Právě je 23 lis 2019 03:55

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina


Pravidla fóra


Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz



Odeslat nové téma Toto téma je zamknuté. Nemůžete posílat nové příspěvky ani odpovídat na starší.  [ Příspěvků: 11 ] 
Autor Zpráva
PříspěvekNapsal: 12 kvě 2019 14:21 
Offline
Návštěvník
Návštěvník

Registrován: 29 zář 2007 22:48
Příspěvky: 105
Dobrý den, PC mi běží nějak pomaleji, prosím o kontrolu logu.
Děkuji

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-05-2019
Ran by Libor (12-05-2019 15:16:01)
Running from C:\Users\Libor\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2012-01-02 09:31:23)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-726496295-2317986126-1619368687-500 - Administrator - Disabled)
Guest (S-1-5-21-726496295-2317986126-1619368687-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-726496295-2317986126-1619368687-1002 - Limited - Enabled)
Libor (S-1-5-21-726496295-2317986126-1619368687-1000 - Administrator - Enabled) => C:\Users\Libor

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adblock Plus for IE (32-bit) (HKLM\...\{CBECBAA4-A9A1-48B6-88DC-5D5E800B0E52}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.171 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Any Video Converter 5.8.2 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Canon ScanGear Starter (HKLM\...\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
CDA Converter Plus (HKLM\...\CDA Converter Plus) (Version: 3.2 - audio2convert.com)
CrystalDiskInfo 7.0.3 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.0.3 - Crystal Dew World)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Google Chrome (HKLM\...\Google Chrome) (Version: 74.0.3729.131 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP LaserJet Pro MFP M125-M126 (HKLM\...\{c65448bc-e467-4ec7-b4a5-246697f52957}) (Version: 8.0.14087.1054 - Hewlett-Packard)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.002.004 - Hewlett-Packard)
hpbDSService (HKLM\...\{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}) (Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM126DSService (HKLM\...\{9A0C3AE6-A6C3-46C4-95A5-E3745CCE3D57}) (Version: 001.001.08254 - Hewlett-Packard) Hidden
HPDXP (HKLM\...\{0BFDA228-F4D0-42C0-90B2-8C47F147AEB1}) (Version: 3.0.26.59 - HP) Hidden
HPLJDXPHelper (HKLM\...\{5E4DD8C2-A906-4F1B-94B6-4F6A51D625B2}) (Version: 060.048.005 - HP) Hidden
HPLJProMFPM125M126 (HKLM\...\{B2894225-82C7-4006-B243-6272589993B2}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (HKLM\...\{30DD7187-F392-4D83-8AED-D9A2DC64EF15}) (Version: 008.000.0001 - HP) Hidden
HPLJUTM125_126 (HKLM\...\{9E7CB788-5C1F-4A18-95AA-8F4B1618A80C}) (Version: 008.000.0001 - HP) Hidden
hppLaserJetService (HKLM\...\{178F0383-A2F1-427C-9881-6EACB8728C76}) (Version: 009.033.00905 - Hewlett-Packard) Hidden
hppM125LaserJetService (HKLM\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM\...\{6470E292-3B55-41DC-B5EB-91C34C5ACB5D}) (Version: 080.040.00171 - Hewlett Packard) Hidden
hpStatusAlertsM125-M126 (HKLM\...\{581A9CCB-1AD7-4BB4-A698-590305F773FB}) (Version: 080.046.00113 - Hewlett-Packard) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.4.0 (Basic) (HKLM\...\KLiteCodecPack_is1) (Version: 9.4.0 - )
LibreOffice 6.2.0.3 (HKLM\...\{C0B9601C-3433-41E2-B681-4C86274F0656}) (Version: 6.2.0.3 - The Document Foundation)
LJDXPHelperUI (HKLM\...\{EAECD0D7-F27D-4F13-8312-A9C0B5C5F1B7}) (Version: 060.048.005 - HP) Hidden
Logitech Vid HD (HKLM\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM\...\{B44F3823-52DD-45CA-A916-8B320778715D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 15.0.5127.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 65.0.2 (x86 cs) (HKLM\...\Mozilla Firefox 65.0.2 (x86 cs)) (Version: 65.0.2 - Mozilla)
MULTIFlight (HKLM\...\MULTIFlight) (Version: - Multiplex Modellsport GmbH & Co.KG)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Office 15 Click-to-Run Extensibility Component (HKLM\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5127.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-007E-0000-0000-0000000FF1CE}) (Version: 15.0.5127.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM\...\{90150000-008C-0405-0000-0000000FF1CE}) (Version: 15.0.5127.1000 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Architect (HKLM\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge)
PdfConvertor (HKLM\...\PdfConvertor_is1) (Version: - XSoft)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.2 - pdfforge)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7982 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sonic Foundry ACID Pro 3.0 (HKLM\...\{F07C83EA-CF0C-44B4-9F1E-C3CD82EBA538}) (Version: 3.0.189 - Sonic Foundry)
Sonic Foundry ACID Pro 3.0 Crack (HKLM\...\Sonic Foundry ACID Pro 3.0 Crack) (Version: - )
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steinberg Cubase VST32 (HKLM\...\Steinberg Cubase VST32) (Version: - )
SUPER © v2012.build.51 (April 7, 2012) verze v2012.build.51 (HKLM\...\{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1) (Version: v2012.build.51 - eRightSoft)
SUPER © v2013.build.59+Recorder (2013/12/18) verze v2013.build. (HKLM\...\{8E2A18E2-96AF-4DF9-8459-5C06B75139A4}_is1) (Version: v2013.build.59+Recorder - eRightSoft)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TomTom MyDrive Connect 4.1.6.3253 (HKLM\...\MyDriveConnect) (Version: 4.1.6.3253 - TomTom)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 5.61 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DA}) (Version: 17.5.10480 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{D4492C8D-967E-0F91-5BF1-57D6197E1208}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\FileSyncApi.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [PDFArchitectExtension] -> {DBDB3433-0E01-40CE-A026-D9F54FAC3CA9} => C:\Program Files\PDF Architect\ContextMenuExt.dll [2013-01-09] (Chinery & Heindoerfer GbR -> pdfforge GbR)
ContextMenuHandlers1: [TVCShellExt] -> {4E33A7F5-8083-4C08-9D45-C5CED88F5C04} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2013-06-06] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2013-06-06] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2013-06-06] (WinZip Computing -> WinZip Computing, S.L.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2016-08-26 20:25 - 2016-08-26 20:25 - 000061440 _____ () [File not signed] C:\Program Files\CCleaner\lang\lang-1029.dll
2009-09-16 19:37 - 2009-09-16 19:37 - 000118784 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hptcpmib.dll
2009-09-16 19:38 - 2009-09-16 19:38 - 000200704 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\HpTcpMon.dll
2009-09-16 12:44 - 2009-09-16 12:44 - 000139264 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hpzjrd01.dll
2012-12-04 11:52 - 2012-12-04 11:52 - 000041472 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\HP\HPLaserJetService\HPHTTPProxy.dll
2012-12-04 11:51 - 2012-12-04 11:51 - 000073728 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\HP\HPLaserJetService\HPTools.dll
2012-12-04 11:52 - 2012-12-04 11:52 - 001219072 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\HP\HPLaserJetService\LEDMXMLObjects.dll
2012-12-04 11:52 - 2012-12-04 11:52 - 000174592 _____ (HP) [File not signed] C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
2012-12-04 11:51 - 2012-12-04 11:51 - 000034816 _____ (HP) [File not signed] C:\Program Files\HP\HPLaserJetService\HPServiceCommunicator.dll
2009-09-16 19:40 - 2009-09-16 19:40 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\HPTcpMUI.dll
2013-03-03 16:39 - 2013-01-11 12:39 - 000088576 _____ (pdfforge GbR) [File not signed] C:\Windows\System32\pdfcmon.dll
2013-03-03 23:47 - 2011-04-20 04:03 - 000095232 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\E_FLBIME.DLL
2013-01-09 17:24 - 2013-01-09 17:24 - 000299008 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files\PDF Architect\libcurl.dll
2013-01-09 17:24 - 2013-01-09 17:24 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PDF Architect\LIBEAY32.dll
2013-01-09 17:24 - 2013-01-09 17:24 - 000274432 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PDF Architect\SSLEAY32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2016-10-12 22:51 - 000000050 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-726496295-2317986126-1619368687-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Libor\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 185.18.30.142 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{50774DFC-4F60-4DC9-A5CF-E81B6724719C}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9EAD24A6-93E5-4406-B7D5-744567CD16CC}] => (Allow) LPort=2869
FirewallRules: [{5E8B0702-07AB-4AF2-AFF8-ABE0B581BF0F}] => (Allow) LPort=1900
FirewallRules: [{F9ACF031-C9A1-4F9D-B0C8-8AF3132EE8E1}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A0242DB3-05A2-43A6-9035-CFA63EDC7BC9}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D9D8ED57-C490-44A7-9463-49C34BC364E4}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{37CD3B0F-7629-4BDF-8A4E-D4D1F4C33296}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{9C7128CC-F83B-44B3-BEA6-C6CDC157B698}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{274897D9-567F-4FC2-970A-F13A72E8977D}] => (Allow) C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{831B9F3F-AA85-4555-86E2-B0045E4544DE}C:\program files\libreoffice 4\program\soffice.bin] => (Allow) C:\program files\libreoffice 4\program\soffice.bin No File
FirewallRules: [UDP Query User{479B7019-74B2-42F6-8BBE-DA8931F95C58}C:\program files\libreoffice 4\program\soffice.bin] => (Allow) C:\program files\libreoffice 4\program\soffice.bin No File
FirewallRules: [{2D15419A-59D9-4674-BB9E-1C16AC5E5E28}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{523603F9-F2EF-4B10-A723-E4FA0C0367D9}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B99D817B-9599-4544-88B9-042BA100EDCE}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4A8527CB-18DB-4B66-AE2A-8A9FB621F9A2}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{47B30FE5-392A-44FC-86B1-35EB737866DA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{00A70864-D01C-4DA2-A43C-5247E417317E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{1DD47B50-5904-4A87-AFF7-5BA3AEC8F641}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{9348A714-F1AC-4DCA-8464-C5040A26261E}] => (Allow) C:\HP_LaserJet_Pro_MFP_M125-M126\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
FirewallRules: [{1B9CE597-2BAA-4239-A4C1-B5B6509DD6CB}] => (Allow) C:\HP_LaserJet_Pro_MFP_M125-M126\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
FirewallRules: [{5A11DBE9-5644-4805-A22E-B1EE301F89C6}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M125-M126\Bin\HPNetworkCommunicatorCom.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{A1C04533-D79C-4022-8A2F-419EFA155E3F}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M125-M126\bin\EWSProxy.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{384AC947-EB8A-4873-B16F-625D0FD05D28}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{69811F97-B839-45C5-B767-813D74A280AC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3D63B119-B932-4A4F-9974-771FC6F4049B}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech, Inc. -> Logitech Inc.)
FirewallRules: [{3A88BE42-F411-4C69-8941-0B5BED50CAA4}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech, Inc. -> Logitech Inc.)
FirewallRules: [{56008E3A-F250-4410-8107-4195DA959878}] => (Allow) C:\Program Files\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International BV -> TomTom)
FirewallRules: [TCP Query User{F6D6092E-4AB9-4A99-9C78-8C0C123C174B}C:\program files\leawo\dvd creator\loadingscreen.exe] => (Block) C:\program files\leawo\dvd creator\loadingscreen.exe No File
FirewallRules: [UDP Query User{2339EA44-F6CC-4143-AD5F-455D506D1EB7}C:\program files\leawo\dvd creator\loadingscreen.exe] => (Block) C:\program files\leawo\dvd creator\loadingscreen.exe No File
FirewallRules: [{6C8E3EED-1D5C-4254-B4F7-1747C2D0C11F}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech, Inc. -> Logitech Inc.)
FirewallRules: [{FF61CC0F-E78C-461D-AB3F-5D6739F5F26B}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech, Inc. -> Logitech Inc.)
FirewallRules: [{43D97938-6493-40F0-A027-973346A9170C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

