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-02-15 13:14 - 2019-01-09 06:26 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-15 13:14 - 2019-01-09 06:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-02-15 13:14 - 2019-01-09 06:25 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-15 13:14 - 2019-01-09 06:24 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-02-15 13:14 - 2019-01-09 06:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-02-15 13:14 - 2019-01-09 06:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-02-15 13:14 - 2019-01-09 06:21 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-15 13:14 - 2019-01-09 06:21 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-02-15 13:14 - 2019-01-09 06:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-15 13:14 - 2019-01-09 06:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-15 13:14 - 2019-01-09 06:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-15 13:14 - 2019-01-09 06:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-15 13:14 - 2019-01-09 06:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-02-15 13:14 - 2019-01-09 06:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-15 13:14 - 2019-01-09 06:19 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-02-15 13:14 - 2019-01-09 06:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-02-15 13:14 - 2019-01-09 06:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-02-15 13:14 - 2019-01-09 06:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2019-02-15 13:14 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-02-15 13:14 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-02-15 13:14 - 2019-01-08 10:08 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-15 13:14 - 2019-01-08 04:06 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-15 13:14 - 2019-01-08 04:06 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-15 13:14 - 2019-01-08 04:06 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-03 15:02 - 2019-02-03 15:02 - 000000066 _____ C:\Users\Kamila\Downloads\Ostrov inspirace.txt

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-04 12:43 - 2018-05-15 06:24 - 000004208 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{73E85111-E035-4212-A804-341B7B13DD5A}
2019-03-04 12:43 - 2017-05-21 11:30 - 000000000 ____D C:\FRST
2019-03-04 12:31 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-04 10:56 - 2018-05-15 06:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-04 07:01 - 2017-04-14 18:20 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2019-03-04 07:01 - 2015-02-03 19:52 - 000000000 __SHD C:\Users\Kamila\IntelGraphicsProfiles
2019-03-03 21:16 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-03-03 21:16 - 2015-08-07 14:10 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-03-03 20:55 - 2018-05-15 06:14 - 001956152 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-03 20:55 - 2018-04-12 16:50 - 000809482 _____ C:\WINDOWS\system32\perfh005.dat
2019-03-03 20:55 - 2018-04-12 16:50 - 000186690 _____ C:\WINDOWS\system32\perfc005.dat
2019-03-03 20:55 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-03-03 20:48 - 2018-05-15 06:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-03 20:48 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-03-03 19:59 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-03 19:59 - 2016-11-23 19:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2019-03-03 19:59 - 2015-02-04 20:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-03 15:16 - 2018-11-16 20:11 - 000000000 ____D C:\Program Files\rempl
2019-03-03 15:15 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-22 20:31 - 2018-02-15 14:54 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-02-22 20:28 - 2017-04-25 19:05 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-22 20:28 - 2015-11-08 15:14 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-20 10:18 - 2015-02-04 20:33 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2019-02-20 10:08 - 2018-05-16 19:22 - 000000000 ____D C:\Users\Kamila\AppData\Local\PlaceholderTileLogoFolder
2019-02-19 13:27 - 2017-12-11 20:18 - 000000000 ____D C:\Users\Kamila\AppData\Local\Packages
2019-02-19 08:54 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-17 17:38 - 2018-05-15 06:08 - 000551288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-17 17:37 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-17 17:37 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-17 17:37 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-02-17 17:37 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-17 17:37 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-17 17:37 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-17 11:01 - 2015-04-10 17:51 - 000000000 ____D C:\Users\Kamila\Desktop\novinky
2019-02-17 10:17 - 2018-05-15 06:24 - 000004614 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-02-17 10:17 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-02-17 10:17 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-02-15 13:14 - 2015-02-03 19:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-15 13:12 - 2015-02-03 19:29 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-15 13:04 - 2018-05-15 06:24 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-02-15 13:02 - 2018-05-15 06:24 - 000004650 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-02-12 10:51 - 2018-05-15 06:24 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2218426051-1343921682-1280377330-1000
2019-02-12 10:51 - 2018-05-15 06:19 - 000002436 _____ C:\Users\Kamila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-12 10:51 - 2015-05-27 21:03 - 000000000 ___RD C:\Users\Kamila\OneDrive
2019-02-08 20:07 - 2018-07-11 06:53 - 000000000 ____D C:\ProgramData\Packages
2019-02-07 19:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-02-02 23:53 - 2018-04-12 00:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-02-02 23:53 - 2018-04-12 00:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2016-02-15 15:06 - 2017-12-06 14:51 - 000017408 _____ () C:\Users\Kamila\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-15 06:08

==================== End of FRST.txt ============================

Uživatelský avatar
CamillaNails
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 13 led 2017 20:41

Re: Prosím o kontrolu logu

#2 Příspěvek od CamillaNails »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019 01
Ran by Kamila (04-03-2019 12:44:34)
Running from C:\Users\Kamila\Desktop
Windows 10 Home Version 1803 17134.590 (X64) (2018-05-15 05:24:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2218426051-1343921682-1280377330-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2218426051-1343921682-1280377330-503 - Limited - Disabled)
Guest (S-1-5-21-2218426051-1343921682-1280377330-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2218426051-1343921682-1280377330-1002 - Limited - Enabled)
Kamila (S-1-5-21-2218426051-1343921682-1280377330-1000 - Administrator - Enabled) => C:\Users\Kamila
WDAGUtilityAccount (S-1-5-21-2218426051-1343921682-1280377330-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{0611B3CC-B5DB-4B93-ACE4-97B8F938E6B7}) (Version: 4.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.170 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
AVCWare Ringtone Maker (HKLM-x32\...\AVCWare Ringtone Maker) (Version: 2.0.5.20120712 - AVCWare)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
Balíček ovladače systému Windows - ASUS (ATP) Mouse (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS)
BufferChm (HKLM-x32\...\{687FEF8A-8597-40b4-832C-297EA3F35817}) (Version: 100.0.170.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
CustomerResearchQFolder (HKLM-x32\...\{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DeviceDiscovery (HKLM-x32\...\{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}) (Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (HKLM-x32\...\{AB5D51AE-EBC3-438D-872C-705C7C2084B0}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
dm CEWE fotosvet (HKLM-x32\...\dm CEWE fotosvet) (Version: 6.3.7 - CEWE Stiftung u Co. KGaA)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GOM Audio (HKLM-x32\...\GomAudio) (Version: 2.0.7.1108 - Gretech Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.14.5270 - Gretech Corporation)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP Color LaserJet CM1312 MFP Series 5.1 (HKLM\...\{8EEDB90E-6ABC-42bb-AD4C-39DEE05E3EEA}) (Version: 5.1 - HP)
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
hppCLJCM1312 (HKLM-x32\...\{07B85EEC-05BD-4E6A-AAEB-502FB2473DFA}) (Version: 005.001.00142 - Hewlett-Packard) Hidden
hppFaxDrvCM1312 (HKLM-x32\...\{7985C7FA-B151-4BA7-B19E-1577A7B527F1}) (Version: 005.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityCM1312 (HKLM-x32\...\{0626C86E-5A8F-4A6D-8C0A-5FF38BD2DA3A}) (Version: 005.001.00137 - Název společnosti:) Hidden
hppFonts (HKLM-x32\...\{995F2783-8311-49BF-833E-DB659774B4F6}) (Version: 001.001.00061 - Hewlett-Packard) Hidden
hppManualsCM1312 (HKLM-x32\...\{ED498DD7-FBC1-4C67-8D9B-C9218FBC818D}) (Version: 005.001.00145 - Název společnosti:) Hidden
hppQFolderCM1312 (HKLM-x32\...\{583EDB12-4CEA-48B5-A7BA-88069DD47BA2}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
hppScanToCM1312 (HKLM-x32\...\{B59ACF5E-0FF7-44D2-B57D-E516F334AC2E}) (Version: 005.001.00140 - Název společnosti:) Hidden
hppSendFaxCM1312 (HKLM-x32\...\{484A13AB-A4C1-41FD-87E0-EBE2DA01250E}) (Version: 005.000.00001 - Název společnosti:) Hidden
hppusgCM1312 (HKLM-x32\...\{325D1D94-4F34-46A7-A489-737C801B931D}) (Version: 1.1.0.1 - Hewlett-Packard) Hidden
Inpaint 6.2 (HKLM\...\{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1) (Version: - Teorex)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.7.248 - Intel Corporation)
IrfanView 4.44 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.44 - Irfan Skiljan)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LibreOffice 4.4 Help Pack (Czech) (HKLM-x32\...\{287D0D9F-A64D-455C-88A8-93B8FC1D9A8A}) (Version: 4.4.0.3 - The Document Foundation)
LibreOffice 4.4.0.3 (HKLM-x32\...\{8BEE1CDD-F95D-4759-952D-6B38DF99D1F0}) (Version: 4.4.0.3 - The Document Foundation)
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
MarketResearch (HKLM-x32\...\{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}) (Version: 100.0.170.000 - Hewlett-Packard) Hidden
MediaCoder 0.8.53.5930 (HKLM-x32\...\MediaCoder) (Version: 0.8.53.5930 - Mediatronic)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movavi Video Converter 19 Premium (HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\...\Movavi Video Converter 19 Premium) (Version: 19.0.0 - Movavi)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.2 - Mozilla)
Mozilla Thunderbird 60.5.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 60.5.1 (x86 cs)) (Version: 60.5.1 - Mozilla)
OpenOffice 4.1.3 (HKLM-x32\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.27015 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Seznam Software (HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\...\SeznamInstall) (Version: 2.1.29 - Seznam.cz)
Shark007 Advanced Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 5.0.5 - Shark007)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
TrayApp (HKLM-x32\...\{5ACE69F0-A3E8-44eb-88C1-0A841E700180}) (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.5.1 - VideoLAN)
WebReg (HKLM-x32\...\{CCB9B81A-167F-4832-B305-D2A0430840B3}) (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
x64 Components v5.0.5 (HKLM\...\Advanced x64Components_is1) (Version: 5.0.5 - Shark007)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2218426051-1343921682-1280377330-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-2218426051-1343921682-1280377330-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {008F2ADF-4797-4BC8-81BF-ABEFA121399D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {02006396-8769-4990-BE79-CF8B3424E91A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {06B9D51F-5ACF-47F3-AF95-EE2E003EF308} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0EE2955C-F46E-4FDC-870F-C70EAEBD8F71} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {12375BB0-12A0-4D07-8AA8-58718E1AD270} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {14008A36-2129-49DA-8444-2574CE078AD1} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1736D34B-29AC-4E38-83F6-8893AFADB894} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {186B8636-CD4A-4333-9A84-7A03CB82800F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {1D319E44-7C7E-4FD6-8DB1-2938ACC4BD19} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {1E5F4D85-195B-4A33-870F-6FF6A702C714} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1E71156C-3DCD-4F2F-9BF9-F2048C631AA1} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {21CD18D5-1D30-4D81-9581-6191210112CF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {264A7FC6-F18E-4A09-A07F-D777CC16B58A} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe (ASUSTeK Computer Inc. -> AsusTek)
Task: {2F3FE642-7D34-42A0-BDDA-F82157E4F4CA} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {30E0EF4A-E415-41A2-A295-9BF9A171B2BE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {49EDE5E5-EA20-49A6-8AF5-2DA7D3D53420} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {5495BCF3-DFED-4074-BA22-256A330D1390} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {59E2D01B-0D0A-458D-8D0A-638F4D2B2E4C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5E842A8B-1974-4013-A834-32E50C126426} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {62802AB4-7847-4A9F-823E-155396111F9A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {62C5B779-F8F9-435A-9680-0136270CE06C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {643839C3-E1E2-4C36-9667-9895EF664179} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {669EC601-AA3E-4DD5-9D2A-FD8D63312767} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {7933DDBE-E18E-415D-B6B4-92A861219B32} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {79989307-B1C0-463D-A00B-F65697A584A6} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7F5B13DA-FA2A-4404-80FB-7F0472F0C8F5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {8495A649-27F8-4845-B388-C14B72BCC8C8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {85B36841-C577-4573-A696-E83E9C2C5A3B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {8CCF3F65-80B8-4C1C-92C8-48907424E0E8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {904A1A3B-2241-4BEB-ADCC-6508C12A903F} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {98AA919C-4F55-4E27-B3F1-916DCA7FA440} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9ADFCDA2-9F57-4C40-BD1C-959548FD67F8} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9B5925A8-5ABA-46BB-B08F-0B102B9A39B0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9B6469C0-1218-4905-8188-042AB351810B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {9D9C1734-4959-4B5F-A207-3273A4902462} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A65685D5-08BA-4811-8AA2-23E7360FBEFC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A6AC77AE-6FF2-4DFE-A1C8-867B50C55622} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A88164CD-6EFC-4D61-961A-CBAB01BEE932} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {AC2D2CB5-3664-405E-964C-CC39BC16AF64} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B653D4D5-BCDB-451E-8DCC-EC96CBB2DC53} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {BAD5B9E0-98ED-4C1A-B114-E69500C0B511} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BF63C706-DE3E-450C-949C-37A78DD0240B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {C7B30DB1-0A50-47B5-9676-09E7D2489F61} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C7C7BECE-DE7C-4B7D-A009-1D73FC9E5E12} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {C949CBEB-62EA-4FE7-A660-C60EFD93C071} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {CC5B9A47-1E12-41CE-9612-A309FBAFA4DC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D31946AB-06E1-41FB-B2C9-FAC2A6F39589} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E155AB24-F812-461E-98D0-26A9B9CB4339} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E1F7641B-7F25-4CF5-A15B-884FC793AB16} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E3B2C607-3D2F-4E5E-90AC-4406E4D4E2EB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {ED2FF647-BBB2-4279-9557-13BAA2472E67} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {EFF5885B-E474-4AD4-B091-D1FB66C48814} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Kamila\Desktop\nepoužívané\Kamila - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default"

