Zde ještě prosím o kontrolu logu.Děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.04.2019 01
Ran by Administrator (administrator) on ASUS-PC (ASUSTeK Computer Inc. K52De) (20-04-2019 19:27:11)
Running from C:\Users\Administrator\Desktop
Loaded Profiles: Administrator (Available Profiles: Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-20] (Google LLC -> Google Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1E9F5168-73D9-4F60-8B4D-2DFA99376DC1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google LLC)
Task: {28BB40E3-4A9C-44C0-8713-495125A977CB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {43048B62-A6C6-41A1-BD89-154994BDDB02} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C382F37D-F7AE-4442-AB71-DA3EFE7A6F36} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google LLC)
Task: {D42200B9-1AD3-48A8-8A19-FC31BE372057} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
Task: {F3B8FCFD-98D8-484E-8751-60E080F87D13} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CD47C9C2-C2A4-4782-B695-0D958DDE998D}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-20] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-20] (Google Inc -> Google LLC)
Chrome:
=======
CHR HomePage: Default -> hxxp://
www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://
www.seznam.cz/"
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2019-04-20]
CHR Extension: (Disk Google) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-20]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-20]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-20]
CHR Extension: (Chrome Media Router) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-20]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [202752 2010-04-06] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6659072 2010-04-06] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [195584 2010-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2753536 2011-06-27] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [104976 2016-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [172760 2019-04-20] (Broadcom Corporation -> Broadcom Corporation.)
R3 btwampfl; C:\Windows\System32\DRIVERS\btwampfl.sys [600280 2019-04-20] (Broadcom Corporation -> Broadcom Corporation.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-04-20] (Martin Malik - REALiX -> REALiX(tm))
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] (SONIX TECHNOLOGY CO. , LTD -> )
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-20 19:27 - 2019-04-20 19:28 - 000009884 _____ C:\Users\Administrator\Desktop\FRST.txt
2019-04-20 19:27 - 2019-04-20 19:27 - 000000000 ____D C:\FRST
2019-04-20 19:27 - 2019-04-20 19:26 - 002434048 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe
2019-04-20 17:14 - 2019-04-20 17:15 - 000000000 ____D C:\ProgramData\ASUS
2019-04-20 17:13 - 2019-04-20 17:15 - 000003918 _____ C:\Windows\System32\Tasks\Update Checker
2019-04-20 17:12 - 2019-04-20 17:12 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2019-04-20 17:12 - 2019-04-20 17:12 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-04-20 17:12 - 2019-04-20 17:12 - 000000000 ____D C:\Program Files\MSBuild
2019-04-20 17:12 - 2019-04-20 17:12 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-04-20 17:12 - 2019-04-20 17:12 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-04-20 16:47 - 2019-04-20 16:48 - 000000000 ___HD C:\Program Files (x86)\Temp
2019-04-20 16:41 - 2019-04-20 16:42 - 000000000 ____D C:\Users\Administrator\Documents\GTA San Andreas User Files
2019-04-20 16:41 - 2019-04-20 16:41 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2019-04-20 16:40 - 2019-04-20 16:40 - 000001101 _____ C:\Users\Administrator\Desktop\GTA.lnk
2019-04-20 16:32 - 2019-04-20 16:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-04-20 16:32 - 2019-04-20 16:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2019-04-20 16:32 - 2019-04-20 16:32 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2019-04-20 16:25 - 2019-04-20 16:33 - 000000000 ____D C:\Dokumenty
2019-04-20 16:13 - 2019-04-20 16:47 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2019-04-20 16:13 - 2019-04-20 16:37 - 000003182 _____ C:\Windows\System32\Tasks\RtHDVBg_ListenToDevice
2019-04-20 16:13 - 2019-04-20 16:13 - 000000000 ____D C:\Windows\system32\SRSLabs
2019-04-20 16:13 - 2019-04-20 16:13 - 000000000 ____D C:\Program Files\Realtek
2019-04-20 15:52 - 2019-04-20 15:54 - 000002824 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-04-20 15:52 - 2019-04-20 15:53 - 000000000 ____D C:\Program Files\CCleaner
2019-04-20 15:52 - 2019-04-20 15:52 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-04-20 15:52 - 2019-04-20 15:52 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-04-20 15:52 - 2019-04-20 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-04-20 15:30 - 2019-04-20 15:30 - 000000000 ____D C:\AdwCleaner
2019-04-20 15:30 - 2019-04-19 20:58 - 007025360 _____ (Malwarebytes) C:\Users\Administrator\Desktop\adwcleaner_7.3.exe
2019-04-20 15:24 - 2019-04-20 15:24 - 000001306 _____ C:\Users\Public\Desktop\Skype.lnk
2019-04-20 15:24 - 2019-04-20 15:24 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Skype