22-04-2019 05:56:48 Windows Update
25-04-2019 07:07:09 Windows Update
29-04-2019 00:07:51 Windows Update
02-05-2019 21:33:37 Windows Update
06-05-2019 08:18:48 Windows Update
10-05-2019 00:09:08 Windows Update
12-05-2019 03:00:15 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/12/2019 09:48:35 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/12/2019 09:39:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/12/2019 08:33:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/11/2019 08:37:37 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/11/2019 08:34:30 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 4192. ID zprávy: [0x2509].

Error: (05/11/2019 08:28:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/10/2019 10:39:17 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 5224. ID zprávy: [0x2509].

Error: (05/10/2019 10:34:20 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 5508. ID zprávy: [0x2509].


System errors:
=============
Error: (05/12/2019 09:48:24 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR6.

Error: (05/12/2019 09:48:23 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR6.

Error: (05/12/2019 09:48:23 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR6.

Error: (05/12/2019 09:39:24 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error: (05/12/2019 09:39:24 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error: (05/12/2019 09:39:23 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error: (05/12/2019 09:38:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HP DS Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (05/12/2019 09:38:15 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby HP DS Service bylo dosaženo časového limitu (30000 ms).


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1001 08/10/2011
Motherboard: ASUSTeK Computer INC. P5G41T-M LX
Processor: Intel(R) Celeron(R) CPU E3400 @ 2.60GHz
Percentage of memory in use: 92%
Total physical RAM: 2013.12 MB
Available physical RAM: 158.34 MB
Total Virtual: 4026.23 MB
Available Virtual: 1180.16 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:457.94 GB) (Free:129.44 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive k: (TREKSTOR) (Fixed) (Total:465.65 GB) (Free:303.78 GB) FAT32

\\?\Volume{f58ccc6d-2a46-11e1-bf02-5404a6627f89}\ (WinRE-ATC) (Fixed) (Total:7.81 GB) (Free:2.97 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 6197B7D3)
Partition 1: (Active) - (Size=457.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=7.8 GB) - (Type=27)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 18152521)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=0C)