==================== Loaded Modules (Whitelisted) ==============

2012-11-29 09:47 - 2012-11-29 09:47 - 000327296 _____ (Qualcomm Atheros -> Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
2012-11-29 09:46 - 2012-11-29 09:46 - 000801920 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
2012-11-29 09:46 - 2012-11-29 09:46 - 000020608 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\athr_debug.dll
2012-11-29 09:47 - 2012-11-29 09:47 - 000074368 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\PhoneBook.DLL
2012-11-29 09:47 - 2012-11-29 09:47 - 000030848 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\utils.DLL
2012-11-29 09:47 - 2012-11-29 09:47 - 000106624 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\GOEP.DLL
2012-11-29 09:47 - 2012-11-29 09:47 - 000109696 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\sesmgr.dll
2012-11-29 09:47 - 2012-11-29 09:47 - 004947072 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll
2012-11-29 09:47 - 2012-11-29 09:47 - 000093824 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\L2capLib.dll
2012-11-29 09:47 - 2012-11-29 09:47 - 000065664 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\RfcommLib.dll
2016-12-06 15:09 - 2016-12-06 15:09 - 000061440 _____ () [File not signed] C:\Program Files\CCleaner\lang\lang-1029.dll
2007-11-06 21:16 - 2007-11-06 21:16 - 000139264 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll
2007-11-06 21:16 - 2007-11-06 21:16 - 000184320 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll
2007-11-06 21:16 - 2007-11-06 21:16 - 000217088 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll
2017-11-27 11:05 - 2019-02-01 09:56 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2017-11-27 11:05 - 2019-02-01 09:56 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2017-11-27 11:05 - 2019-02-01 09:56 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2017-11-27 11:05 - 2019-02-01 09:56 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2017-11-27 11:05 - 2019-02-01 09:56 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2017-11-27 11:05 - 2019-02-01 09:56 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2017-11-27 11:05 - 2019-02-01 09:55 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-03-03 21:16 - 2019-02-01 09:56 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-03-03 21:16 - 2019-02-01 09:56 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-03-03 21:16 - 2019-02-01 09:56 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-03-03 21:16 - 2019-02-01 09:56 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2017-11-27 11:05 - 2019-02-01 09:56 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-03-03 21:16 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-03-03 21:16 - 2019-02-01 09:56 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-03-03 21:16 - 2019-02-01 09:56 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-03-03 21:16 - 2019-02-01 09:56 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-03-03 21:16 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-03-03 21:16 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-03-03 21:16 - 2019-02-01 09:56 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-03-03 21:16 - 2019-02-01 09:56 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2015-02-03 19:59 - 2015-02-03 19:59 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:4B1BA31B [270]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kamila\Desktop\kubíček2.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run32: => "HPUsageTracking"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\...\StartupApproved\Run: => "SeznamInstall-uninstall:57199e43506fa704ffacc814d558a5a2"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{55BE8587-2C08-4BE7-BB19-29D2659184F6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe No File
FirewallRules: [{4C45E697-FDA9-479C-BBA3-6CC5F8412255}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe No File
FirewallRules: [{52505DF0-386E-4A61-A20C-4AE24C532242}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe No File
FirewallRules: [{AD25199E-6EE4-43AC-A69F-7A02D7EE9185}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe No File
FirewallRules: [{72265041-65B0-4DF8-8D1F-5A194F4576A1}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E9A92593-5945-4A7E-AF8B-D63ABCB82BBD}] => (Allow) LPort=1900
FirewallRules: [{D515A0EF-DFCC-4D9F-AC37-02FD9352CB67}] => (Allow) LPort=2869
FirewallRules: [{883D8B60-FA23-4559-88EE-52850FFC3075}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C74EC12B-F2AD-40CE-9831-5BEF8BABD8B3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6AD8C6BA-6552-47D5-BEB3-59FEA4141C6C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/08/2019 03:44:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SkypeApp.exe, verze: 8.36.0.52, časové razítko: 0x5c101808
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.17134.137, časové razítko: 0xb5d50228
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000009cad5
ID chybujícího procesu: 0x2758
Čas spuštění chybující aplikace: 0x01d49d06aa022a5c
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\twinapi.appcore.dll
ID zprávy: 3ef40e73-239f-43da-bbe0-b500f927834c
Úplný název chybujícího balíčku: Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c
ID aplikace související s chybujícím balíčkem: App

Error: (11/03/2018 02:27:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: uninst.exe, verze: 19.0.0.0, časové razítko: 0x5bcb3b90
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x687200fb
ID chybujícího procesu: 0x1f48
Čas spuštění chybující aplikace: 0x01d47378f45e25b3
Cesta k chybující aplikaci: C:\Users\Kamila\AppData\Roaming\Movavi Video Converter 19 Premium\uninst.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: f4397fb4-f7e0-4932-a2ab-12f0256be230
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/03/2018 02:27:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: uninst.exe, verze: 19.0.0.0, časové razítko: 0x5bcb3b90
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc00001a5
Posun chyby: 0x00000000
ID chybujícího procesu: 0x1f48
Čas spuštění chybující aplikace: 0x01d47378f45e25b3
Cesta k chybující aplikaci: C:\Users\Kamila\AppData\Roaming\Movavi Video Converter 19 Premium\uninst.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: afe9f10e-cdc9-437e-b0ca-dc5905c3a68b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/03/2018 02:27:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: uninst.exe, verze: 19.0.0.0, časové razítko: 0x5bcb3b90
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000409
Posun chyby: 0x687200fb
ID chybujícího procesu: 0x1f48
Čas spuštění chybující aplikace: 0x01d47378f45e25b3
Cesta k chybující aplikaci: C:\Users\Kamila\AppData\Roaming\Movavi Video Converter 19 Premium\uninst.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 7386c3ab-0384-4757-ad8e-39310a24affb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/08/2018 05:29:12 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {41FD88F7-F295-4D39-91AC-A85F3149A05B} byla odmítnuta.

Error: (08/08/2018 05:29:12 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {41FD88F7-F295-4D39-91AC-A85F3149A05B} byla odmítnuta.

Error: (07/03/2018 06:41:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2018.18041.15530.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 2d0

Čas spuštění: 01d412ef8eae468d

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

ID hlášení: bcb87290-bbfd-49f3-ab1d-adfce59cf486

Úplný název balíčku s chybou: Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe

ID aplikace související s balíčkem s chybou: App

Error: (06/13/2018 06:51:05 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: Sběr dat čítače výkonu od služby ASP.NET_2.0.50727 byl vypnut z důvodu jedné nebo více chyb generovaných knihovnou čítače výkonu pro tuto službu. Chyby, které vyvolaly tuto akci, byly zapsány do protokolu událostí aplikace. Opravte tyto chyby před novým zapnutím čítačů výkonu pro tuto službu.