2019-04-20 15:24 - 2019-04-20 15:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-04-20 15:20 - 2019-04-20 16:05 - 000000000 ____D C:\Windows\Panther
2019-04-20 15:20 - 2019-04-20 15:20 - 000008192 __RSH C:\BOOTSECT.BAK
2019-04-20 15:20 - 2010-11-21 05:23 - 000383786 __RSH C:\bootmgr
2019-04-20 15:08 - 2019-04-20 15:08 - 000600280 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwampfl.sys
2019-04-20 15:08 - 2019-04-20 15:08 - 000172760 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\bcbtums.sys
2019-04-20 15:06 - 2019-04-20 15:06 - 000203352 _____ (JMicron Technology Corporation) C:\Windows\SysWOW64\jmcricon.dll
2019-04-20 15:06 - 2019-04-20 15:06 - 000203352 _____ (JMicron Technology Corporation) C:\Windows\system32\jmcricon.dll
2019-04-20 15:06 - 2019-04-20 15:06 - 000176880 _____ (JMicron Technology Corporation) C:\Windows\system32\Drivers\jmcr.sys
2019-04-20 15:06 - 2019-04-20 15:06 - 000145424 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\JME.sys
2019-04-20 15:03 - 2019-04-20 15:03 - 000015928 _____ (ASUS) C:\Windows\system32\Drivers\ATK64AMD.sys
2019-04-20 14:59 - 2019-04-20 15:14 - 000000000 ____D C:\ProgramData\ProductData
2019-04-20 14:57 - 2019-04-20 14:57 - 000027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2019-04-20 14:56 - 2019-04-20 15:30 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\IObit
2019-04-20 14:55 - 2019-04-20 14:55 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\WinRAR
2019-04-20 14:54 - 2019-04-20 14:55 - 000000000 ____D C:\Program Files\WinRAR
2019-04-20 14:54 - 2019-04-20 14:54 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-04-20 14:54 - 2019-04-20 14:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-04-20 14:51 - 2014-05-14 18:23 - 002477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-04-20 14:51 - 2014-05-14 18:23 - 000058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2019-04-20 14:51 - 2014-05-14 18:23 - 000044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-04-20 14:51 - 2014-05-14 18:21 - 002620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2019-04-20 14:50 - 2014-05-14 09:23 - 000198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2019-04-20 14:50 - 2014-05-14 09:23 - 000179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2019-04-20 14:50 - 2014-05-14 09:20 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2019-04-20 14:50 - 2014-05-14 09:17 - 000033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2019-04-20 14:48 - 2019-04-20 14:48 - 000000753 _____ C:\Users\Administrator\Desktop\Stažené soubory.lnk
2019-04-20 14:42 - 2019-04-20 14:42 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Google
2019-04-20 14:41 - 2019-04-20 14:58 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2019-04-20 14:41 - 2019-04-20 14:41 - 000002296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-20 14:41 - 2019-04-20 14:41 - 000002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-20 14:40 - 2019-04-20 15:54 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-20 14:40 - 2019-04-20 15:54 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-20 14:40 - 2019-04-20 14:41 - 000000000 ____D C:\Program Files (x86)\Google
2019-04-20 14:39 - 2019-04-20 14:39 - 000057560 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2019-04-20 14:38 - 2019-04-20 14:38 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\ATI
2019-04-20 14:38 - 2019-04-20 14:38 - 000000000 ____D C:\Users\Administrator\AppData\Local\ATI
2019-04-20 14:38 - 2019-04-20 14:38 - 000000000 ____D C:\ProgramData\ATI
2019-04-20 14:38 - 2019-04-20 14:38 - 000000000 _____ C:\Windows\ativpsrm.bin
2019-04-20 14:36 - 2019-04-20 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2019-04-20 14:35 - 2019-04-20 14:35 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2019-04-20 14:34 - 2019-04-20 14:36 - 000000000 ____D C:\Program Files\ATI Technologies
2019-04-20 14:34 - 2019-04-20 14:34 - 000000000 ____D C:\Program Files\ATI
2019-04-20 14:32 - 2019-04-20 14:32 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2019-04-20 14:32 - 2019-04-20 14:32 - 000000000 _SHDL C:\Users\Administrator\Šablony
2019-04-20 14:32 - 2019-04-20 14:32 - 000000000 _SHDL C:\Users\Administrator\Soubory cookie
2019-04-20 14:32 - 2019-04-20 14:32 - 000000000 _SHDL C:\Users\Administrator\Poslední
2019-04-20 14:32 - 2019-04-20 14:32 - 000000000 _SHDL C:\Users\Administrator\Okolní tiskárny
2019-04-20 14:32 - 2019-04-20 14:32 - 000000000 _SHDL C:\Users\Administrator\Okolní síť
2019-04-20 14:32 - 2019-04-20 14:32 - 000000000 _SHDL C:\Users\Administrator\Nabídka Start
2019-04-20 14:32 - 2019-04-20 14:32 - 000000000 _SHDL C:\Users\Administrator\Dokumenty
2019-04-20 14:32 - 2019-04-20 14:32 - 000000000 _SHDL C:\Users\Administrator\Documents\Obrázky
2019-04-20 14:32 - 2019-04-20 14:32 - 000000000 _SHDL C:\Users\Administrator\Documents\Hudba
2019-04-20 14:32 - 2019-04-20 14:32 - 000000000 _SHDL C:\Users\Administrator\Documents\Filmy
2019-04-20 14:32 - 2019-04-20 14:32 - 000000000 _SHDL C:\Users\Administrator\Data aplikací
2019-04-20 14:32 - 2019-04-20 14:32 - 000000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-04-20 14:32 - 2019-04-20 14:32 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Data aplikací