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-05-2019
Ran by Libor (administrator) on LIBOR-PC (ATComputers COMFOR BOXER I) (12-05-2019 15:12:31)
Running from C:\Users\Libor\Downloads
Loaded Profiles: Libor (Available Profiles: Libor)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Google Inc -> Google LLC) C:\Program Files\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe
(HP) [File not signed] C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(Chinery & Heindoerfer GbR -> pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
(Chinery & Heindoerfer GbR -> pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Logitech Inc -> ) C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
(Logitech Inc -> ) C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Seznam.cz, a.s. -> ) C:\Users\Libor\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] (Logitech Inc -> )
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1002984 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [StatusAlerts] => C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-04-18] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [8037896 2016-11-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6868696 2016-08-26] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [McAfeeSafeConnect] => C:\Program Files\McAfee Safe Connect\McAfee Safe Connect.exe
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Libor\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKLM\...\Drivers32: [VIDC.I420] => C:\Windows\system32\i420vfw.dll [70656 2004-01-25] (www.helixcommunity.org) [File not signed]
HKLM\...\Drivers32: [MSVideo] => C:\Windows\system32\vfwwdm32.dll [56832 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\system32\yv12vfw.dll [70656 2004-01-25] (www.helixcommunity.org) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\74.0.3729.131\Installer\chrmstp.exe [2019-05-07] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {30A681F2-248E-4AEC-97DE-B44C94467DD9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [6868696 2016-08-26] (Piriform Ltd -> Piriform Ltd)
Task: {705AF9D9-D328-4EF8-AD3D-B3532AFB78FF} - System32\Tasks\{96567AE1-679E-4B32-AB18-866DD4813B74} => C:\Program Files\Mozilla Firefox\firefox.exe
Task: {833455CE-557E-41F7-AFDD-3D7558D2ABAD} - System32\Tasks\HPLJCustParticipation => C:\Program Files\HP\HPLJUT\HPLJUTSCH.exe [43832 2013-01-28] (Hewlett-Packard Company -> Hewlett Packard)
Task: {900AA588-533D-49AC-8A51-44A9CF896A64} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {9F2A5820-A83A-495E-987D-9EF66D8EF7B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {B67764DD-9976-47F3-9BDB-635E3F92AC2D} - System32\Tasks\{C81A586E-6EC6-4539-9F39-8981804DCB3B} => C:\Windows\system32\pcalua.exe -a C:\Users\Libor\Downloads\jxpiinstall(1).exe -d C:\Users\Libor\Downloads
Task: {B8FF0637-1B1F-4F1E-BC5F-CAD63383F7E7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [688208 2019-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {C14761E8-0D9D-441D-804A-009704C9FFFE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [1163352 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3B2D9A1-2409-4C06-8448-FEFADEDC979D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [688208 2019-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9E2AC7B-F936-4963-A1AE-83BF2248170B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {F333B598-D2FD-4551-BEA8-6F17A3FDB198} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-10] (Adobe Inc. -> Adobe)
Task: {F85296D4-38FA-42E1-BAED-859955165DF5} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe [1456696 2019-04-10] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 185.18.30.142 8.8.8.8
Tcpip\..\Interfaces\{E0BC94DA-EACE-47BA-B7D7-A46A2E95D57E}: [DhcpNameServer] 185.18.30.142 8.8.8.8

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-726496295-2317986126-1619368687-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-726496295-2317986126-1619368687-1000 -> {B11F5F4A-5285-4795-906C-0CF4761EA898} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-726496295-2317986126-1619368687-1000 -> {E3472CF2-F332-4A9F-B906-F879FD3EC370} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 9aif3cru.default
FF ProfilePath: C:\Users\Libor\AppData\Roaming\TomTom\HOME\Profiles\fl7b3mle.default [2016-10-02]
FF Extension: (No Name) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default [2019-05-12]
FF Homepage: Mozilla\Firefox\Profiles\9aif3cru.default -> hxxps://www.seznam.cz/
FF NewTabOverride: Mozilla\Firefox\Profiles\9aif3cru.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Seznam doplněk - Esko) - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default\Extensions\sko-extension@firma.seznam.cz.xpi [2019-03-25]
FF Extension: (No Name) - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-30]
FF Extension: (Seznam doplněk - Email) - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2018-12-30]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-11-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-10] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-09-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-25] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-25] (Google Inc -> Google LLC)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Profile: C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default [2019-05-12]
CHR Extension: (Prezentace) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-23]
CHR Extension: (Dokumenty) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-02-14]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-02-14]
CHR Extension: (YouTube) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-21]
CHR Extension: (Vyhledávání Google) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-21]
CHR Extension: (Tabulky) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (AdBlock) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-07]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-726496295-2317986126-1619368687-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-726496295-2317986126-1619368687-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-726496295-2317986126-1619368687-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2054232 2019-02-12] (Microsoft Corporation -> Microsoft Corporation)
S2 HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [103696 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1324104 2013-01-09] (Chinery & Heindoerfer GbR -> pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [795208 2013-01-09] (Chinery & Heindoerfer GbR -> pdfforge GbR)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\Windows\System32\DRIVERS\aftap0901.sys [45528 2018-01-23] (AnchorFree Inc -> The OpenVPN Project)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [9023488 2010-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] (Logitech Inc -> )
S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc -> Logitech Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 nmwcd; C:\Windows\System32\drivers\ccdcmb.sys [18176 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbo.sys [23168 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [137472 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8576 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc -> Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc -> Logitech Inc.)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2013-02-12] (Microsoft Windows -> Microsoft Corporation)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [165376 2009-09-23] (Microsoft Windows -> Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [55040 2009-09-23] (Microsoft Corporation -> Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2009-09-23] (Microsoft Windows -> Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [294912 2009-09-23] (Microsoft Corporation -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [128704 2016-08-16] (NGO -> MBB)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-12 15:12 - 2019-05-12 15:12 - 001789440 _____ (Farbar) C:\Users\Libor\Downloads\FRST (1).exe
2019-05-12 10:03 - 2019-05-12 10:07 - 080266373 _____ C:\Users\Libor\Downloads\Sex and the City (2008) Soundtrack.rar
2019-05-12 09:58 - 2019-05-12 10:08 - 000000000 ____D C:\Users\Libor\Desktop\Sex and the city
2019-05-12 09:48 - 2019-05-12 09:49 - 000000000 ____D C:\Users\Libor\Desktop\Usínání
2019-05-12 09:39 - 2019-05-12 09:39 - 000000000 ____D C:\Users\Libor\Desktop\cd jaro 3
2019-05-11 23:10 - 2019-05-11 23:10 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2019-05-11 23:10 - 2019-05-11 23:10 - 000000000 ____D C:\Windows\system32\DAX2
2019-04-21 17:28 - 2019-04-21 18:40 - 798252372 _____ C:\Users\Libor\Downloads\Po čem muži touží DVDRip (Bat24).avi
2019-04-18 13:28 - 2019-04-18 13:59 - 000000000 ____D C:\Users\Libor\Desktop\soundtrack
2019-04-15 10:49 - 2019-04-15 12:55 - 1390943078 _____ C:\Users\Libor\Downloads\Všechny cesty vedou do Říma - Sarah Jessica Parker, Rosie Day, Claudia Cardinale 2018 cz dab.avi
2019-04-14 16:43 - 2019-04-14 17:31 - 537001984 _____ C:\Users\Libor\Downloads\Rosamunde Pilcher - Zaslibena nevesta DVB-T (bt).avi