System errors:
=============
Error: (03/04/2019 12:31:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/04/2019 07:04:17 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/04/2019 07:01:47 AM) (Source: DCOM) (EventID: 10016) (User: CAMILLANAILS)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli CAMILLANAILS\Kamila (SID: S-1-5-21-2218426051-1343921682-1280377330-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/04/2019 07:01:23 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/04/2019 07:01:23 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/04/2019 07:01:23 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/03/2019 09:32:53 PM) (Source: DCOM) (EventID: 10016) (User: CAMILLANAILS)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli CAMILLANAILS\Kamila (SID: S-1-5-21-2218426051-1343921682-1280377330-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/03/2019 08:50:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2019-01-31 14:28:39.332
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D59733E5-E190-4E68-823D-23A3F62F2FF3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-01-22 13:18:46.663
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {851B20EB-0EE1-4778-94CF-606DAA5EB388}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-10-21 15:10:38.709
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo podezřelé chování.
Název: Informational:Behavior/ModifiedKernel
ID: 2902797865
Závažnost: Nízké
Kategorie: Podezřelé chování
Nalezená cesta: process:_0
Původ zjištění: Neznámý
Typ zjištění: Podezřelý
Zdroj zjištění: Ochrana v reálném čase
Stav: Provádění
Uživatel: Unknown\Unknown
Název procesu: Unknown
ID podpisu: 717259538435
Verze podpisu: AV: 1.279.218.0, AS: 1.279.218.0
Verze modulu: 1.1.15400.4
Štítek věrnosti: Střední
Název cílového souboru: c:\windows\\system32\drivers\btath_bus.sys

Date: 2018-10-21 15:01:29.948
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0B7FC315-8731-4AEB-B884-2F9ED55EA283}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-11-09 20:47:29.598
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.279.1424.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15400.4
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.

Date: 2018-11-09 20:47:29.597
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.279.1424.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15400.4
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.

Date: 2018-10-06 11:57:38.569
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.277.595.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15300.6
Kód chyby: 0x80240016
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2019-03-04 07:05:48.777
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-04 07:04:41.117
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-04 07:04:40.531
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-04 07:04:39.940
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-04 07:04:39.246
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-04 07:04:38.124
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-04 07:04:37.153
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-04 07:04:36.362
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz
Percentage of memory in use: 62%
Total physical RAM: 6029.73 MB
Available physical RAM: 2245.86 MB
Total Virtual: 12173.73 MB
Available Virtual: 8005.25 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.88 GB) (Free:53.84 GB) NTFS
Drive e: (Camilla Nails) (Fixed) (Total:698.63 GB) (Free:527.45 GB) NTFS

\\?\Volume{19c44843-ac07-11e4-850e-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{c7f2385d-0000-0000-0000-00bf1b000000}\ () (Fixed) (Total:0.8 GB) (Free:0.37 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: C7F2385D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=824 MB) - (Type=27)

========================================================
Disk: 1 (Size: 698.6 GB) (Disk ID: 2BFB4DC8)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
CamillaNails
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 13 led 2017 20:41

Re: Prosím o kontrolu logu

#4 Příspěvek od CamillaNails »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-02-28.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-04-2019
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 14
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\Kamila\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}
Deleted HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2}

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Esko

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2539 octets] - [04/03/2019 17:57:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#5 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
CamillaNails
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 13 led 2017 20:41

Re: Prosím o kontrolu logu

#6 Příspěvek od CamillaNails »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.03.2019 01
Ran by Kamila (administrator) on CAMILLANAILS (04-03-2019 18:40:17)
Running from C:\Users\Kamila\Desktop
Loaded Profiles: Kamila (Available Profiles: Kamila & DefaultAppPool)
Platform: Windows 10 Home Version 1803 17134.590 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\MsMpEng.exe
(Qualcomm Atheros -> Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19021.10411.0_x64__8wekyb3d8bbwe\Video.UI.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\NisSrv.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe\DvdPlayer.UI.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1812.10048.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\athbttray.exe [801920 2012-11-29] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291280 2015-02-03] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [406328 2013-09-09] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [205624 2013-05-30] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [HPUsageTracking] => "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd -> Piriform Ltd)
HKLM\...\Drivers32: [vidc.x264] => C:\WINDOWS\system32\x264vfw.dll [3570688 2014-12-21] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\WINDOWS\system32\ac3filter.acm [2231296 2013-04-05] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\WINDOWS\SysWOW64\ac3filter.acm [1679360 2013-04-05] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\SysWOW64\x264vfw.dll [3588608 2014-12-21] (x264vfw project) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\Installer\chrmstp.exe [2019-02-22] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-11-29] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-11-29] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-03-04]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{2678ba83-d4d5-4c94-9b77-d9230bc705a8}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{5cd304e8-8b70-44d3-8c0e-1e8e6333e567}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-11-29] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-20] (Oracle America, Inc. -> Oracle Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2218426051-1343921682-1280377330-1000 -> hxxp://www.seznam.cz/
Edge Session Restore: HKU\S-1-5-21-2218426051-1343921682-1280377330-1000 -> is enabled.