2019-04-20 14:32 - 2019-04-20 14:32 - 000000000 ____D C:\Users\Administrator
2019-04-20 14:32 - 2011-04-12 10:45 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Media Center Programs
2019-04-20 14:32 - 2009-07-14 06:49 - 000000262 _____ C:\Users\Administrator\Desktop\Run.lnk
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\Users\Default\Šablony
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\Users\Default\Poslední
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\Users\Default\Okolní síť
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\Users\Default\Dokumenty
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\Users\Default\Data aplikací
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\ProgramData\Šablony
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\ProgramData\Plocha
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\ProgramData\Oblíbené položky
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\ProgramData\Dokumenty
2019-04-20 14:28 - 2019-04-20 14:28 - 000000000 _SHDL C:\ProgramData\Data aplikací
2019-04-20 14:24 - 2019-04-20 14:24 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-20 19:27 - 2009-07-14 06:45 - 000021648 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-20 19:27 - 2009-07-14 06:45 - 000021648 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-20 19:25 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-20 17:40 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-04-20 17:13 - 2011-04-12 10:34 - 000601770 _____ C:\Windows\system32\perfh005.dat
2019-04-20 17:13 - 2011-04-12 10:34 - 000110620 _____ C:\Windows\system32\perfc005.dat
2019-04-20 15:20 - 2009-07-14 07:32 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2019-04-20 15:08 - 2009-07-14 07:13 - 001299330 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-20 14:45 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-04-20 14:45 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files\DVD Maker
2019-04-20 14:45 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\spool
2019-04-20 14:45 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-04-20 14:34 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2019-04-20 14:28 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2019-04-20 14:28 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Windows NT
2019-04-20 14:25 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\sysprep
2019-04-20 14:21 - 2009-07-14 06:45 - 000274736 _____ C:\Windows\system32\FNTCACHE.DAT
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-04-20 14:21
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.04.2019 01
Ran by Administrator (20-04-2019 19:28:43)
Running from C:\Users\Administrator\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2019-04-20 12:28:17)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4261021004-3841110628-728329883-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-4261021004-3841110628-728329883-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ATI Catalyst Install Manager (HKLM\...\{401D3422-5349-F819-D294-01CA297CB9E0}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
ccc-core-static (HKLM-x32\...\{F7E4CA44-6117-E28D-A93D-7CE7CEB7E54F}) (Version: 2010.0406.2133.36843 - Název společnosti:) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.56 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Skype verze 8.43 (HKLM-x32\...\Skype_is1) (Version: 8.43 - Skype Technologies S.A.)
USB 2.0 VGA UVC WebCam (HKLM\...\USB 2.0 VGA UVC WebCam) (Version: - )
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-04-06] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) ==============
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4261021004-3841110628-728329883-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{555B41CE-F5E0-4B46-8ACA-B16997E4C3E7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{41E1F999-8DE3-42EA-80D3-B4A03FEB9F31}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{67AE6BB9-FC13-4F86-860F-6A217489C54C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/20/2019 07:26:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
CodeIntegrity:
===================================
Date: 2019-04-20 16:30:59.484
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-04-20 16:30:59.484
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-04-20 16:16:41.812
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-04-20 16:16:41.797
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-04-20 16:14:08.681
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-04-20 16:14:08.680
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD Athlon(tm) II P360 Dual-Core Processor
Percentage of memory in use: 87%
Total physical RAM: 4093.82 MB
Available physical RAM: 517.34 MB
Total Virtual: 8185.85 MB
Available Virtual: 4484.36 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.08 GB) (Free:75.46 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DOKUMENTY) (Fixed) (Total:498.51 GB) (Free:458.91 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 1B64FBCC)
Partition 1: (Active) - (Size=97.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=498.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================