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-12 15:15 - 2017-12-26 09:59 - 000021835 _____ C:\Users\Libor\Downloads\FRST.txt
2019-05-12 15:12 - 2017-03-18 14:11 - 000000000 ____D C:\FRST
2019-05-12 15:11 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2019-05-12 11:46 - 2010-11-21 03:16 - 000673616 _____ C:\Windows\system32\perfh005.dat
2019-05-12 11:46 - 2010-11-21 03:16 - 000143168 _____ C:\Windows\system32\perfc005.dat
2019-05-12 11:46 - 2010-11-20 23:01 - 001592614 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-12 09:53 - 2009-07-14 06:34 - 000024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-12 09:53 - 2009-07-14 06:34 - 000024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-12 09:37 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-12 02:55 - 2012-01-11 11:16 - 000000000 ____D C:\Windows\system32\Macromed
2019-05-11 23:11 - 2012-01-14 13:36 - 000000000 ____D C:\Users\Libor\AppData\Local\ElevatedDiagnostics
2019-05-11 23:09 - 2011-12-19 15:04 - 000000000 ____D C:\Windows\system32\RTCOM
2019-05-10 11:06 - 2015-08-23 10:28 - 000000000 ____D C:\Users\Libor\AppData\Roaming\vlc
2019-05-07 10:39 - 2012-12-23 16:42 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-05 10:11 - 2016-10-04 23:11 - 000027260 ____H C:\Users\Libor\Documents\Charakteristika.odt
2019-04-30 16:57 - 2016-11-22 07:02 - 000000000 ____D C:\Users\Libor\AppData\LocalLow\Mozilla
2019-04-30 16:49 - 2017-04-28 17:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-04-28 07:01 - 2013-09-14 01:45 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-28 06:58 - 2013-09-14 01:41 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-04-21 08:19 - 2009-07-14 06:53 - 000032584 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-04-18 13:09 - 2012-01-11 12:17 - 000000000 ____D C:\Users\Libor\AppData\Roaming\IrfanView
2019-04-18 13:09 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\registration
2019-04-18 12:11 - 2012-01-02 11:31 - 000000000 ____D C:\Users\Libor
2019-04-15 11:20 - 2016-10-04 22:21 - 000000000 ____D C:\Users\Libor\AppData\LocalLow\Adblock Plus for IE
2019-04-14 21:29 - 2012-05-15 22:55 - 000000000 ____D C:\Users\Libor\Documents\Texty různé
2019-04-14 21:29 - 2012-01-17 11:37 - 000000000 ____D C:\Users\Libor\Documents\Texty Nezmaři
2019-04-12 17:13 - 2016-10-06 22:20 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-12 08:05 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\rescache

==================== Files in the root of some directories =======

2012-01-16 11:22 - 2007-08-18 10:28 - 004316160 _____ (Gabest) C:\Program Files\mplayerc.exe
2017-04-07 21:34 - 2019-03-26 11:33 - 000010240 _____ () C:\Users\Libor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-05-03 09:00
==================== End of FRST.txt ============================


Nahoru
 Profil  
 
PříspěvekNapsal: 12 kvě 2019 14:54 
Offline
Návštěvník
Návštěvník

Registrován: 29 zář 2007 22:48
Příspěvky: 105
Ještě log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Libor at 2019-05-12 15:52:54
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 133 GB (28%) free of 469 GB
Total RAM: 2013 MB (13% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:53:06, on 12.5.2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19326)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Users\Libor\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Libor\Downloads\FRST (1).exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Libor\Downloads\RSIT (3).exe
C:\Program Files\trend micro\Libor.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE07DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [StatusAlerts] "C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
O4 - HKLM\..\Run: [iSkysoft Helper Compact.exe] C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe" -s
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [McAfeeSafeConnect] C:\Program Files\McAfee Safe Connect\McAfee Safe Connect.exe
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Libor\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files\Google\Chrome\Application\74.0.3729.131\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files\HP\HPBDSService\HPBDSService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: PDF Architect Helper Service - pdfforge GbR - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GbR - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe

--
End of file - 8257 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.171 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2019-02-13 724056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22 755392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-10 136216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-10 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-10 170520]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1002984]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"StatusAlerts"=C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe [2013-04-18 313656]
"iSkysoft Helper Compact.exe"=C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2016-10-08 2138272]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [2016-11-09 8037896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-08-26 6868696]
"McAfeeSafeConnect"=C:\Program Files\McAfee Safe Connect\McAfee Safe Connect.exe []
"cz.seznam.software.szndesktop"=C:\Users\Libor\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2018-03-27 109808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-07-29 228864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=i420vfw.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.yv12"=yv12vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2019-05-11 23:10:18 ----D---- C:\Windows\system32\DAX2

======List of files/folders modified in the last 1 month======

2019-05-12 15:53:06 ----D---- C:\Windows\Prefetch
2019-05-12 15:52:58 ----D---- C:\Program Files\trend micro
2019-05-12 15:52:15 ----D---- C:\Windows\Temp
2019-05-12 15:18:41 ----D---- C:\FRST
2019-05-12 15:12:30 ----D---- C:\Windows
2019-05-12 15:11:24 ----D---- C:\Windows\inf
2019-05-12 12:46:27 ----D---- C:\Windows\system32\config
2019-05-12 11:46:08 ----D---- C:\Windows\System32
2019-05-12 11:46:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-05-12 03:00:42 ----SHD---- C:\System Volume Information
2019-05-12 02:55:00 ----D---- C:\Windows\system32\Macromed
2019-05-11 23:10:55 ----D---- C:\ProgramData
2019-05-11 23:09:53 ----D---- C:\Windows\system32\RTCOM
2019-05-11 23:09:52 ----D---- C:\Windows\system32\drivers
2019-05-11 23:09:28 ----D---- C:\Windows\system32\DriverStore
2019-05-11 22:50:19 ----D---- C:\Windows\system32\catroot
2019-05-11 22:50:16 ----D---- C:\Windows\system32\catroot2
2019-05-10 11:06:05 ----D---- C:\Users\Libor\AppData\Roaming\vlc
2019-04-30 16:49:29 ----D---- C:\Program Files\Mozilla Firefox
2019-04-28 07:02:07 ----SHD---- C:\Windows\Installer
2019-04-28 07:01:51 ----RSD---- C:\Windows\assembly
2019-04-28 07:01:45 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-04-28 07:01:21 ----D---- C:\ProgramData\Microsoft Help
2019-04-28 06:58:22 ----D---- C:\Program Files\Microsoft Office 15
2019-04-18 13:09:52 ----D---- C:\Windows\Tasks
2019-04-18 13:09:52 ----D---- C:\Windows\system32\wfp
2019-04-18 13:09:51 ----D---- C:\Users\Libor\AppData\Roaming\IrfanView
2019-04-18 13:09:50 ----D---- C:\Windows\system32\wbem
2019-04-18 13:09:50 ----D---- C:\Windows\registration

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 252808]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 173288]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2009-09-23 55040]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2009-09-23 294912]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-07-29 9023488]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2016-11-09 4224520]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x86.sys [2011-08-11 88176]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-13 6504]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 105696]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2009-09-23 165376]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2009-09-23 78336]
S3 aftap0901;AnchorFree TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\aftap0901.sys [2018-01-23 45528]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2018-02-10 52928]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2019-02-07 78336]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-07-26 41752]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2011-08-17 137472]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2011-08-17 8576]
S3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2008-07-26 13848]
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2008-07-26 2570520]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2018-02-10 51904]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2018-02-10 52928]
S3 ViaC7;Ovladač procesoru VIA C7; C:\Windows\system32\drivers\viac7.sys [2019-03-21 53248]
S3 wdm_usb;wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [2016-08-16 128704]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-12-16 83984]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2019-02-12 2054232]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [2012-12-04 174592]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 103696]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2013-01-09 1324104]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2013-01-09 795208]
R2 TeamViewer;TeamViewer 10; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-02-17 5436176]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 280864]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 HP DS Service;HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2019-04-10 335416]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files\Google\Chrome\Application\74.0.3729.131\elevation_service.exe [2019-04-30 1055728]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2016-10-01 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-03-26 104960]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-12 160960]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2013-08-20 4846168]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-02 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2018-03-26 47200]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------


Nahoru
 Profil  
 
PříspěvekNapsal: 12 kvě 2019 15:10 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109892
Bydliště: Plzeň
Zdravím!
Spusťte tuto utilitu:

Citace:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
PříspěvekNapsal: 12 kvě 2019 15:35 
Offline
Návštěvník
Návštěvník