FireFox:
========
FF ProfilePath: C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168 [2017-11-27]
FF Homepage: Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168 -> hxxp://www.google.cz/
FF Session Restore: Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168 -> is enabled.
FF Extension: (Disconnect) - C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168\Extensions\2.0@disconnect.me.xpi [2016-09-03] [Legacy]
FF Extension: (Firefox Hotfix) - C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31] [Legacy]
FF Extension: (Flashblock) - C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2016-09-03] [Legacy]
FF Extension: (NoScript) - C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-09-03] [Legacy]
FF Extension: (Seznam lištička) - C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-04-22] [Legacy]
FF ProfilePath: C:\Users\Kamila\AppData\Roaming\KompoZer\Profiles\c3m9hg9e.default [2017-05-13]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-02-15] (Adobe Systems Incorporated -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-15] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc -> Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://www.facebook.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default [2019-03-04]
CHR Extension: (Prezentace) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-28]
CHR Extension: (Dokumenty) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-28]
CHR Extension: (Disk Google) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-25]
CHR Extension: (YouTube) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-03]
CHR Extension: (Adobe Acrobat) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-08-03]
CHR Extension: (Tabulky) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (Tlačítko Uložit) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2019-03-03]
CHR Extension: (Cuttlefish Damask Black) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\iadoejdcofeifcanjdnmbpamnacmmlnm [2018-12-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-12]
CHR Extension: (Gmail) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-17]
CHR Profile: C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-03-03]
CHR Extension: (Prezentace) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-06]
CHR Extension: (Dokumenty) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-06]
CHR Extension: (Disk Google) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-06]
CHR Extension: (YouTube) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-06]
CHR Extension: (Adobe Acrobat) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-03-06]
CHR Extension: (Tabulky) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-08]
CHR Extension: (Gmail) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-06]
CHR Extension: (Chrome Media Router) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-01]
CHR Profile: C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2 [2019-03-04]
CHR Extension: (Prezentace) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-07]
CHR Extension: (Dokumenty) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-07]
CHR Extension: (Disk Google) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-26]
CHR Extension: (YouTube) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-26]
CHR Extension: (Adobe Acrobat) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-10-02]
CHR Extension: (Tabulky) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-12]
CHR Extension: (Gmail) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-23]
CHR Profile: C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\System Profile [2018-08-22]
CHR HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-02-22] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-02-22] (Microsoft Corporation -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-11-29] (Qualcomm Atheros -> Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 HPFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [20504 2007-07-16] (Hewlett-Packard Company -> Hewlett Packard)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek Semiconductor Corp -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-02-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [333792 2019-02-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-02-22] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-04 17:56 - 2019-03-04 17:56 - 007316688 _____ (Malwarebytes) C:\Users\Kamila\Desktop\adwcleaner_7.2.7.0.exe
2019-03-04 12:44 - 2019-03-04 12:46 - 000052307 _____ C:\Users\Kamila\Desktop\Addition.txt
2019-03-04 12:43 - 2019-03-04 18:41 - 000024314 _____ C:\Users\Kamila\Desktop\FRST.txt
2019-03-04 12:41 - 2019-03-04 12:41 - 002434560 _____ (Farbar) C:\Users\Kamila\Desktop\FRST64.exe
2019-03-03 21:32 - 2019-03-03 21:33 - 062158736 _____ (Malwarebytes ) C:\Users\Kamila\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.538-1.0.9430 (1).exe
2019-03-03 21:17 - 2019-03-03 21:17 - 000000000 ____D C:\Users\Kamila\AppData\Local\mbam
2019-03-03 21:16 - 2019-03-03 21:16 - 000000000 ____D C:\Users\Kamila\AppData\Local\mbamtray
2019-03-03 21:15 - 2019-03-03 21:16 - 062158736 _____ (Malwarebytes ) C:\Users\Kamila\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.538-1.0.9430.exe
2019-02-15 13:15 - 2019-02-06 04:00 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-15 13:15 - 2019-02-06 04:00 - 006572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-15 13:14 - 2019-02-06 08:54 - 004527584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-15 13:14 - 2019-02-06 08:53 - 001634704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-15 13:14 - 2019-02-06 08:35 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-15 13:14 - 2019-02-06 08:32 - 003648512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-15 13:14 - 2019-02-06 08:30 - 004052992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-15 13:14 - 2019-02-06 08:30 - 001662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-15 13:14 - 2019-02-06 08:30 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-15 13:14 - 2019-02-06 08:11 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-15 13:14 - 2019-02-06 07:57 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-15 13:14 - 2019-02-06 07:52 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-15 13:14 - 2019-02-06 07:52 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-15 13:14 - 2019-02-06 07:52 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-15 13:14 - 2019-02-06 04:01 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-15 13:14 - 2019-02-06 04:01 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-15 13:14 - 2019-02-06 04:01 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-15 13:14 - 2019-02-06 04:01 - 000720480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-15 13:14 - 2019-02-06 04:01 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-02-15 13:14 - 2019-02-06 04:01 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-15 13:14 - 2019-02-06 04:01 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-02-15 13:14 - 2019-02-06 04:01 - 000033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-15 13:14 - 2019-02-06 04:00 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-15 13:14 - 2019-02-06 04:00 - 002719760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-15 13:14 - 2019-02-06 04:00 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-15 13:14 - 2019-02-06 04:00 - 002421264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-15 13:14 - 2019-02-06 04:00 - 001257904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-15 13:14 - 2019-02-06 04:00 - 001140680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-15 13:14 - 2019-02-06 04:00 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-02-15 13:14 - 2019-02-06 04:00 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-02-15 13:14 - 2019-02-06 04:00 - 000945680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-15 13:14 - 2019-02-06 04:00 - 000899728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-15 13:14 - 2019-02-06 04:00 - 000466960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-15 13:14 - 2019-02-06 04:00 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-15 13:14 - 2019-02-06 04:00 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-15 13:14 - 2019-02-06 04:00 - 000038792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-15 13:14 - 2019-02-06 03:59 - 001922064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-15 13:14 - 2019-02-06 03:59 - 001457248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-15 13:14 - 2019-02-06 03:59 - 000983128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-15 13:14 - 2019-02-06 03:59 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-15 13:14 - 2019-02-06 03:52 - 022014464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-15 13:14 - 2019-02-06 03:45 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-15 13:14 - 2019-02-06 03:42 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-15 13:14 - 2019-02-06 03:41 - 025853952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-15 13:14 - 2019-02-06 03:41 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-02-15 13:14 - 2019-02-06 03:40 - 005792256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-15 13:14 - 2019-02-06 03:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-15 13:14 - 2019-02-06 03:38 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-15 13:14 - 2019-02-06 03:38 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-02-15 13:14 - 2019-02-06 03:37 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-15 13:14 - 2019-02-06 03:37 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-15 13:14 - 2019-02-06 03:33 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-15 13:14 - 2019-02-06 03:29 - 004865536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-15 13:14 - 2019-02-06 03:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-15 13:14 - 2019-02-06 03:28 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-15 13:14 - 2019-02-06 03:27 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-15 13:14 - 2019-02-06 03:27 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-15 13:14 - 2019-02-06 03:27 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-15 13:14 - 2019-02-06 03:27 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-15 13:14 - 2019-02-06 03:26 - 007599616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-15 13:14 - 2019-02-06 03:26 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-02-15 13:14 - 2019-02-06 03:26 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-15 13:14 - 2019-02-06 03:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-15 13:14 - 2019-02-06 03:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-02-15 13:14 - 2019-02-06 03:25 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-15 13:14 - 2019-02-06 03:25 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-15 13:14 - 2019-02-06 03:24 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-15 13:14 - 2019-02-06 03:24 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-02-15 13:14 - 2019-02-06 03:23 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-15 13:14 - 2019-02-06 03:22 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-15 13:14 - 2019-02-06 03:22 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-15 13:14 - 2019-02-06 03:21 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-15 13:14 - 2019-02-06 02:04 - 000001314 _____ C:\WINDOWS\system32\tcbres.wim
2019-02-15 13:14 - 2019-01-12 09:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-15 13:14 - 2019-01-12 03:28 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-15 13:14 - 2019-01-09 19:08 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-02-15 13:14 - 2019-01-09 18:57 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-15 13:14 - 2019-01-09 18:42 - 004716032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-15 13:14 - 2019-01-09 18:41 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-02-15 13:14 - 2019-01-09 18:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-02-15 13:14 - 2019-01-09 18:40 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-02-15 13:14 - 2019-01-09 18:36 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-02-15 13:14 - 2019-01-09 18:35 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-02-15 13:14 - 2019-01-09 11:14 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-15 13:14 - 2019-01-09 10:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-02-15 13:14 - 2019-01-09 10:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-02-15 13:14 - 2019-01-09 09:55 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-02-15 13:14 - 2019-01-09 09:48 - 000527368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-02-15 13:14 - 2019-01-09 06:59 - 000611848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-15 13:14 - 2019-01-09 06:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 001981280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
2019-02-15 13:14 - 2019-01-09 06:42 - 001035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-15 13:14 - 2019-01-09 06:42 - 000092704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-02-15 13:14 - 2019-01-09 06:40 - 002765336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-15 13:14 - 2019-01-09 06:40 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-15 13:14 - 2019-01-09 06:40 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-02-15 13:14 - 2019-01-09 06:40 - 000226104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-15 13:14 - 2019-01-09 06:40 - 000090872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 001943128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 000789696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 000349656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-15 13:14 - 2019-01-09 06:39 - 000164192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 000085472 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2019-02-15 13:14 - 2019-01-09 06:33 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-15 13:14 - 2019-01-09 06:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-15 13:14 - 2019-01-09 06:29 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-02-15 13:14 - 2019-01-09 06:29 - 002500096 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-02-15 13:14 - 2019-01-09 06:27 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-02-15 13:14 - 2019-01-09 06:27 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-15 13:14 - 2019-01-09 06:27 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-15 13:14 - 2019-01-09 06:26 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-02-15 13:14 - 2019-01-09 06:26 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-15 13:14 - 2019-01-09 06:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-02-15 13:14 - 2019-01-09 06:25 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-15 13:14 - 2019-01-09 06:24 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-02-15 13:14 - 2019-01-09 06:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-02-15 13:14 - 2019-01-09 06:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-02-15 13:14 - 2019-01-09 06:21 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-15 13:14 - 2019-01-09 06:21 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-02-15 13:14 - 2019-01-09 06:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-15 13:14 - 2019-01-09 06:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-15 13:14 - 2019-01-09 06:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-15 13:14 - 2019-01-09 06:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-15 13:14 - 2019-01-09 06:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-02-15 13:14 - 2019-01-09 06:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-15 13:14 - 2019-01-09 06:19 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-02-15 13:14 - 2019-01-09 06:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-02-15 13:14 - 2019-01-09 06:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-02-15 13:14 - 2019-01-09 06:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2019-02-15 13:14 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-02-15 13:14 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-02-15 13:14 - 2019-01-08 10:08 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-15 13:14 - 2019-01-08 04:06 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-15 13:14 - 2019-01-08 04:06 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-15 13:14 - 2019-01-08 04:06 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-03 15:02 - 2019-02-03 15:02 - 000000066 _____ C:\Users\Kamila\Downloads\Ostrov inspirace.txt

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-04 18:40 - 2017-05-21 11:30 - 000000000 ____D C:\FRST
2019-03-04 18:31 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-04 18:28 - 2018-05-15 06:24 - 000004208 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{73E85111-E035-4212-A804-341B7B13DD5A}
2019-03-04 18:03 - 2018-05-15 06:14 - 001956152 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-04 18:03 - 2018-04-12 16:50 - 000809482 _____ C:\WINDOWS\system32\perfh005.dat
2019-03-04 18:03 - 2018-04-12 16:50 - 000186690 _____ C:\WINDOWS\system32\perfc005.dat
2019-03-04 18:03 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-03-04 17:59 - 2017-04-14 18:20 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2019-03-04 17:58 - 2018-05-15 06:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-04 17:58 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-03-04 17:58 - 2015-02-03 19:52 - 000000000 __SHD C:\Users\Kamila\IntelGraphicsProfiles
2019-03-04 17:57 - 2015-08-07 14:07 - 000000000 ____D C:\AdwCleaner
2019-03-04 17:56 - 2017-12-03 19:32 - 000000000 ____D C:\Users\Kamila\Downloads\logopedie
2019-03-04 17:55 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-03-04 17:55 - 2015-08-07 14:10 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-03-04 17:54 - 2018-05-15 06:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-03 19:59 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-03 19:59 - 2016-11-23 19:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2019-03-03 19:59 - 2015-02-04 20:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-03 15:16 - 2018-11-16 20:11 - 000000000 ____D C:\Program Files\rempl
2019-03-03 15:15 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-22 20:31 - 2018-02-15 14:54 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-02-22 20:28 - 2017-04-25 19:05 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-22 20:28 - 2015-11-08 15:14 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-20 10:18 - 2015-02-04 20:33 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2019-02-20 10:08 - 2018-05-16 19:22 - 000000000 ____D C:\Users\Kamila\AppData\Local\PlaceholderTileLogoFolder
2019-02-19 13:27 - 2017-12-11 20:18 - 000000000 ____D C:\Users\Kamila\AppData\Local\Packages
2019-02-19 08:54 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-17 17:38 - 2018-05-15 06:08 - 000551288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-17 17:37 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-17 17:37 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-17 17:37 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-02-17 17:37 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-17 17:37 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-17 17:37 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-17 11:01 - 2015-04-10 17:51 - 000000000 ____D C:\Users\Kamila\Desktop\novinky
2019-02-17 10:17 - 2018-05-15 06:24 - 000004614 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-02-17 10:17 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-02-17 10:17 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-02-15 13:14 - 2015-02-03 19:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-15 13:12 - 2015-02-03 19:29 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-15 13:04 - 2018-05-15 06:24 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-02-15 13:02 - 2018-05-15 06:24 - 000004650 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-02-12 10:51 - 2018-05-15 06:24 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2218426051-1343921682-1280377330-1000
2019-02-12 10:51 - 2018-05-15 06:19 - 000002436 _____ C:\Users\Kamila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-12 10:51 - 2015-05-27 21:03 - 000000000 ___RD C:\Users\Kamila\OneDrive
2019-02-08 20:07 - 2018-07-11 06:53 - 000000000 ____D C:\ProgramData\Packages
2019-02-07 19:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-02-02 23:53 - 2018-04-12 00:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-02-02 23:53 - 2018-04-12 00:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2016-02-15 15:06 - 2017-12-06 14:51 - 000017408 _____ () C:\Users\Kamila\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-15 06:08

==================== End of FRST.txt ============================

Uživatelský avatar
CamillaNails
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 13 led 2017 20:41