Registrován: 29 zář 2007 22:48
Příspěvky: 105
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-12-2019
# Duration: 00:00:08
# OS: Windows 7 Home Premium
# Cleaned: 9
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files\Seznam.cz
Deleted C:\Users\Libor\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}

***** [ Chromium (and derivatives) ] *****

Deleted Seznam Lištička - Rychlá volba
Deleted Seznam doplněk - Email

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1898 octets] - [12/05/2019 16:23:25]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########


Nahoru
 Profil  
 
PříspěvekNapsal: 12 kvě 2019 16:03 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109892
Bydliště: Plzeň
Dejte nové logy FRST+Addition.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
PříspěvekNapsal: 12 kvě 2019 17:16 
Offline
Návštěvník
Návštěvník

Registrován: 29 zář 2007 22:48
Příspěvky: 105
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-05-2019
Ran by Libor (administrator) on LIBOR-PC (ATComputers COMFOR BOXER I) (12-05-2019 18:03:06)
Running from C:\Users\Libor\Downloads
Loaded Profiles: Libor (Available Profiles: Libor)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Google Inc -> Google LLC) C:\Program Files\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files\HP\HPBDSService\HPBDSService.exe
(HP) [File not signed] C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(Chinery & Heindoerfer GbR -> pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
(Chinery & Heindoerfer GbR -> pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Logitech Inc -> ) C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
(Logitech Inc -> ) C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] (Logitech Inc -> )
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1002984 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [StatusAlerts] => C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-04-18] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [8037896 2016-11-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6868696 2016-08-26] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [McAfeeSafeConnect] => C:\Program Files\McAfee Safe Connect\McAfee Safe Connect.exe
HKLM\...\Drivers32: [VIDC.I420] => C:\Windows\system32\i420vfw.dll [70656 2004-01-25] (www.helixcommunity.org) [File not signed]
HKLM\...\Drivers32: [MSVideo] => C:\Windows\system32\vfwwdm32.dll [56832 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\system32\yv12vfw.dll [70656 2004-01-25] (www.helixcommunity.org) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\74.0.3729.131\Installer\chrmstp.exe [2019-05-07] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {30A681F2-248E-4AEC-97DE-B44C94467DD9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [6868696 2016-08-26] (Piriform Ltd -> Piriform Ltd)
Task: {705AF9D9-D328-4EF8-AD3D-B3532AFB78FF} - System32\Tasks\{96567AE1-679E-4B32-AB18-866DD4813B74} => C:\Program Files\Mozilla Firefox\firefox.exe
Task: {833455CE-557E-41F7-AFDD-3D7558D2ABAD} - System32\Tasks\HPLJCustParticipation => C:\Program Files\HP\HPLJUT\HPLJUTSCH.exe [43832 2013-01-28] (Hewlett-Packard Company -> Hewlett Packard)
Task: {900AA588-533D-49AC-8A51-44A9CF896A64} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {9F2A5820-A83A-495E-987D-9EF66D8EF7B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {B67764DD-9976-47F3-9BDB-635E3F92AC2D} - System32\Tasks\{C81A586E-6EC6-4539-9F39-8981804DCB3B} => C:\Windows\system32\pcalua.exe -a C:\Users\Libor\Downloads\jxpiinstall(1).exe -d C:\Users\Libor\Downloads
Task: {B8FF0637-1B1F-4F1E-BC5F-CAD63383F7E7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [688208 2019-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {C14761E8-0D9D-441D-804A-009704C9FFFE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [1163352 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3B2D9A1-2409-4C06-8448-FEFADEDC979D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [688208 2019-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9E2AC7B-F936-4963-A1AE-83BF2248170B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {F333B598-D2FD-4551-BEA8-6F17A3FDB198} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-10] (Adobe Inc. -> Adobe)
Task: {F85296D4-38FA-42E1-BAED-859955165DF5} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe [1456696 2019-04-10] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 185.18.30.142 8.8.8.8
Tcpip\..\Interfaces\{E0BC94DA-EACE-47BA-B7D7-A46A2E95D57E}: [DhcpNameServer] 185.18.30.142 8.8.8.8

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-726496295-2317986126-1619368687-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-726496295-2317986126-1619368687-1000 -> {B11F5F4A-5285-4795-906C-0CF4761EA898} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-726496295-2317986126-1619368687-1000 -> {E3472CF2-F332-4A9F-B906-F879FD3EC370} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 9aif3cru.default
FF ProfilePath: C:\Users\Libor\AppData\Roaming\TomTom\HOME\Profiles\fl7b3mle.default [2016-10-02]
FF Extension: (No Name) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default [2019-05-12]
FF Homepage: Mozilla\Firefox\Profiles\9aif3cru.default -> hxxps://www.seznam.cz/
FF NewTabOverride: Mozilla\Firefox\Profiles\9aif3cru.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Seznam doplněk - Esko) - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default\Extensions\sko-extension@firma.seznam.cz.xpi [2019-03-25]
FF Extension: (No Name) - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-30]
FF Extension: (Seznam doplněk - Email) - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2018-12-30]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\9aif3cru.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-11-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-10] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-09-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-25] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-25] (Google Inc -> Google LLC)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Profile: C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default [2019-05-12]
CHR Extension: (Prezentace) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-23]
CHR Extension: (Dokumenty) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-05-12]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-02-14]
CHR Extension: (YouTube) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-21]
CHR Extension: (Vyhledávání Google) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-21]
CHR Extension: (Tabulky) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (AdBlock) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-05-12]
CHR Extension: (Gmail) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-07]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-726496295-2317986126-1619368687-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-726496295-2317986126-1619368687-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-726496295-2317986126-1619368687-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2054232 2019-02-12] (Microsoft Corporation -> Microsoft Corporation)
R2 HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [103696 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1324104 2013-01-09] (Chinery & Heindoerfer GbR -> pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [795208 2013-01-09] (Chinery & Heindoerfer GbR -> pdfforge GbR)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\Windows\System32\DRIVERS\aftap0901.sys [45528 2018-01-23] (AnchorFree Inc -> The OpenVPN Project)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [9023488 2010-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] (Logitech Inc -> )
S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc -> Logitech Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 nmwcd; C:\Windows\System32\drivers\ccdcmb.sys [18176 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbo.sys [23168 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [137472 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8576 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc -> Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc -> Logitech Inc.)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2013-02-12] (Microsoft Windows -> Microsoft Corporation)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [165376 2009-09-23] (Microsoft Windows -> Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [55040 2009-09-23] (Microsoft Corporation -> Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2009-09-23] (Microsoft Windows -> Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [294912 2009-09-23] (Microsoft Corporation -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [128704 2016-08-16] (NGO -> MBB)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-12 18:02 - 2019-05-12 18:02 - 001789440 _____ (Farbar) C:\Users\Libor\Downloads\FRST (2).exe
2019-05-12 16:19 - 2019-05-12 16:19 - 007025360 _____ (Malwarebytes) C:\Users\Libor\Desktop\adwcleaner_7.3.exe
2019-05-12 15:52 - 2019-05-12 15:52 - 001107968 _____ C:\Users\Libor\Downloads\RSIT (3).exe
2019-05-12 15:16 - 2019-05-12 15:18 - 000031774 _____ C:\Users\Libor\Downloads\Addition.txt
2019-05-12 15:12 - 2019-05-12 15:12 - 001789440 _____ (Farbar) C:\Users\Libor\Downloads\FRST (1).exe
2019-05-12 10:03 - 2019-05-12 10:07 - 080266373 _____ C:\Users\Libor\Downloads\Sex and the City (2008) Soundtrack.rar
2019-05-12 09:58 - 2019-05-12 10:08 - 000000000 ____D C:\Users\Libor\Desktop\Sex and the city
2019-05-12 09:48 - 2019-05-12 09:49 - 000000000 ____D C:\Users\Libor\Desktop\Usínání
2019-05-12 09:39 - 2019-05-12 09:39 - 000000000 ____D C:\Users\Libor\Desktop\cd jaro 3
2019-05-11 23:10 - 2019-05-11 23:10 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2019-05-11 23:10 - 2019-05-11 23:10 - 000000000 ____D C:\Windows\system32\DAX2
2019-04-21 17:28 - 2019-04-21 18:40 - 798252372 _____ C:\Users\Libor\Downloads\Po čem muži touží DVDRip (Bat24).avi
2019-04-18 13:28 - 2019-04-18 13:59 - 000000000 ____D C:\Users\Libor\Desktop\soundtrack
2019-04-15 10:49 - 2019-04-15 12:55 - 1390943078 _____ C:\Users\Libor\Downloads\Všechny cesty vedou do Říma - Sarah Jessica Parker, Rosie Day, Claudia Cardinale 2018 cz dab.avi
2019-04-14 16:43 - 2019-04-14 17:31 - 537001984 _____ C:\Users\Libor\Downloads\Rosamunde Pilcher - Zaslibena nevesta DVB-T (bt).avi