Re: Prosím o kontrolu logu

#7 Příspěvek od CamillaNails »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019 01
Ran by Kamila (04-03-2019 18:41:34)
Running from C:\Users\Kamila\Desktop
Windows 10 Home Version 1803 17134.590 (X64) (2018-05-15 05:24:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2218426051-1343921682-1280377330-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2218426051-1343921682-1280377330-503 - Limited - Disabled)
Guest (S-1-5-21-2218426051-1343921682-1280377330-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2218426051-1343921682-1280377330-1002 - Limited - Enabled)
Kamila (S-1-5-21-2218426051-1343921682-1280377330-1000 - Administrator - Enabled) => C:\Users\Kamila
WDAGUtilityAccount (S-1-5-21-2218426051-1343921682-1280377330-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{0611B3CC-B5DB-4B93-ACE4-97B8F938E6B7}) (Version: 4.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.170 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
AVCWare Ringtone Maker (HKLM-x32\...\AVCWare Ringtone Maker) (Version: 2.0.5.20120712 - AVCWare)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
Balíček ovladače systému Windows - ASUS (ATP) Mouse (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS)
BufferChm (HKLM-x32\...\{687FEF8A-8597-40b4-832C-297EA3F35817}) (Version: 100.0.170.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
CustomerResearchQFolder (HKLM-x32\...\{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DeviceDiscovery (HKLM-x32\...\{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}) (Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (HKLM-x32\...\{AB5D51AE-EBC3-438D-872C-705C7C2084B0}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
dm CEWE fotosvet (HKLM-x32\...\dm CEWE fotosvet) (Version: 6.3.7 - CEWE Stiftung u Co. KGaA)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GOM Audio (HKLM-x32\...\GomAudio) (Version: 2.0.7.1108 - Gretech Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.14.5270 - Gretech Corporation)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP Color LaserJet CM1312 MFP Series 5.1 (HKLM\...\{8EEDB90E-6ABC-42bb-AD4C-39DEE05E3EEA}) (Version: 5.1 - HP)
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
hppCLJCM1312 (HKLM-x32\...\{07B85EEC-05BD-4E6A-AAEB-502FB2473DFA}) (Version: 005.001.00142 - Hewlett-Packard) Hidden
hppFaxDrvCM1312 (HKLM-x32\...\{7985C7FA-B151-4BA7-B19E-1577A7B527F1}) (Version: 005.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityCM1312 (HKLM-x32\...\{0626C86E-5A8F-4A6D-8C0A-5FF38BD2DA3A}) (Version: 005.001.00137 - Název společnosti:) Hidden
hppFonts (HKLM-x32\...\{995F2783-8311-49BF-833E-DB659774B4F6}) (Version: 001.001.00061 - Hewlett-Packard) Hidden
hppManualsCM1312 (HKLM-x32\...\{ED498DD7-FBC1-4C67-8D9B-C9218FBC818D}) (Version: 005.001.00145 - Název společnosti:) Hidden
hppQFolderCM1312 (HKLM-x32\...\{583EDB12-4CEA-48B5-A7BA-88069DD47BA2}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
hppScanToCM1312 (HKLM-x32\...\{B59ACF5E-0FF7-44D2-B57D-E516F334AC2E}) (Version: 005.001.00140 - Název společnosti:) Hidden
hppSendFaxCM1312 (HKLM-x32\...\{484A13AB-A4C1-41FD-87E0-EBE2DA01250E}) (Version: 005.000.00001 - Název společnosti:) Hidden
hppusgCM1312 (HKLM-x32\...\{325D1D94-4F34-46A7-A489-737C801B931D}) (Version: 1.1.0.1 - Hewlett-Packard) Hidden
Inpaint 6.2 (HKLM\...\{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1) (Version: - Teorex)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.7.248 - Intel Corporation)
IrfanView 4.44 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.44 - Irfan Skiljan)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LibreOffice 4.4 Help Pack (Czech) (HKLM-x32\...\{287D0D9F-A64D-455C-88A8-93B8FC1D9A8A}) (Version: 4.4.0.3 - The Document Foundation)
LibreOffice 4.4.0.3 (HKLM-x32\...\{8BEE1CDD-F95D-4759-952D-6B38DF99D1F0}) (Version: 4.4.0.3 - The Document Foundation)
MarketResearch (HKLM-x32\...\{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}) (Version: 100.0.170.000 - Hewlett-Packard) Hidden
MediaCoder 0.8.53.5930 (HKLM-x32\...\MediaCoder) (Version: 0.8.53.5930 - Mediatronic)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movavi Video Converter 19 Premium (HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\...\Movavi Video Converter 19 Premium) (Version: 19.0.0 - Movavi)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.2 - Mozilla)
Mozilla Thunderbird 60.5.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 60.5.1 (x86 cs)) (Version: 60.5.1 - Mozilla)
OpenOffice 4.1.3 (HKLM-x32\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.27015 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Shark007 Advanced Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 5.0.5 - Shark007)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
TrayApp (HKLM-x32\...\{5ACE69F0-A3E8-44eb-88C1-0A841E700180}) (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.5.1 - VideoLAN)
WebReg (HKLM-x32\...\{CCB9B81A-167F-4832-B305-D2A0430840B3}) (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
x64 Components v5.0.5 (HKLM\...\Advanced x64Components_is1) (Version: 5.0.5 - Shark007)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2218426051-1343921682-1280377330-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-2218426051-1343921682-1280377330-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} => -> No File
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {008F2ADF-4797-4BC8-81BF-ABEFA121399D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {02006396-8769-4990-BE79-CF8B3424E91A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {06B9D51F-5ACF-47F3-AF95-EE2E003EF308} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0EE2955C-F46E-4FDC-870F-C70EAEBD8F71} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {12375BB0-12A0-4D07-8AA8-58718E1AD270} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {14008A36-2129-49DA-8444-2574CE078AD1} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1736D34B-29AC-4E38-83F6-8893AFADB894} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {186B8636-CD4A-4333-9A84-7A03CB82800F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {1D319E44-7C7E-4FD6-8DB1-2938ACC4BD19} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {1E5F4D85-195B-4A33-870F-6FF6A702C714} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1E71156C-3DCD-4F2F-9BF9-F2048C631AA1} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {21CD18D5-1D30-4D81-9581-6191210112CF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {264A7FC6-F18E-4A09-A07F-D777CC16B58A} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe (ASUSTeK Computer Inc. -> AsusTek)
Task: {2F3FE642-7D34-42A0-BDDA-F82157E4F4CA} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {30E0EF4A-E415-41A2-A295-9BF9A171B2BE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {49EDE5E5-EA20-49A6-8AF5-2DA7D3D53420} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {5495BCF3-DFED-4074-BA22-256A330D1390} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {59E2D01B-0D0A-458D-8D0A-638F4D2B2E4C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5E842A8B-1974-4013-A834-32E50C126426} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {62802AB4-7847-4A9F-823E-155396111F9A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {62C5B779-F8F9-435A-9680-0136270CE06C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {643839C3-E1E2-4C36-9667-9895EF664179} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {669EC601-AA3E-4DD5-9D2A-FD8D63312767} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {7933DDBE-E18E-415D-B6B4-92A861219B32} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {79989307-B1C0-463D-A00B-F65697A584A6} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7F5B13DA-FA2A-4404-80FB-7F0472F0C8F5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {8495A649-27F8-4845-B388-C14B72BCC8C8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {85B36841-C577-4573-A696-E83E9C2C5A3B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {8CCF3F65-80B8-4C1C-92C8-48907424E0E8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {904A1A3B-2241-4BEB-ADCC-6508C12A903F} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {98AA919C-4F55-4E27-B3F1-916DCA7FA440} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9ADFCDA2-9F57-4C40-BD1C-959548FD67F8} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9B5925A8-5ABA-46BB-B08F-0B102B9A39B0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9B6469C0-1218-4905-8188-042AB351810B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {9D9C1734-4959-4B5F-A207-3273A4902462} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A65685D5-08BA-4811-8AA2-23E7360FBEFC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A6AC77AE-6FF2-4DFE-A1C8-867B50C55622} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A88164CD-6EFC-4D61-961A-CBAB01BEE932} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {AC2D2CB5-3664-405E-964C-CC39BC16AF64} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B653D4D5-BCDB-451E-8DCC-EC96CBB2DC53} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {BAD5B9E0-98ED-4C1A-B114-E69500C0B511} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BF63C706-DE3E-450C-949C-37A78DD0240B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {C7B30DB1-0A50-47B5-9676-09E7D2489F61} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C7C7BECE-DE7C-4B7D-A009-1D73FC9E5E12} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {C949CBEB-62EA-4FE7-A660-C60EFD93C071} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {CC5B9A47-1E12-41CE-9612-A309FBAFA4DC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D31946AB-06E1-41FB-B2C9-FAC2A6F39589} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E155AB24-F812-461E-98D0-26A9B9CB4339} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E1F7641B-7F25-4CF5-A15B-884FC793AB16} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E3B2C607-3D2F-4E5E-90AC-4406E4D4E2EB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {ED2FF647-BBB2-4279-9557-13BAA2472E67} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {EFF5885B-E474-4AD4-B091-D1FB66C48814} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Kamila\Desktop\nepoužívané\Kamila - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default"

==================== Loaded Modules (Whitelisted) ==============

2009-05-14 15:49 - 2009-05-14 15:49 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2009-05-14 15:49 - 2009-05-14 15:49 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2012-11-29 09:47 - 2012-11-29 09:47 - 000327296 _____ (Qualcomm Atheros -> Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
2012-11-29 09:46 - 2012-11-29 09:46 - 000801920 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
2012-11-29 09:47 - 2012-11-29 09:47 - 000030848 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\utils.DLL
2012-11-29 09:46 - 2012-11-29 09:46 - 000020608 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\athr_debug.dll
2012-11-29 09:47 - 2012-11-29 09:47 - 000074368 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\PhoneBook.DLL
2012-11-29 09:47 - 2012-11-29 09:47 - 000106624 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\GOEP.DLL
2012-11-29 09:47 - 2012-11-29 09:47 - 000109696 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\sesmgr.dll
2012-11-29 09:47 - 2012-11-29 09:47 - 004947072 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll
2012-11-29 09:47 - 2012-11-29 09:47 - 000093824 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\L2capLib.dll
2012-11-29 09:47 - 2012-11-29 09:47 - 000065664 _____ (Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\RfcommLib.dll
2007-11-06 21:16 - 2007-11-06 21:16 - 000139264 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll
2007-11-06 21:16 - 2007-11-06 21:16 - 000184320 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll
2007-11-06 21:16 - 2007-11-06 21:16 - 000217088 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll
2015-02-03 19:59 - 2015-02-03 19:59 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:4B1BA31B [270]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kamila\Desktop\kubíček2.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run32: => "HPUsageTracking"
HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\...\StartupApproved\Run: => "SeznamInstall-uninstall:57199e43506fa704ffacc814d558a5a2"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{55BE8587-2C08-4BE7-BB19-29D2659184F6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe No File
FirewallRules: [{4C45E697-FDA9-479C-BBA3-6CC5F8412255}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe No File
FirewallRules: [{52505DF0-386E-4A61-A20C-4AE24C532242}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe No File
FirewallRules: [{AD25199E-6EE4-43AC-A69F-7A02D7EE9185}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe No File
FirewallRules: [{72265041-65B0-4DF8-8D1F-5A194F4576A1}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E9A92593-5945-4A7E-AF8B-D63ABCB82BBD}] => (Allow) LPort=1900
FirewallRules: [{D515A0EF-DFCC-4D9F-AC37-02FD9352CB67}] => (Allow) LPort=2869
FirewallRules: [{883D8B60-FA23-4559-88EE-52850FFC3075}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C74EC12B-F2AD-40CE-9831-5BEF8BABD8B3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6AD8C6BA-6552-47D5-BEB3-59FEA4141C6C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/08/2019 03:44:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SkypeApp.exe, verze: 8.36.0.52, časové razítko: 0x5c101808
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.17134.137, časové razítko: 0xb5d50228
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000009cad5
ID chybujícího procesu: 0x2758
Čas spuštění chybující aplikace: 0x01d49d06aa022a5c
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\twinapi.appcore.dll
ID zprávy: 3ef40e73-239f-43da-bbe0-b500f927834c
Úplný název chybujícího balíčku: Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c
ID aplikace související s chybujícím balíčkem: App