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-12 18:06 - 2017-12-26 09:59 - 000021644 _____ C:\Users\Libor\Downloads\FRST.txt
2019-05-12 18:03 - 2017-03-18 14:11 - 000000000 ____D C:\FRST
2019-05-12 16:33 - 2009-07-14 06:34 - 000024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-12 16:33 - 2009-07-14 06:34 - 000024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-12 16:25 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-12 16:23 - 2017-03-18 21:42 - 000000000 ____D C:\AdwCleaner
2019-05-12 15:53 - 2017-03-18 12:46 - 000000000 ____D C:\rsit
2019-05-12 15:52 - 2013-05-04 14:16 - 000000000 ____D C:\Program Files\trend micro
2019-05-12 15:11 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2019-05-12 11:46 - 2010-11-21 03:16 - 000673616 _____ C:\Windows\system32\perfh005.dat
2019-05-12 11:46 - 2010-11-21 03:16 - 000143168 _____ C:\Windows\system32\perfc005.dat
2019-05-12 11:46 - 2010-11-20 23:01 - 001592614 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-12 02:55 - 2012-01-11 11:16 - 000000000 ____D C:\Windows\system32\Macromed
2019-05-11 23:11 - 2012-01-14 13:36 - 000000000 ____D C:\Users\Libor\AppData\Local\ElevatedDiagnostics
2019-05-11 23:09 - 2011-12-19 15:04 - 000000000 ____D C:\Windows\system32\RTCOM
2019-05-10 11:06 - 2015-08-23 10:28 - 000000000 ____D C:\Users\Libor\AppData\Roaming\vlc
2019-05-07 10:39 - 2012-12-23 16:42 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-05 10:11 - 2016-10-04 23:11 - 000027260 ____H C:\Users\Libor\Documents\Charakteristika.odt
2019-04-30 16:57 - 2016-11-22 07:02 - 000000000 ____D C:\Users\Libor\AppData\LocalLow\Mozilla
2019-04-30 16:49 - 2017-04-28 17:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-04-28 07:01 - 2013-09-14 01:45 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-28 06:58 - 2013-09-14 01:41 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-04-21 08:19 - 2009-07-14 06:53 - 000032584 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-04-18 13:09 - 2012-01-11 12:17 - 000000000 ____D C:\Users\Libor\AppData\Roaming\IrfanView
2019-04-18 13:09 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\registration
2019-04-18 12:11 - 2012-01-02 11:31 - 000000000 ____D C:\Users\Libor
2019-04-15 11:20 - 2016-10-04 22:21 - 000000000 ____D C:\Users\Libor\AppData\LocalLow\Adblock Plus for IE
2019-04-14 21:29 - 2012-05-15 22:55 - 000000000 ____D C:\Users\Libor\Documents\Texty různé
2019-04-14 21:29 - 2012-01-17 11:37 - 000000000 ____D C:\Users\Libor\Documents\Texty Nezmaři
2019-04-12 17:13 - 2016-10-06 22:20 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-12 08:05 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\rescache

==================== Files in the root of some directories =======

2012-01-16 11:22 - 2007-08-18 10:28 - 004316160 _____ (Gabest) C:\Program Files\mplayerc.exe
2017-04-07 21:34 - 2019-03-26 11:33 - 000010240 _____ () C:\Users\Libor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-05-03 09:00
==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-05-2019
Ran by Libor (12-05-2019 18:08:26)
Running from C:\Users\Libor\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2012-01-02 09:31:23)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-726496295-2317986126-1619368687-500 - Administrator - Disabled)
Guest (S-1-5-21-726496295-2317986126-1619368687-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-726496295-2317986126-1619368687-1002 - Limited - Enabled)
Libor (S-1-5-21-726496295-2317986126-1619368687-1000 - Administrator - Enabled) => C:\Users\Libor

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adblock Plus for IE (32-bit) (HKLM\...\{CBECBAA4-A9A1-48B6-88DC-5D5E800B0E52}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.171 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Any Video Converter 5.8.2 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Canon ScanGear Starter (HKLM\...\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
CDA Converter Plus (HKLM\...\CDA Converter Plus) (Version: 3.2 - audio2convert.com)
CrystalDiskInfo 7.0.3 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.0.3 - Crystal Dew World)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Google Chrome (HKLM\...\Google Chrome) (Version: 74.0.3729.131 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP LaserJet Pro MFP M125-M126 (HKLM\...\{c65448bc-e467-4ec7-b4a5-246697f52957}) (Version: 8.0.14087.1054 - Hewlett-Packard)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.002.004 - Hewlett-Packard)
hpbDSService (HKLM\...\{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}) (Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM126DSService (HKLM\...\{9A0C3AE6-A6C3-46C4-95A5-E3745CCE3D57}) (Version: 001.001.08254 - Hewlett-Packard) Hidden
HPDXP (HKLM\...\{0BFDA228-F4D0-42C0-90B2-8C47F147AEB1}) (Version: 3.0.26.59 - HP) Hidden
HPLJDXPHelper (HKLM\...\{5E4DD8C2-A906-4F1B-94B6-4F6A51D625B2}) (Version: 060.048.005 - HP) Hidden
HPLJProMFPM125M126 (HKLM\...\{B2894225-82C7-4006-B243-6272589993B2}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (HKLM\...\{30DD7187-F392-4D83-8AED-D9A2DC64EF15}) (Version: 008.000.0001 - HP) Hidden
HPLJUTM125_126 (HKLM\...\{9E7CB788-5C1F-4A18-95AA-8F4B1618A80C}) (Version: 008.000.0001 - HP) Hidden
hppLaserJetService (HKLM\...\{178F0383-A2F1-427C-9881-6EACB8728C76}) (Version: 009.033.00905 - Hewlett-Packard) Hidden
hppM125LaserJetService (HKLM\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM\...\{6470E292-3B55-41DC-B5EB-91C34C5ACB5D}) (Version: 080.040.00171 - Hewlett Packard) Hidden
hpStatusAlertsM125-M126 (HKLM\...\{581A9CCB-1AD7-4BB4-A698-590305F773FB}) (Version: 080.046.00113 - Hewlett-Packard) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.4.0 (Basic) (HKLM\...\KLiteCodecPack_is1) (Version: 9.4.0 - )
LibreOffice 6.2.0.3 (HKLM\...\{C0B9601C-3433-41E2-B681-4C86274F0656}) (Version: 6.2.0.3 - The Document Foundation)
LJDXPHelperUI (HKLM\...\{EAECD0D7-F27D-4F13-8312-A9C0B5C5F1B7}) (Version: 060.048.005 - HP) Hidden
Logitech Vid HD (HKLM\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM\...\{B44F3823-52DD-45CA-A916-8B320778715D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 15.0.5127.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 65.0.2 (x86 cs) (HKLM\...\Mozilla Firefox 65.0.2 (x86 cs)) (Version: 65.0.2 - Mozilla)
MULTIFlight (HKLM\...\MULTIFlight) (Version: - Multiplex Modellsport GmbH & Co.KG)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Office 15 Click-to-Run Extensibility Component (HKLM\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5127.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-007E-0000-0000-0000000FF1CE}) (Version: 15.0.5127.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM\...\{90150000-008C-0405-0000-0000000FF1CE}) (Version: 15.0.5127.1000 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Architect (HKLM\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge)
PdfConvertor (HKLM\...\PdfConvertor_is1) (Version: - XSoft)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.2 - pdfforge)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7982 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sonic Foundry ACID Pro 3.0 (HKLM\...\{F07C83EA-CF0C-44B4-9F1E-C3CD82EBA538}) (Version: 3.0.189 - Sonic Foundry)
Sonic Foundry ACID Pro 3.0 Crack (HKLM\...\Sonic Foundry ACID Pro 3.0 Crack) (Version: - )
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steinberg Cubase VST32 (HKLM\...\Steinberg Cubase VST32) (Version: - )
SUPER © v2012.build.51 (April 7, 2012) verze v2012.build.51 (HKLM\...\{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1) (Version: v2012.build.51 - eRightSoft)
SUPER © v2013.build.59+Recorder (2013/12/18) verze v2013.build. (HKLM\...\{8E2A18E2-96AF-4DF9-8459-5C06B75139A4}_is1) (Version: v2013.build.59+Recorder - eRightSoft)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TomTom MyDrive Connect 4.1.6.3253 (HKLM\...\MyDriveConnect) (Version: 4.1.6.3253 - TomTom)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 5.61 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DA}) (Version: 17.5.10480 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{D4492C8D-967E-0F91-5BF1-57D6197E1208}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\SkyDriveShell.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726496295-2317986126-1619368687-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\FileSyncApi.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [PDFArchitectExtension] -> {DBDB3433-0E01-40CE-A026-D9F54FAC3CA9} => C:\Program Files\PDF Architect\ContextMenuExt.dll [2013-01-09] (Chinery & Heindoerfer GbR -> pdfforge GbR)
ContextMenuHandlers1: [TVCShellExt] -> {4E33A7F5-8083-4C08-9D45-C5CED88F5C04} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2013-06-06] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2013-06-06] (WinZip Computing -> WinZip Computing, S.L.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshlstb.dll [2013-06-06] (WinZip Computing -> WinZip Computing, S.L.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2016-08-26 20:25 - 2016-08-26 20:25 - 000061440 _____ () [File not signed] C:\Program Files\CCleaner\lang\lang-1029.dll
2009-09-16 19:37 - 2009-09-16 19:37 - 000118784 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hptcpmib.dll
2009-09-16 19:38 - 2009-09-16 19:38 - 000200704 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\HpTcpMon.dll
2009-09-16 12:44 - 2009-09-16 12:44 - 000139264 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hpzjrd01.dll
2011-10-17 16:51 - 2011-10-17 16:51 - 000013824 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\HP\HPBDSService\HPBDSService.exe
2012-12-04 11:52 - 2012-12-04 11:52 - 000041472 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\HP\HPLaserJetService\HPHTTPProxy.dll
2012-12-04 11:51 - 2012-12-04 11:51 - 000073728 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\HP\HPLaserJetService\HPTools.dll
2012-12-04 11:52 - 2012-12-04 11:52 - 001219072 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\HP\HPLaserJetService\LEDMXMLObjects.dll
2012-12-04 11:52 - 2012-12-04 11:52 - 000174592 _____ (HP) [File not signed] C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
2012-12-04 11:51 - 2012-12-04 11:51 - 000034816 _____ (HP) [File not signed] C:\Program Files\HP\HPLaserJetService\HPServiceCommunicator.dll
2009-09-16 19:40 - 2009-09-16 19:40 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\HPTcpMUI.dll
2013-03-03 16:39 - 2013-01-11 12:39 - 000088576 _____ (pdfforge GbR) [File not signed] C:\Windows\System32\pdfcmon.dll
2013-03-03 23:47 - 2011-04-20 04:03 - 000095232 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\E_FLBIME.DLL
2013-01-09 17:24 - 2013-01-09 17:24 - 000299008 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files\PDF Architect\libcurl.dll
2013-01-09 17:24 - 2013-01-09 17:24 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PDF Architect\LIBEAY32.dll
2013-01-09 17:24 - 2013-01-09 17:24 - 000274432 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PDF Architect\SSLEAY32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2016-10-12 22:51 - 000000050 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-726496295-2317986126-1619368687-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Libor\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 185.18.30.142 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{50774DFC-4F60-4DC9-A5CF-E81B6724719C}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9EAD24A6-93E5-4406-B7D5-744567CD16CC}] => (Allow) LPort=2869
FirewallRules: [{5E8B0702-07AB-4AF2-AFF8-ABE0B581BF0F}] => (Allow) LPort=1900
FirewallRules: [{F9ACF031-C9A1-4F9D-B0C8-8AF3132EE8E1}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A0242DB3-05A2-43A6-9035-CFA63EDC7BC9}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D9D8ED57-C490-44A7-9463-49C34BC364E4}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{37CD3B0F-7629-4BDF-8A4E-D4D1F4C33296}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{9C7128CC-F83B-44B3-BEA6-C6CDC157B698}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{274897D9-567F-4FC2-970A-F13A72E8977D}] => (Allow) C:\Users\Libor\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{831B9F3F-AA85-4555-86E2-B0045E4544DE}C:\program files\libreoffice 4\program\soffice.bin] => (Allow) C:\program files\libreoffice 4\program\soffice.bin No File
FirewallRules: [UDP Query User{479B7019-74B2-42F6-8BBE-DA8931F95C58}C:\program files\libreoffice 4\program\soffice.bin] => (Allow) C:\program files\libreoffice 4\program\soffice.bin No File
FirewallRules: [{2D15419A-59D9-4674-BB9E-1C16AC5E5E28}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{523603F9-F2EF-4B10-A723-E4FA0C0367D9}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B99D817B-9599-4544-88B9-042BA100EDCE}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4A8527CB-18DB-4B66-AE2A-8A9FB621F9A2}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{47B30FE5-392A-44FC-86B1-35EB737866DA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{00A70864-D01C-4DA2-A43C-5247E417317E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{1DD47B50-5904-4A87-AFF7-5BA3AEC8F641}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{9348A714-F1AC-4DCA-8464-C5040A26261E}] => (Allow) C:\HP_LaserJet_Pro_MFP_M125-M126\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
FirewallRules: [{1B9CE597-2BAA-4239-A4C1-B5B6509DD6CB}] => (Allow) C:\HP_LaserJet_Pro_MFP_M125-M126\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
FirewallRules: [{5A11DBE9-5644-4805-A22E-B1EE301F89C6}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M125-M126\Bin\HPNetworkCommunicatorCom.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{A1C04533-D79C-4022-8A2F-419EFA155E3F}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M125-M126\bin\EWSProxy.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{384AC947-EB8A-4873-B16F-625D0FD05D28}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{69811F97-B839-45C5-B767-813D74A280AC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3D63B119-B932-4A4F-9974-771FC6F4049B}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech, Inc. -> Logitech Inc.)
FirewallRules: [{3A88BE42-F411-4C69-8941-0B5BED50CAA4}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech, Inc. -> Logitech Inc.)
FirewallRules: [{56008E3A-F250-4410-8107-4195DA959878}] => (Allow) C:\Program Files\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International BV -> TomTom)
FirewallRules: [TCP Query User{F6D6092E-4AB9-4A99-9C78-8C0C123C174B}C:\program files\leawo\dvd creator\loadingscreen.exe] => (Block) C:\program files\leawo\dvd creator\loadingscreen.exe No File
FirewallRules: [UDP Query User{2339EA44-F6CC-4143-AD5F-455D506D1EB7}C:\program files\leawo\dvd creator\loadingscreen.exe] => (Block) C:\program files\leawo\dvd creator\loadingscreen.exe No File
FirewallRules: [{6C8E3EED-1D5C-4254-B4F7-1747C2D0C11F}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech, Inc. -> Logitech Inc.)
FirewallRules: [{FF61CC0F-E78C-461D-AB3F-5D6739F5F26B}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech, Inc. -> Logitech Inc.)
FirewallRules: [{43D97938-6493-40F0-A027-973346A9170C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