Error: (11/03/2018 02:27:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: uninst.exe, verze: 19.0.0.0, časové razítko: 0x5bcb3b90
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x687200fb
ID chybujícího procesu: 0x1f48
Čas spuštění chybující aplikace: 0x01d47378f45e25b3
Cesta k chybující aplikaci: C:\Users\Kamila\AppData\Roaming\Movavi Video Converter 19 Premium\uninst.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: f4397fb4-f7e0-4932-a2ab-12f0256be230
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/03/2018 02:27:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: uninst.exe, verze: 19.0.0.0, časové razítko: 0x5bcb3b90
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc00001a5
Posun chyby: 0x00000000
ID chybujícího procesu: 0x1f48
Čas spuštění chybující aplikace: 0x01d47378f45e25b3
Cesta k chybující aplikaci: C:\Users\Kamila\AppData\Roaming\Movavi Video Converter 19 Premium\uninst.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: afe9f10e-cdc9-437e-b0ca-dc5905c3a68b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/03/2018 02:27:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: uninst.exe, verze: 19.0.0.0, časové razítko: 0x5bcb3b90
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000409
Posun chyby: 0x687200fb
ID chybujícího procesu: 0x1f48
Čas spuštění chybující aplikace: 0x01d47378f45e25b3
Cesta k chybující aplikaci: C:\Users\Kamila\AppData\Roaming\Movavi Video Converter 19 Premium\uninst.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 7386c3ab-0384-4757-ad8e-39310a24affb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/08/2018 05:29:12 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {41FD88F7-F295-4D39-91AC-A85F3149A05B} byla odmítnuta.

Error: (08/08/2018 05:29:12 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {41FD88F7-F295-4D39-91AC-A85F3149A05B} byla odmítnuta.

Error: (07/03/2018 06:41:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2018.18041.15530.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 2d0

Čas spuštění: 01d412ef8eae468d

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

ID hlášení: bcb87290-bbfd-49f3-ab1d-adfce59cf486

Úplný název balíčku s chybou: Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe

ID aplikace související s balíčkem s chybou: App

Error: (06/13/2018 06:51:05 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: Sběr dat čítače výkonu od služby ASP.NET_2.0.50727 byl vypnut z důvodu jedné nebo více chyb generovaných knihovnou čítače výkonu pro tuto službu. Chyby, které vyvolaly tuto akci, byly zapsány do protokolu událostí aplikace. Opravte tyto chyby před novým zapnutím čítačů výkonu pro tuto službu.


System errors:
=============
Error: (03/04/2019 06:00:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/04/2019 06:00:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/04/2019 05:59:27 PM) (Source: DCOM) (EventID: 10016) (User: CAMILLANAILS)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli CAMILLANAILS\Kamila (SID: S-1-5-21-2218426051-1343921682-1280377330-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/04/2019 05:58:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/04/2019 05:58:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/04/2019 05:58:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Remediation Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (03/04/2019 05:58:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (03/04/2019 05:58:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Řízení front zpráv byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2019-01-31 14:28:39.332
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D59733E5-E190-4E68-823D-23A3F62F2FF3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-01-22 13:18:46.663
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {851B20EB-0EE1-4778-94CF-606DAA5EB388}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-10-21 15:10:38.709
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo podezřelé chování.
Název: Informational:Behavior/ModifiedKernel
ID: 2902797865
Závažnost: Nízké
Kategorie: Podezřelé chování
Nalezená cesta: process:_0
Původ zjištění: Neznámý
Typ zjištění: Podezřelý
Zdroj zjištění: Ochrana v reálném čase
Stav: Provádění
Uživatel: Unknown\Unknown
Název procesu: Unknown
ID podpisu: 717259538435
Verze podpisu: AV: 1.279.218.0, AS: 1.279.218.0
Verze modulu: 1.1.15400.4
Štítek věrnosti: Střední
Název cílového souboru: c:\windows\\system32\drivers\btath_bus.sys

Date: 2018-10-21 15:01:29.948
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0B7FC315-8731-4AEB-B884-2F9ED55EA283}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-11-09 20:47:29.598
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.279.1424.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15400.4
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.

Date: 2018-11-09 20:47:29.597
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.279.1424.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15400.4
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.

Date: 2018-10-06 11:57:38.569
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.277.595.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15300.6
Kód chyby: 0x80240016
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2019-03-04 07:05:48.777
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-04 07:04:41.117
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-04 07:04:40.531
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-04 07:04:39.940
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-04 07:04:39.246
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-04 07:04:38.124
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-04 07:04:37.153
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-04 07:04:36.362
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz
Percentage of memory in use: 52%
Total physical RAM: 6029.73 MB
Available physical RAM: 2877.37 MB
Total Virtual: 12173.73 MB
Available Virtual: 8911.01 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.88 GB) (Free:54.05 GB) NTFS
Drive e: (Camilla Nails) (Fixed) (Total:698.63 GB) (Free:527.45 GB) NTFS

\\?\Volume{19c44843-ac07-11e4-850e-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{c7f2385d-0000-0000-0000-00bf1b000000}\ () (Fixed) (Total:0.8 GB) (Free:0.37 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: C7F2385D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=824 MB) - (Type=27)

========================================================
Disk: 1 (Size: 698.6 GB) (Disk ID: 2BFB4DC8)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} => -> No File
Task: {0EE2955C-F46E-4FDC-870F-C70EAEBD8F71} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {30E0EF4A-E415-41A2-A295-9BF9A171B2BE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {49EDE5E5-EA20-49A6-8AF5-2DA7D3D53420} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {62802AB4-7847-4A9F-823E-155396111F9A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {7F5B13DA-FA2A-4404-80FB-7F0472F0C8F5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {8CCF3F65-80B8-4C1C-92C8-48907424E0E8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {98AA919C-4F55-4E27-B3F1-916DCA7FA440} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A65685D5-08BA-4811-8AA2-23E7360FBEFC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A6AC77AE-6FF2-4DFE-A1C8-867B50C55622} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {B653D4D5-BCDB-451E-8DCC-EC96CBB2DC53} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C7B30DB1-0A50-47B5-9676-09E7D2489F61} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {CC5B9A47-1E12-41CE-9612-A309FBAFA4DC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D31946AB-06E1-41FB-B2C9-FAC2A6F39589} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E155AB24-F812-461E-98D0-26A9B9CB4339} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E1F7641B-7F25-4CF5-A15B-884FC793AB16} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E3B2C607-3D2F-4E5E-90AC-4406E4D4E2EB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:4B1BA31B [270]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{55BE8587-2C08-4BE7-BB19-29D2659184F6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe No File
FirewallRules: [{4C45E697-FDA9-479C-BBA3-6CC5F8412255}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe No File
FirewallRules: [{52505DF0-386E-4A61-A20C-4AE24C532242}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe No File
FirewallRules: [{AD25199E-6EE4-43AC-A69F-7A02D7EE9185}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe No File
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
CamillaNails
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 13 led 2017 20:41

Re: Prosím o kontrolu logu

#9 Příspěvek od CamillaNails »

po skončení se restartoval počítač a log nikde :roll:

Uživatelský avatar
CamillaNails
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 13 led 2017 20:41

Re: Prosím o kontrolu logu

#10 Příspěvek od CamillaNails »

koukám, že se přepsal ten původní... teda aspoň myslím, jsou v něm jiný hodnoty, než v tom prvním :)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.03.2019 01
Ran by Kamila (administrator) on CAMILLANAILS (04-03-2019 18:40:17)
Running from C:\Users\Kamila\Desktop
Loaded Profiles: Kamila (Available Profiles: Kamila & DefaultAppPool)
Platform: Windows 10 Home Version 1803 17134.590 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\MsMpEng.exe
(Qualcomm Atheros -> Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19021.10411.0_x64__8wekyb3d8bbwe\Video.UI.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\NisSrv.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Qualcomm Atheros -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.40.70.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe\DvdPlayer.UI.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1812.10048.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\athbttray.exe [801920 2012-11-29] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291280 2015-02-03] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [406328 2013-09-09] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [205624 2013-05-30] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [HPUsageTracking] => "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd -> Piriform Ltd)
HKLM\...\Drivers32: [vidc.x264] => C:\WINDOWS\system32\x264vfw.dll [3570688 2014-12-21] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\WINDOWS\system32\ac3filter.acm [2231296 2013-04-05] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\WINDOWS\SysWOW64\ac3filter.acm [1679360 2013-04-05] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\SysWOW64\x264vfw.dll [3588608 2014-12-21] (x264vfw project) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\Installer\chrmstp.exe [2019-02-22] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-11-29] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-11-29] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-03-04]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{2678ba83-d4d5-4c94-9b77-d9230bc705a8}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{5cd304e8-8b70-44d3-8c0e-1e8e6333e567}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-11-29] (Qualcomm Atheros -> Atheros Commnucations) [File not signed]
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-20] (Oracle America, Inc. -> Oracle Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2218426051-1343921682-1280377330-1000 -> hxxp://www.seznam.cz/
Edge Session Restore: HKU\S-1-5-21-2218426051-1343921682-1280377330-1000 -> is enabled.

FireFox:
========
FF ProfilePath: C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168 [2017-11-27]
FF Homepage: Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168 -> hxxp://www.google.cz/
FF Session Restore: Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168 -> is enabled.
FF Extension: (Disconnect) - C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168\Extensions\2.0@disconnect.me.xpi [2016-09-03] [Legacy]
FF Extension: (Firefox Hotfix) - C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31] [Legacy]
FF Extension: (Flashblock) - C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2016-09-03] [Legacy]
FF Extension: (NoScript) - C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-09-03] [Legacy]
FF Extension: (Seznam lištička) - C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\2i5oh3yn.default-1449128137168\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-04-22] [Legacy]
FF ProfilePath: C:\Users\Kamila\AppData\Roaming\KompoZer\Profiles\c3m9hg9e.default [2017-05-13]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-02-15] (Adobe Systems Incorporated -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-15] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc -> Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://www.facebook.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default [2019-03-04]
CHR Extension: (Prezentace) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-28]
CHR Extension: (Dokumenty) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-28]
CHR Extension: (Disk Google) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-25]
CHR Extension: (YouTube) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-03]
CHR Extension: (Adobe Acrobat) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-08-03]
CHR Extension: (Tabulky) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (Tlačítko Uložit) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2019-03-03]
CHR Extension: (Cuttlefish Damask Black) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\iadoejdcofeifcanjdnmbpamnacmmlnm [2018-12-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-12]
CHR Extension: (Gmail) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-17]
CHR Profile: C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-03-03]
CHR Extension: (Prezentace) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-06]
CHR Extension: (Dokumenty) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-06]
CHR Extension: (Disk Google) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-06]
CHR Extension: (YouTube) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-06]
CHR Extension: (Adobe Acrobat) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-03-06]
CHR Extension: (Tabulky) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-08]
CHR Extension: (Gmail) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-06]
CHR Extension: (Chrome Media Router) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-01]
CHR Profile: C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2 [2019-03-04]
CHR Extension: (Prezentace) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-07]
CHR Extension: (Dokumenty) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-07]
CHR Extension: (Disk Google) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-26]
CHR Extension: (YouTube) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-26]
CHR Extension: (Adobe Acrobat) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-10-02]
CHR Extension: (Tabulky) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-12]
CHR Extension: (Gmail) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-23]
CHR Profile: C:\Users\Kamila\AppData\Local\Google\Chrome\User Data\System Profile [2018-08-22]
CHR HKU\S-1-5-21-2218426051-1343921682-1280377330-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-02-22] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-02-22] (Microsoft Corporation -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-11-29] (Qualcomm Atheros -> Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 HPFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [20504 2007-07-16] (Hewlett-Packard Company -> Hewlett Packard)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek Semiconductor Corp -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-02-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [333792 2019-02-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-02-22] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-04 17:56 - 2019-03-04 17:56 - 007316688 _____ (Malwarebytes) C:\Users\Kamila\Desktop\adwcleaner_7.2.7.0.exe
2019-03-04 12:44 - 2019-03-04 12:46 - 000052307 _____ C:\Users\Kamila\Desktop\Addition.txt
2019-03-04 12:43 - 2019-03-04 18:41 - 000024314 _____ C:\Users\Kamila\Desktop\FRST.txt
2019-03-04 12:41 - 2019-03-04 12:41 - 002434560 _____ (Farbar) C:\Users\Kamila\Desktop\FRST64.exe
2019-03-03 21:32 - 2019-03-03 21:33 - 062158736 _____ (Malwarebytes ) C:\Users\Kamila\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.538-1.0.9430 (1).exe
2019-03-03 21:17 - 2019-03-03 21:17 - 000000000 ____D C:\Users\Kamila\AppData\Local\mbam
2019-03-03 21:16 - 2019-03-03 21:16 - 000000000 ____D C:\Users\Kamila\AppData\Local\mbamtray
2019-03-03 21:15 - 2019-03-03 21:16 - 062158736 _____ (Malwarebytes ) C:\Users\Kamila\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.538-1.0.9430.exe
2019-02-15 13:15 - 2019-02-06 04:00 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-15 13:15 - 2019-02-06 04:00 - 006572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-15 13:14 - 2019-02-06 08:54 - 004527584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-15 13:14 - 2019-02-06 08:53 - 001634704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-15 13:14 - 2019-02-06 08:35 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-15 13:14 - 2019-02-06 08:32 - 003648512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-15 13:14 - 2019-02-06 08:30 - 004052992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-15 13:14 - 2019-02-06 08:30 - 001662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-15 13:14 - 2019-02-06 08:30 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-15 13:14 - 2019-02-06 08:11 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-15 13:14 - 2019-02-06 07:57 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-15 13:14 - 2019-02-06 07:52 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-15 13:14 - 2019-02-06 07:52 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-15 13:14 - 2019-02-06 07:52 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-15 13:14 - 2019-02-06 04:01 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-15 13:14 - 2019-02-06 04:01 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-15 13:14 - 2019-02-06 04:01 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-15 13:14 - 2019-02-06 04:01 - 000720480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-15 13:14 - 2019-02-06 04:01 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-02-15 13:14 - 2019-02-06 04:01 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-15 13:14 - 2019-02-06 04:01 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-02-15 13:14 - 2019-02-06 04:01 - 000033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-15 13:14 - 2019-02-06 04:00 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-15 13:14 - 2019-02-06 04:00 - 002719760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-15 13:14 - 2019-02-06 04:00 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-15 13:14 - 2019-02-06 04:00 - 002421264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-15 13:14 - 2019-02-06 04:00 - 001257904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-15 13:14 - 2019-02-06 04:00 - 001140680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-15 13:14 - 2019-02-06 04:00 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-02-15 13:14 - 2019-02-06 04:00 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-02-15 13:14 - 2019-02-06 04:00 - 000945680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-15 13:14 - 2019-02-06 04:00 - 000899728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-15 13:14 - 2019-02-06 04:00 - 000466960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-15 13:14 - 2019-02-06 04:00 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-15 13:14 - 2019-02-06 04:00 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-15 13:14 - 2019-02-06 04:00 - 000038792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-15 13:14 - 2019-02-06 03:59 - 001922064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-15 13:14 - 2019-02-06 03:59 - 001457248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-15 13:14 - 2019-02-06 03:59 - 000983128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-15 13:14 - 2019-02-06 03:59 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-15 13:14 - 2019-02-06 03:52 - 022014464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-15 13:14 - 2019-02-06 03:45 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-15 13:14 - 2019-02-06 03:42 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-15 13:14 - 2019-02-06 03:41 - 025853952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-15 13:14 - 2019-02-06 03:41 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-02-15 13:14 - 2019-02-06 03:40 - 005792256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-15 13:14 - 2019-02-06 03:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-15 13:14 - 2019-02-06 03:38 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-15 13:14 - 2019-02-06 03:38 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-02-15 13:14 - 2019-02-06 03:37 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-15 13:14 - 2019-02-06 03:37 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-15 13:14 - 2019-02-06 03:33 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-15 13:14 - 2019-02-06 03:29 - 004865536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-15 13:14 - 2019-02-06 03:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-15 13:14 - 2019-02-06 03:28 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-15 13:14 - 2019-02-06 03:27 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-15 13:14 - 2019-02-06 03:27 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-15 13:14 - 2019-02-06 03:27 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-15 13:14 - 2019-02-06 03:27 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-15 13:14 - 2019-02-06 03:26 - 007599616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-15 13:14 - 2019-02-06 03:26 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-02-15 13:14 - 2019-02-06 03:26 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-15 13:14 - 2019-02-06 03:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-15 13:14 - 2019-02-06 03:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-02-15 13:14 - 2019-02-06 03:25 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-15 13:14 - 2019-02-06 03:25 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-15 13:14 - 2019-02-06 03:24 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-15 13:14 - 2019-02-06 03:24 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-02-15 13:14 - 2019-02-06 03:23 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-15 13:14 - 2019-02-06 03:22 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-15 13:14 - 2019-02-06 03:22 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-15 13:14 - 2019-02-06 03:21 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-15 13:14 - 2019-02-06 02:04 - 000001314 _____ C:\WINDOWS\system32\tcbres.wim
2019-02-15 13:14 - 2019-01-12 09:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-15 13:14 - 2019-01-12 03:28 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-15 13:14 - 2019-01-09 19:08 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-02-15 13:14 - 2019-01-09 18:57 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-15 13:14 - 2019-01-09 18:42 - 004716032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-15 13:14 - 2019-01-09 18:41 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-02-15 13:14 - 2019-01-09 18:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-02-15 13:14 - 2019-01-09 18:40 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-02-15 13:14 - 2019-01-09 18:36 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-02-15 13:14 - 2019-01-09 18:35 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-02-15 13:14 - 2019-01-09 11:14 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-15 13:14 - 2019-01-09 10:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-02-15 13:14 - 2019-01-09 10:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-02-15 13:14 - 2019-01-09 09:55 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-02-15 13:14 - 2019-01-09 09:48 - 000527368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-02-15 13:14 - 2019-01-09 06:59 - 000611848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-15 13:14 - 2019-01-09 06:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 001981280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-02-15 13:14 - 2019-01-09 06:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
2019-02-15 13:14 - 2019-01-09 06:42 - 001035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-15 13:14 - 2019-01-09 06:42 - 000092704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-02-15 13:14 - 2019-01-09 06:40 - 002765336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-15 13:14 - 2019-01-09 06:40 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-15 13:14 - 2019-01-09 06:40 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-02-15 13:14 - 2019-01-09 06:40 - 000226104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-15 13:14 - 2019-01-09 06:40 - 000090872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 001943128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 000789696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 000349656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-15 13:14 - 2019-01-09 06:39 - 000164192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-02-15 13:14 - 2019-01-09 06:39 - 000085472 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2019-02-15 13:14 - 2019-01-09 06:33 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-15 13:14 - 2019-01-09 06:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-15 13:14 - 2019-01-09 06:29 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-02-15 13:14 - 2019-01-09 06:29 - 002500096 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-02-15 13:14 - 2019-01-09 06:27 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-02-15 13:14 - 2019-01-09 06:27 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-15 13:14 - 2019-01-09 06:27 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-15 13:14 - 2019-01-09 06:26 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-02-15 13:14 - 2019-01-09 06:26 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-15 13:14 - 2019-01-09 06:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-02-15 13:14 - 2019-01-09 06:25 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-15 13:14 - 2019-01-09 06:24 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-02-15 13:14 - 2019-01-09 06:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-02-15 13:14 - 2019-01-09 06:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-02-15 13:14 - 2019-01-09 06:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-15 13:14 - 2019-01-09 06:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-02-15 13:14 - 2019-01-09 06:21 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-15 13:14 - 2019-01-09 06:21 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-02-15 13:14 - 2019-01-09 06:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-15 13:14 - 2019-01-09 06:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-15 13:14 - 2019-01-09 06:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-15 13:14 - 2019-01-09 06:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-15 13:14 - 2019-01-09 06:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-02-15 13:14 - 2019-01-09 06:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-15 13:14 - 2019-01-09 06:19 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-02-15 13:14 - 2019-01-09 06:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-02-15 13:14 - 2019-01-09 06:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-02-15 13:14 - 2019-01-09 06:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2019-02-15 13:14 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-02-15 13:14 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-02-15 13:14 - 2019-01-08 10:08 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-15 13:14 - 2019-01-08 04:06 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-15 13:14 - 2019-01-08 04:06 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-15 13:14 - 2019-01-08 04:06 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-03 15:02 - 2019-02-03 15:02 - 000000066 _____ C:\Users\Kamila\Downloads\Ostrov inspirace.txt