22-04-2019 05:56:48 Windows Update
25-04-2019 07:07:09 Windows Update
29-04-2019 00:07:51 Windows Update
02-05-2019 21:33:37 Windows Update
06-05-2019 08:18:48 Windows Update
10-05-2019 00:09:08 Windows Update
12-05-2019 03:00:15 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/12/2019 04:26:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/12/2019 09:48:35 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/12/2019 09:39:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/12/2019 08:33:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/11/2019 08:37:37 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/11/2019 08:34:30 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 4192. ID zprávy: [0x2509].

Error: (05/11/2019 08:28:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/10/2019 10:39:17 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 5224. ID zprávy: [0x2509].


System errors:
=============
Error: (05/12/2019 04:24:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Media Player Network Sharing neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (05/12/2019 04:24:11 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WMPNetworkSvc se nemohla přihlásit jako NT AUTHORITY\NetworkService s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (05/12/2019 04:23:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP LaserJet Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/12/2019 04:23:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office ClickToRun byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/12/2019 04:23:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (05/12/2019 04:23:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (05/12/2019 04:23:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PDF Architect Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/12/2019 04:23:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1001 08/10/2011
Motherboard: ASUSTeK Computer INC. P5G41T-M LX
Processor: Intel(R) Celeron(R) CPU E3400 @ 2.60GHz
Percentage of memory in use: 92%
Total physical RAM: 2013.12 MB
Available physical RAM: 152.14 MB
Total Virtual: 4026.23 MB
Available Virtual: 1209.45 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:457.94 GB) (Free:129.43 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive k: (TREKSTOR) (Fixed) (Total:465.65 GB) (Free:303.78 GB) FAT32

\\?\Volume{f58ccc6d-2a46-11e1-bf02-5404a6627f89}\ (WinRE-ATC) (Fixed) (Total:7.81 GB) (Free:2.97 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 6197B7D3)
Partition 1: (Active) - (Size=457.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=7.8 GB) - (Type=27)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 18152521)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=0C)

==================== End of Addition.txt ============================


Nahoru
 Profil  
 
PříspěvekNapsal: 12 kvě 2019 18:01 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109892
Bydliště: Plzeň
Otevřte poznámkový blok a zkopírujte do něj:

Citace:
Start

CloseProcesses:
Task: {9F2A5820-A83A-495E-987D-9EF66D8EF7B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {B67764DD-9976-47F3-9BDB-635E3F92AC2D} - System32\Tasks\{C81A586E-6EC6-4539-9F39-8981804DCB3B} => C:\Windows\system32\pcalua.exe -a C:\Users\Libor\Downloads\jxpiinstall(1).exe -d C:\Users\Libor\Downloads
Task: {C9E2AC7B-F936-4963-A1AE-83BF2248170B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\ProgramData\DP45977C.lfl
C:\Users\Libor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers1: [TVCShellExt] -> {4E33A7F5-8083-4C08-9D45-C5CED88F5C04} => -> No File

EmptyTemp:
End


Uložte do C:\Users\Libor\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
PříspěvekNapsal: 12 kvě 2019 18:39 
Offline
Návštěvník
Návštěvník

Registrován: 29 zář 2007 22:48
Příspěvky: 105
Fix result of Farbar Recovery Scan Tool (x86) Version: 11-05-2019
Ran by Libor (12-05-2019 19:31:13) Run:1
Running from C:\Users\Libor\Downloads
Loaded Profiles: Libor (Available Profiles: Libor)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {9F2A5820-A83A-495E-987D-9EF66D8EF7B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {B67764DD-9976-47F3-9BDB-635E3F92AC2D} - System32\Tasks\{C81A586E-6EC6-4539-9F39-8981804DCB3B} => C:\Windows\system32\pcalua.exe -a C:\Users\Libor\Downloads\jxpiinstall(1).exe -d C:\Users\Libor\Downloads
Task: {C9E2AC7B-F936-4963-A1AE-83BF2248170B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\ProgramData\DP45977C.lfl
C:\Users\Libor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers1: [TVCShellExt] -> {4E33A7F5-8083-4C08-9D45-C5CED88F5C04} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F2A5820-A83A-495E-987D-9EF66D8EF7B7}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F2A5820-A83A-495E-987D-9EF66D8EF7B7}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B67764DD-9976-47F3-9BDB-635E3F92AC2D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B67764DD-9976-47F3-9BDB-635E3F92AC2D}" => removed successfully.
C:\Windows\System32\Tasks\{C81A586E-6EC6-4539-9F39-8981804DCB3B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C81A586E-6EC6-4539-9F39-8981804DCB3B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C9E2AC7B-F936-4963-A1AE-83BF2248170B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9E2AC7B-F936-4963-A1AE-83BF2248170B}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
C:\ProgramData\DP45977C.lfl => moved successfully
C:\Users\Libor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\TVCShellExt => removed successfully.
HKLM\Software\Classes\CLSID\{4E33A7F5-8083-4C08-9D45-C5CED88F5C04} => not found

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34793687 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 1597838 B
Edge => 0 B
Chrome => 126406779 B
Firefox => 7917908 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
LocalService => 25624895 B
NetworkService => 3602346 B
Libor => 827527 B

RecycleBin => 0 B
EmptyTemp: => 191.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:32:06 ====


Nahoru
 Profil  
 
PříspěvekNapsal: 12 kvě 2019 18:54 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109892
Bydliště: Plzeň
OK. Smazáno. Nastala nějaká změna?

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
PříspěvekNapsal: 12 kvě 2019 19:15 
Offline
Návštěvník
Návštěvník

Registrován: 29 zář 2007 22:48
Příspěvky: 105
Jojo, počítač je rychlejší.
Dík!


Nahoru
 Profil  
 
PříspěvekNapsal: 12 kvě 2019 20:01 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 109892
Bydliště: Plzeň
Rádo se stalo! :)

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
 
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Toto téma je zamknuté. Nemůžete posílat nové příspěvky ani odpovídat na starší.  [ Příspěvků: 11 ] 

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: Žádní registrovaní uživatelé


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Přispějete na provoz fóra?