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-04 18:40 - 2017-05-21 11:30 - 000000000 ____D C:\FRST
2019-03-04 18:31 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-04 18:28 - 2018-05-15 06:24 - 000004208 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{73E85111-E035-4212-A804-341B7B13DD5A}
2019-03-04 18:03 - 2018-05-15 06:14 - 001956152 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-04 18:03 - 2018-04-12 16:50 - 000809482 _____ C:\WINDOWS\system32\perfh005.dat
2019-03-04 18:03 - 2018-04-12 16:50 - 000186690 _____ C:\WINDOWS\system32\perfc005.dat
2019-03-04 18:03 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-03-04 17:59 - 2017-04-14 18:20 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2019-03-04 17:58 - 2018-05-15 06:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-04 17:58 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-03-04 17:58 - 2015-02-03 19:52 - 000000000 __SHD C:\Users\Kamila\IntelGraphicsProfiles
2019-03-04 17:57 - 2015-08-07 14:07 - 000000000 ____D C:\AdwCleaner
2019-03-04 17:56 - 2017-12-03 19:32 - 000000000 ____D C:\Users\Kamila\Downloads\logopedie
2019-03-04 17:55 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-03-04 17:55 - 2015-08-07 14:10 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-03-04 17:54 - 2018-05-15 06:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-03 19:59 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-03 19:59 - 2016-11-23 19:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2019-03-03 19:59 - 2015-02-04 20:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-03 15:16 - 2018-11-16 20:11 - 000000000 ____D C:\Program Files\rempl
2019-03-03 15:15 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-22 20:31 - 2018-02-15 14:54 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-02-22 20:28 - 2017-04-25 19:05 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-22 20:28 - 2015-11-08 15:14 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-20 10:18 - 2015-02-04 20:33 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2019-02-20 10:08 - 2018-05-16 19:22 - 000000000 ____D C:\Users\Kamila\AppData\Local\PlaceholderTileLogoFolder
2019-02-19 13:27 - 2017-12-11 20:18 - 000000000 ____D C:\Users\Kamila\AppData\Local\Packages
2019-02-19 08:54 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-17 17:38 - 2018-05-15 06:08 - 000551288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-17 17:37 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-17 17:37 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-17 17:37 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-02-17 17:37 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-17 17:37 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-17 17:37 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-17 11:01 - 2015-04-10 17:51 - 000000000 ____D C:\Users\Kamila\Desktop\novinky
2019-02-17 10:17 - 2018-05-15 06:24 - 000004614 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-02-17 10:17 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-02-17 10:17 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-02-15 13:14 - 2015-02-03 19:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-15 13:12 - 2015-02-03 19:29 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-15 13:04 - 2018-05-15 06:24 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-02-15 13:02 - 2018-05-15 06:24 - 000004650 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-02-12 10:51 - 2018-05-15 06:24 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2218426051-1343921682-1280377330-1000
2019-02-12 10:51 - 2018-05-15 06:19 - 000002436 _____ C:\Users\Kamila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-12 10:51 - 2015-05-27 21:03 - 000000000 ___RD C:\Users\Kamila\OneDrive
2019-02-08 20:07 - 2018-07-11 06:53 - 000000000 ____D C:\ProgramData\Packages
2019-02-07 19:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-02-02 23:53 - 2018-04-12 00:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-02-02 23:53 - 2018-04-12 00:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2016-02-15 15:06 - 2017-12-06 14:51 - 000017408 _____ () C:\Users\Kamila\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-15 06:08

==================== End of FRST.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#11 Příspěvek od Rudy »

Vypadá to OK. Log najdete v souboru fixlog.txt. Najdete ho na ploše.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
CamillaNails
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 13 led 2017 20:41

Re: Prosím o kontrolu logu

#12 Příspěvek od CamillaNails »

Fix result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019 01
Ran by Kamila (04-03-2019 20:10:58) Run:1
Running from C:\Users\Kamila\Desktop
Loaded Profiles: Kamila (Available Profiles: Kamila & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} => -> No File
Task: {0EE2955C-F46E-4FDC-870F-C70EAEBD8F71} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {30E0EF4A-E415-41A2-A295-9BF9A171B2BE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {49EDE5E5-EA20-49A6-8AF5-2DA7D3D53420} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {62802AB4-7847-4A9F-823E-155396111F9A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {7F5B13DA-FA2A-4404-80FB-7F0472F0C8F5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {8CCF3F65-80B8-4C1C-92C8-48907424E0E8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {98AA919C-4F55-4E27-B3F1-916DCA7FA440} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A65685D5-08BA-4811-8AA2-23E7360FBEFC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A6AC77AE-6FF2-4DFE-A1C8-867B50C55622} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {B653D4D5-BCDB-451E-8DCC-EC96CBB2DC53} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C7B30DB1-0A50-47B5-9676-09E7D2489F61} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {CC5B9A47-1E12-41CE-9612-A309FBAFA4DC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D31946AB-06E1-41FB-B2C9-FAC2A6F39589} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E155AB24-F812-461E-98D0-26A9B9CB4339} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E1F7641B-7F25-4CF5-A15B-884FC793AB16} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E3B2C607-3D2F-4E5E-90AC-4406E4D4E2EB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:4B1BA31B [270]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{55BE8587-2C08-4BE7-BB19-29D2659184F6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe No File
FirewallRules: [{4C45E697-FDA9-479C-BBA3-6CC5F8412255}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe No File
FirewallRules: [{52505DF0-386E-4A61-A20C-4AE24C532242}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe No File
FirewallRules: [{AD25199E-6EE4-43AC-A69F-7A02D7EE9185}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe No File
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->

EmptyTemp:
End

*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\_Movavivc11 => removed successfully
HKLM\Software\Classes\CLSID\{1C604495-4D32-476e-8D7E-FBF50F6C80BF} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\_Movavivc11 => removed successfully
HKLM\Software\Classes\CLSID\{1C604495-4D32-476e-8D7E-FBF50F6C80BF} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0EE2955C-F46E-4FDC-870F-C70EAEBD8F71}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0EE2955C-F46E-4FDC-870F-C70EAEBD8F71}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{30E0EF4A-E415-41A2-A295-9BF9A171B2BE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30E0EF4A-E415-41A2-A295-9BF9A171B2BE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49EDE5E5-EA20-49A6-8AF5-2DA7D3D53420}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49EDE5E5-EA20-49A6-8AF5-2DA7D3D53420}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62802AB4-7847-4A9F-823E-155396111F9A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62802AB4-7847-4A9F-823E-155396111F9A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7F5B13DA-FA2A-4404-80FB-7F0472F0C8F5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F5B13DA-FA2A-4404-80FB-7F0472F0C8F5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-URT" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8CCF3F65-80B8-4C1C-92C8-48907424E0E8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CCF3F65-80B8-4C1C-92C8-48907424E0E8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98AA919C-4F55-4E27-B3F1-916DCA7FA440}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98AA919C-4F55-4E27-B3F1-916DCA7FA440}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A65685D5-08BA-4811-8AA2-23E7360FBEFC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A65685D5-08BA-4811-8AA2-23E7360FBEFC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A6AC77AE-6FF2-4DFE-A1C8-867B50C55622}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6AC77AE-6FF2-4DFE-A1C8-867B50C55622}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B653D4D5-BCDB-451E-8DCC-EC96CBB2DC53}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B653D4D5-BCDB-451E-8DCC-EC96CBB2DC53}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C7B30DB1-0A50-47B5-9676-09E7D2489F61}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7B30DB1-0A50-47B5-9676-09E7D2489F61}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC5B9A47-1E12-41CE-9612-A309FBAFA4DC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC5B9A47-1E12-41CE-9612-A309FBAFA4DC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D31946AB-06E1-41FB-B2C9-FAC2A6F39589}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D31946AB-06E1-41FB-B2C9-FAC2A6F39589}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E155AB24-F812-461E-98D0-26A9B9CB4339}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E155AB24-F812-461E-98D0-26A9B9CB4339}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E1F7641B-7F25-4CF5-A15B-884FC793AB16}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1F7641B-7F25-4CF5-A15B-884FC793AB16}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3B2C607-3D2F-4E5E-90AC-4406E4D4E2EB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3B2C607-3D2F-4E5E-90AC-4406E4D4E2EB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
C:\ProgramData\TEMP => ":4B1BA31B" ADS removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{55BE8587-2C08-4BE7-BB19-29D2659184F6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4C45E697-FDA9-479C-BBA3-6CC5F8412255}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{52505DF0-386E-4A61-A20C-4AE24C532242}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AD25199E-6EE4-43AC-A69F-7A02D7EE9185}" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
HKLM\Software\Classes\CLSID\{503739d0-4c5e-4cfd-b3ba-d881334f0df2} => not found

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 229170650 B
Java, Flash, Steam htmlcache => 1436 B
Windows/system/drivers => 1255964 B
Edge => 1147191 B
Chrome => 1245552600 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 858431 B
LocalService => 0 B
NetworkService => 248952 B
NetworkService => 0 B
Kamila => 9058072 B
DefaultAppPool => 0 B

RecycleBin => 22530834 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:12:24 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#13 Příspěvek od Rudy »

Smazáno. Log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
CamillaNails
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 13 led 2017 20:41

Re: Prosím o kontrolu logu

#14 Příspěvek od CamillaNails »

děkuju :wub:

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#15 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno