VIRY.CZ

Dobrý den, mohu požádat o pomoc? Počítač mi zamrzá, prostě najednou nehnu s kurzorem, myš jde, když přepnu na touchpad taky to nejde, musím ho natvrdo vypnout, stává se to čím dál častěji.. Stáhla jsem si hijackthis, vložím tam log a nezkontroluje to, hláška že došlo k neznámé chybě, podle mě to tam něco nepustí? Nevím co s tím.. Upozorňuji že jsem blond a ještě k tomu lama děkuji moc

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:10:12, on 12.05.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Users\Marie\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Marie\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Marie\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [com.squirrel.WhatsApp.WhatsApp] C:\Users\Marie\AppData\Local\WhatsApp\Update.exe --processStart "WhatsApp.exe"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4957d1e99ab1a11a\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4957d1e99ab1a11a\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.131\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem2.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4957d1e99ab1a11a\igfxCUIService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 7181 bytes

Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . HijackThis je už dávno za zenitem.

Děkuji moc, přikládám soubor (samozřejmě že mi to zas zamrzlo).
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-05.2019
Ran by Marie (administrator) on DESKTOP-3GLQ4E6 (LENOVO 80TG) (12-05-2019 18:46:05)
Running from C:\Users\Marie\Desktop
Loaded Profiles: Marie (Available Profiles: defaultuser0 & Marie)
Platform: Windows 10 Home Version 1803 17134.706 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4957d1e99ab1a11a\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4957d1e99ab1a11a\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4957d1e99ab1a11a\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4957d1e99ab1a11a\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Marie\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.1.55.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\$WINDOWS.~BT\Sources\setuphost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\bc2f6ab7a1cca483c1e4facf8fc607f5\WindowsUpdateBox.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\Marie\AppData\Local\WhatsApp\app-0.3.2848\WhatsApp.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\Marie\AppData\Local\WhatsApp\app-0.3.2848\WhatsApp.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\Marie\AppData\Local\WhatsApp\app-0.3.2848\WhatsApp.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\Marie\AppData\Local\WhatsApp\app-0.3.2848\WhatsApp.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18242048 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4011732912-2476353102-880969235-1002\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\Marie\AppData\Local\WhatsApp\Update.exe [2206640 2019-04-17] (WhatsApp, Inc -> )
HKU\S-1-5-21-4011732912-2476353102-880969235-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.131\Installer\chrmstp.exe [2019-05-03] (Google LLC -> Google Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C1B8E25-F817-4B75-A078-136A3F566437} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-24] (Google Inc -> Google Inc.)
Task: {1D1C88F4-FC07-4615-9EC7-B4A5393E3F89} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {569DB06A-B6B6-4C3B-81FD-C295EE222C5E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2380088 2019-04-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {58332239-9317-4DB0-9BE0-2A744EB00E18} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13769584 2018-09-19] (Piriform Ltd -> Piriform Ltd)
Task: {7420DEDE-45D8-4516-B36E-479CB9A7130E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {844B0184-49D4-455E-87C1-E2BBFA5F9613} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {96D0C025-0DC0-4C89-9520-FF9D27E5F82F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-24] (Google Inc -> Google Inc.)
Task: {F29C6C9A-2D10-4D4D-9623-AB1515545B11} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2925960 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3007b1f3-e479-4cf2-ad3b-ef71e79de853}: [DhcpNameServer] 10.5.9.1 62.201.16.252 62.201.16.251
Tcpip\..\Interfaces\{e2390cf9-8abb-40ad-bf10-439129de68ad}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://mail.google.com/mail/?shva=1#inbox
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/?shva=1#inbox","hxxp://www.google.com","hxxp://www.oursurfing.com/?type=hp&ts=1438236677&z=6d01ef18bf8c5854786759dgazfc5bdo3c5q1qab2o&from=exp1&uid=HitachiXHTS545025B9A300_091207PBG2061SJ36JHXX"
CHR Profile: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default [2019-05-12]
CHR Extension: (Překladač Google) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-12-24]
CHR Extension: (Prezentace) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-24]
CHR Extension: (Dokumenty) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-24]
CHR Extension: (Disk Google) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-24]
CHR Extension: (Embed WMPlayer inline) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bamkbfdmckphehgiafpenehgebjgdlli [2017-12-24]
CHR Extension: (YouTube) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-24]
CHR Extension: (Adobe Acrobat) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-04-05]
CHR Extension: (Box) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2017-12-24]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2017-12-24]
CHR Extension: (Surf Canyon) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ennflnaebogjainllkhndcpafcgechbb [2017-12-24]
CHR Extension: (Tabulky) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-24]
CHR Extension: (Cloud SWF Player with Drive) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffhhaadihgfcgmlefioblaahpnglnkbk [2017-12-28]
CHR Extension: (History Button) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fofpnhmbgmmeaialapfddhbhfongoinh [2017-12-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-05]
CHR Extension: (WAV Player for Gmail™) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpioniioecjjbhbnnbhcifmgmoiibalo [2017-12-24]
CHR Extension: (World of Solitaire) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbnllnaaaohekjkcpfdllhhjijnidgn [2017-12-24]
CHR Extension: (Online Excel Viewer And Editor) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfgpilnjecbpekgkfjlampemiloaencd [2018-02-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Prohlížeč dokumentů ve formátu PDF/PowerPoint (od společnosti Google)) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2017-12-24]
CHR Extension: (Hover Zoom) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2019-05-02]
CHR Extension: (Gmail) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-08]
CHR Profile: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-05-11]
CHR Profile: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-11]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [134872 2017-11-02] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515232 2017-06-22] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\NisSrv.exe [3847376 2018-10-05] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MsMpEng.exe [114200 2018-10-05] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-10-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [254128 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196000 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320624 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57888 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [257832 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166848 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1031000 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [476776 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [220640 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385848 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [244720 2017-06-22] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8623128 2018-04-04] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [413912 2016-02-04] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3150336 2017-02-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46184 2018-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [352424 2018-10-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60584 2018-10-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-12 18:46 - 2019-05-12 18:48 - 000019593 _____ C:\Users\Marie\Desktop\FRST.txt
2019-05-12 18:45 - 2019-05-12 18:46 - 000000000 ____D C:\FRST
2019-05-12 18:40 - 2019-05-12 18:41 - 002430976 _____ (Farbar) C:\Users\Marie\Desktop\FRST64.exe
2019-05-07 09:09 - 2019-05-07 09:09 - 000000000 ____D C:\Users\Marie\AppData\Local\ESET
2019-05-04 12:29 - 2019-05-04 13:33 - 1158608280 _____ C:\Users\Marie\Downloads\Zázraky přírody 19-5-18 Vano.ts
2019-04-25 07:26 - 2019-04-25 07:25 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-04-23 11:27 - 2019-04-23 11:27 - 000032825 _____ C:\Users\Marie\Documents\Potvrzeni_o_vysi_pracovniho_prijmu.pdf
2019-04-20 18:36 - 2019-04-20 18:36 - 000039764 _____ C:\Users\Marie\Documents\ZUSPVY.pdf
2019-04-19 08:16 - 2019-04-19 08:16 - 000000000 _____ C:\WINDOWS\system32\last.dump
2019-04-12 18:29 - 2019-04-25 07:36 - 000000077 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-12 18:39 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-12 18:32 - 2018-06-24 06:27 - 000000000 ____D C:\Users\Marie\AppData\Roaming\WhatsApp
2019-05-12 18:28 - 2018-05-23 08:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-12 18:28 - 2017-12-18 19:05 - 000000000 __SHD C:\Users\Marie\IntelGraphicsProfiles
2019-05-12 18:13 - 2018-09-15 19:59 - 000000000 ___HD C:\$WINDOWS.~BT
2019-05-12 17:54 - 2018-05-23 09:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-12 17:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Registration
2019-05-12 17:44 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-05-12 17:43 - 2018-05-23 09:04 - 000013338 _____ C:\WINDOWS\diagwrn.xml
2019-05-12 17:43 - 2018-05-23 09:04 - 000013338 _____ C:\WINDOWS\diagerr.xml
2019-05-12 17:09 - 2017-12-18 19:05 - 000000000 ____D C:\Users\Marie\AppData\Local\VirtualStore
2019-05-12 16:16 - 2018-05-22 19:52 - 000000000 ___DC C:\WINDOWS\Panther
2019-05-12 15:11 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-12 08:31 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-12 08:21 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-11 19:16 - 2018-12-04 23:42 - 000000000 ____D C:\Users\Marie\AppData\Local\CrashDumps
2019-05-11 19:03 - 2018-10-15 19:52 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-05-11 19:03 - 2018-05-23 09:04 - 000002852 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4011732912-2476353102-880969235-500
2019-05-11 19:02 - 2018-10-15 19:48 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-05-11 19:02 - 2018-10-15 19:48 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-05-11 19:02 - 2018-05-23 09:04 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-05-11 19:02 - 2018-05-23 09:04 - 000003398 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-11 19:02 - 2018-05-23 09:04 - 000003174 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-11 19:02 - 2018-05-23 09:04 - 000002858 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4011732912-2476353102-880969235-1002
2019-05-08 14:57 - 2018-05-23 08:48 - 000002361 _____ C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-08 14:57 - 2017-12-24 19:01 - 000000000 ___RD C:\Users\Marie\OneDrive
2019-05-03 15:46 - 2017-12-24 19:10 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-03 06:34 - 2018-10-15 19:52 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-05-02 18:39 - 2017-12-26 17:13 - 000000000 ____D C:\Users\Marie\AppData\Local\Packages
2019-04-25 07:36 - 2018-10-15 19:51 - 000476776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-04-25 07:36 - 2018-10-15 19:51 - 000385848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-04-25 07:26 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-25 07:25 - 2019-02-25 08:30 - 000257832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-04-25 07:25 - 2019-01-14 16:38 - 000254128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-04-25 07:25 - 2019-01-08 17:34 - 000320624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-04-25 07:25 - 2019-01-08 17:34 - 000196000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-04-25 07:25 - 2019-01-08 17:34 - 000057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-04-25 07:25 - 2019-01-08 17:34 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-04-25 07:25 - 2018-10-15 19:51 - 001031000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-04-25 07:25 - 2018-10-15 19:51 - 000220640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-04-25 07:25 - 2018-10-15 19:51 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-04-25 07:25 - 2018-10-15 19:51 - 000166848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-04-25 07:25 - 2018-10-15 19:51 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-04-25 07:25 - 2018-10-15 19:51 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-04-25 07:25 - 2018-10-15 19:51 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-04-17 06:58 - 2018-06-24 06:27 - 000000000 ____D C:\Users\Marie\AppData\Local\WhatsApp

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05.2019
Ran by Marie (12-05-2019 18:49:40)
Running from C:\Users\Marie\Desktop
Windows 10 Home Version 1803 17134.706 (X64) (2018-05-23 07:05:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4011732912-2476353102-880969235-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4011732912-2476353102-880969235-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-4011732912-2476353102-880969235-1001 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-4011732912-2476353102-880969235-501 - Limited - Disabled)
Marie (S-1-5-21-4011732912-2476353102-880969235-1002 - Administrator - Enabled) => C:\Users\Marie
WDAGUtilityAccount (S-1-5-21-4011732912-2476353102-880969235-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform)
Express Courier Beta verze 0.5.0 (HKLM-x32\...\{56224C24-4579-4A63-80E2-18284A0990F7}_is1) (Version: 0.5.0 - Simopt, s.r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.131 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Microsoft OneDrive (HKU\S-1-5-21-4011732912-2476353102-880969235-1002\...\OneDriveSetup.exe) (Version: 19.062.0331.0006 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
SMPlayer 18.2.2 (x64) (HKLM\...\SMPlayer) (Version: 18.2.2 - Ricardo Villalba)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
WhatsApp (HKU\S-1-5-21-4011732912-2476353102-880969235-1002\...\WhatsApp) (Version: 0.3.2848 - WhatsApp)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4957d1e99ab1a11a\igfxDTCM.dll [2016-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-05-12 18:32 - 2019-05-12 18:32 - 000497152 _____ () [File not signed] \\?\C:\Users\Marie\AppData\Local\Temp\a9739ad8-9014-41ea-af9a-b191c5505d7d.tmp.node
2019-05-12 18:31 - 2019-05-12 18:31 - 000497152 _____ () [File not signed] \\?\C:\Users\Marie\AppData\Local\Temp\ac23c154-f57e-4151-bc9b-c8c670b2dfc4.tmp.node
2018-02-20 17:16 - 2018-01-28 17:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2019-01-04 13:43 - 000000828 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4011732912-2476353102-880969235-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{620E11EF-27D7-4863-8C34-B6163ED76D25}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{3FA4FE17-6662-4F7B-8CDC-C168B02EE917}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A14C94AF-210F-4E1D-8E77-41A8F0731C8F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

25-04-2019 11:31:04 Naplánovaný kontrolní bod
02-05-2019 22:50:09 Naplánovaný kontrolní bod
12-05-2019 15:54:23 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/12/2019 06:33:31 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3GLQ4E6)
Description: httphttp-2147467263

Error: (05/12/2019 04:50:13 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3GLQ4E6)
Description: httphttp-2147467263

Error: (05/12/2019 03:54:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (05/12/2019 02:56:14 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3GLQ4E6)
Description: httphttp-2147467263

Error: (05/12/2019 02:32:17 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3GLQ4E6)
Description: httphttp-2147467263

Error: (05/12/2019 02:04:33 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3GLQ4E6)
Description: httphttp-2147467263

Error: (05/12/2019 08:49:22 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3GLQ4E6)
Description: httphttp-2147467263

Error: (05/12/2019 08:32:56 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3GLQ4E6)
Description: httphttp-2147467263


System errors:
=============
Error: (05/12/2019 06:33:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/12/2019 06:31:00 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-3GLQ4E6)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-3GLQ4E6\Marie (SID: S-1-5-21-4011732912-2476353102-880969235-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/12/2019 06:28:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/12/2019 06:28:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/12/2019 06:28:56 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/12/2019 05:54:45 PM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.

Error: (05/12/2019 05:54:54 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (17:25:33, ‎12.‎05.‎2019) bylo neočekávané.

Error: (05/12/2019 05:36:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2018-07-10 13:50:53.147
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8BCCC586-8FB6-46B4-81E4-FEB9FB364E58}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-07-09 11:09:40.540
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {713220A7-A9BA-47F9-B8BD-72A6B3D810D9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-07-05 21:04:17.902
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {E674A6D1-3952-4D07-9590-C32186DA2426}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-07-05 20:28:08.625
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {38A3995B-D8EC-4786-9BFE-14E8EC4DCE0C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-06-21 17:41:23.700
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {879EECC6-8CAF-42B9-A773-A7909688B9BC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-10-05 10:43:18.848
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.

Date: 2018-10-05 10:39:04.055
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.273.1270.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.

Date: 2018-10-05 10:39:04.053
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.273.1270.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.

Date: 2018-07-11 17:14:34.064
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

==================== Memory info ===========================

BIOS: LENOVO LENOVO - 3 02/10/2017
Motherboard: LENOVO Lenovo V110-15IAP
Processor: Intel(R) Celeron(R) CPU N3350 @ 1.10GHz
Percentage of memory in use: 88%
Total physical RAM: 3371.6 MB
Available physical RAM: 398.13 MB
Total Virtual: 6443.6 MB
Available Virtual: 3282.29 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.48 GB) (Free:391.53 GB) NTFS

\\?\Volume{0dafbf70-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{0dafbf70-0000-0000-0000-303e74000000}\ () (Fixed) (Total:0.79 GB) (Free:0.33 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0DAFBF70)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=807 MB) - (Type=27)

==================== End of Addition.txt ============================

OK. Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Strašně moooooc děkuju
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-13-2019
# Duration: 00:00:06
# OS: Windows 10 Home
# Cleaned: 3
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Hover Zoom

***** [ Chromium URLs ] *****

Deleted http://www.oursurfing.com/?type=hp&ts=1 ... 61SJ36JHXX
Deleted oursurfing

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1452 octets] - [13/05/2019 08:01:12]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Dejte ještě nové logy FRST+Addition.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05.2019
Ran by Marie (13-05-2019 10:19:46)
Running from C:\Users\Marie\Desktop
Windows 10 Home Version 1803 17134.706 (X64) (2018-05-23 07:05:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4011732912-2476353102-880969235-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4011732912-2476353102-880969235-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-4011732912-2476353102-880969235-1001 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-4011732912-2476353102-880969235-501 - Limited - Disabled)
Marie (S-1-5-21-4011732912-2476353102-880969235-1002 - Administrator - Enabled) => C:\Users\Marie
WDAGUtilityAccount (S-1-5-21-4011732912-2476353102-880969235-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform)
Express Courier Beta verze 0.5.0 (HKLM-x32\...\{56224C24-4579-4A63-80E2-18284A0990F7}_is1) (Version: 0.5.0 - Simopt, s.r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.131 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Microsoft OneDrive (HKU\S-1-5-21-4011732912-2476353102-880969235-1002\...\OneDriveSetup.exe) (Version: 19.062.0331.0006 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
SMPlayer 18.2.2 (x64) (HKLM\...\SMPlayer) (Version: 18.2.2 - Ricardo Villalba)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
WhatsApp (HKU\S-1-5-21-4011732912-2476353102-880969235-1002\...\WhatsApp) (Version: 0.3.2848 - WhatsApp)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4957d1e99ab1a11a\igfxDTCM.dll [2016-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-05-13 10:03 - 2019-05-13 10:03 - 000497152 _____ () [File not signed] \\?\C:\Users\Marie\AppData\Local\Temp\03a0f347-0fee-4d00-8d02-6221adf03fa9.tmp.node
2019-05-13 10:03 - 2019-05-13 10:03 - 000497152 _____ () [File not signed] \\?\C:\Users\Marie\AppData\Local\Temp\5abd5169-36a4-4411-92cb-171aee74d25c.tmp.node
2018-02-20 17:16 - 2018-01-28 17:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2019-01-04 13:43 - 000000828 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4011732912-2476353102-880969235-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{620E11EF-27D7-4863-8C34-B6163ED76D25}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{3FA4FE17-6662-4F7B-8CDC-C168B02EE917}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A14C94AF-210F-4E1D-8E77-41A8F0731C8F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

25-04-2019 11:31:04 Naplánovaný kontrolní bod
02-05-2019 22:50:09 Naplánovaný kontrolní bod
12-05-2019 15:54:23 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/13/2019 10:04:11 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3GLQ4E6)
Description: httphttp-2147467263

Error: (05/13/2019 09:27:30 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3GLQ4E6)
Description: httphttp-2147467263

Error: (05/13/2019 08:47:41 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3GLQ4E6)
Description: httphttp-2147467263

Error: (05/13/2019 08:24:06 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3GLQ4E6)
Description: httphttp-2147467263

Error: (05/13/2019 08:21:47 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3GLQ4E6)
Description: httphttp-2147467263

Error: (05/13/2019 08:11:39 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3GLQ4E6)
Description: httphttp-2147467263

Error: (05/13/2019 07:46:37 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3GLQ4E6)
Description: httphttp-2147467263

Error: (05/12/2019 07:42:36 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3GLQ4E6)
Description: httphttp-2147467263


System errors:
=============
Error: (05/13/2019 10:06:21 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/13/2019 10:05:17 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-3GLQ4E6)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-3GLQ4E6\Marie (SID: S-1-5-21-4011732912-2476353102-880969235-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/13/2019 10:02:21 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/13/2019 10:02:21 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/13/2019 10:02:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/13/2019 10:01:24 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.

Error: (05/13/2019 10:01:45 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (9:58:57, ‎13.‎05.‎2019) bylo neočekávané.

Error: (05/13/2019 09:20:44 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-3GLQ4E6)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-3GLQ4E6\Marie (SID: S-1-5-21-4011732912-2476353102-880969235-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2018-07-10 13:50:53.147
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8BCCC586-8FB6-46B4-81E4-FEB9FB364E58}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-07-09 11:09:40.540
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {713220A7-A9BA-47F9-B8BD-72A6B3D810D9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-07-05 21:04:17.902
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {E674A6D1-3952-4D07-9590-C32186DA2426}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-07-05 20:28:08.625
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {38A3995B-D8EC-4786-9BFE-14E8EC4DCE0C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-06-21 17:41:23.700
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {879EECC6-8CAF-42B9-A773-A7909688B9BC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-10-05 10:43:18.848
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.

Date: 2018-10-05 10:39:04.055
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.273.1270.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.

Date: 2018-10-05 10:39:04.053
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.273.1270.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15100.1
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.

Date: 2018-07-11 17:14:34.064
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

==================== Memory info ===========================

BIOS: LENOVO LENOVO - 3 02/10/2017
Motherboard: LENOVO Lenovo V110-15IAP
Processor: Intel(R) Celeron(R) CPU N3350 @ 1.10GHz
Percentage of memory in use: 82%
Total physical RAM: 3371.6 MB
Available physical RAM: 602.46 MB
Total Virtual: 6443.6 MB
Available Virtual: 3258.39 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.48 GB) (Free:394.86 GB) NTFS

\\?\Volume{0dafbf70-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{0dafbf70-0000-0000-0000-303e74000000}\ () (Fixed) (Total:0.79 GB) (Free:0.33 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0DAFBF70)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=807 MB) - (Type=27)

==================== End of Addition.txt ============================


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-05.2019
Ran by Marie (administrator) on DESKTOP-3GLQ4E6 (LENOVO 80TG) (13-05-2019 10:16:34)
Running from C:\Users\Marie\Desktop
Loaded Profiles: Marie (Available Profiles: defaultuser0 & Marie)
Platform: Windows 10 Home Version 1803 17134.706 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4957d1e99ab1a11a\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4957d1e99ab1a11a\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4957d1e99ab1a11a\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4957d1e99ab1a11a\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Marie\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\Marie\AppData\Local\WhatsApp\app-0.3.2848\WhatsApp.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\Marie\AppData\Local\WhatsApp\app-0.3.2848\WhatsApp.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\Marie\AppData\Local\WhatsApp\app-0.3.2848\WhatsApp.exe
(WhatsApp, Inc -> WhatsApp) C:\Users\Marie\AppData\Local\WhatsApp\app-0.3.2848\WhatsApp.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18242048 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489408 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4011732912-2476353102-880969235-1002\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\Marie\AppData\Local\WhatsApp\Update.exe [2206640 2019-04-17] (WhatsApp, Inc -> )
HKU\S-1-5-21-4011732912-2476353102-880969235-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.131\Installer\chrmstp.exe [2019-05-03] (Google LLC -> Google Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C1B8E25-F817-4B75-A078-136A3F566437} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-24] (Google Inc -> Google Inc.)
Task: {1D1C88F4-FC07-4615-9EC7-B4A5393E3F89} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {569DB06A-B6B6-4C3B-81FD-C295EE222C5E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2380088 2019-04-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {58332239-9317-4DB0-9BE0-2A744EB00E18} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13769584 2018-09-19] (Piriform Ltd -> Piriform Ltd)
Task: {7420DEDE-45D8-4516-B36E-479CB9A7130E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {844B0184-49D4-455E-87C1-E2BBFA5F9613} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {96D0C025-0DC0-4C89-9520-FF9D27E5F82F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-24] (Google Inc -> Google Inc.)
Task: {F29C6C9A-2D10-4D4D-9623-AB1515545B11} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2925960 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3007b1f3-e479-4cf2-ad3b-ef71e79de853}: [DhcpNameServer] 10.5.9.1 62.201.16.252 62.201.16.251
Tcpip\..\Interfaces\{e2390cf9-8abb-40ad-bf10-439129de68ad}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://mail.google.com/mail/?shva=1#inbox
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/?shva=1#inbox","hxxp://www.google.com","hxxp://www.oursurfing.com/?type=hp&ts=1438236677&z=6d01ef18bf8c5854786759dgazfc5bdo3c5q1qab2o&from=exp1&uid=HitachiXHTS545025B9A300_091207PBG2061SJ36JHXX","hxxps://www.google.com/"
CHR Profile: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default [2019-05-13]
CHR Extension: (Překladač Google) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-12-24]
CHR Extension: (Prezentace) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-24]
CHR Extension: (Dokumenty) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-24]
CHR Extension: (Disk Google) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-24]
CHR Extension: (Embed WMPlayer inline) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bamkbfdmckphehgiafpenehgebjgdlli [2017-12-24]
CHR Extension: (YouTube) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-24]
CHR Extension: (Adobe Acrobat) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-04-05]
CHR Extension: (Box) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2017-12-24]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2017-12-24]
CHR Extension: (Surf Canyon) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ennflnaebogjainllkhndcpafcgechbb [2017-12-24]
CHR Extension: (Tabulky) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-24]
CHR Extension: (Cloud SWF Player with Drive) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffhhaadihgfcgmlefioblaahpnglnkbk [2017-12-28]
CHR Extension: (History Button) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fofpnhmbgmmeaialapfddhbhfongoinh [2017-12-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-05]
CHR Extension: (WAV Player for Gmail™) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpioniioecjjbhbnnbhcifmgmoiibalo [2017-12-24]
CHR Extension: (World of Solitaire) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbnllnaaaohekjkcpfdllhhjijnidgn [2017-12-24]
CHR Extension: (Online Excel Viewer And Editor) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfgpilnjecbpekgkfjlampemiloaencd [2018-02-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Prohlížeč dokumentů ve formátu PDF/PowerPoint (od společnosti Google)) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2017-12-24]
CHR Extension: (Hover Zoom) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2019-05-13]
CHR Extension: (Gmail) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-08]
CHR Profile: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-05-11]
CHR Profile: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-11]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [134872 2017-11-02] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515232 2017-06-22] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\NisSrv.exe [3847376 2018-10-05] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MsMpEng.exe [114200 2018-10-05] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-10-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [254128 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196000 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320624 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57888 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [257832 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166848 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1031000 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [476776 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [220640 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385848 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [244720 2017-06-22] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8623128 2018-04-04] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [413912 2016-02-04] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3150336 2017-02-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46184 2018-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [352424 2018-10-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60584 2018-10-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-13 10:16 - 2019-05-13 10:18 - 000019478 _____ C:\Users\Marie\Desktop\FRST.txt
2019-05-13 07:59 - 2019-05-13 08:01 - 000000000 ____D C:\AdwCleaner
2019-05-13 07:58 - 2019-05-13 07:58 - 007025360 _____ (Malwarebytes) C:\Users\Marie\Desktop\adwcleaner_7.3.exe
2019-05-12 18:45 - 2019-05-13 10:16 - 000000000 ____D C:\FRST
2019-05-12 18:40 - 2019-05-12 18:41 - 002430976 _____ (Farbar) C:\Users\Marie\Desktop\FRST64.exe
2019-05-07 09:09 - 2019-05-07 09:09 - 000000000 ____D C:\Users\Marie\AppData\Local\ESET
2019-05-04 12:29 - 2019-05-04 13:33 - 1158608280 _____ C:\Users\Marie\Downloads\Zázraky přírody 19-5-18 Vano.ts
2019-04-25 07:26 - 2019-04-25 07:25 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-04-23 11:27 - 2019-04-23 11:27 - 000032825 _____ C:\Users\Marie\Documents\Potvrzeni_o_vysi_pracovniho_prijmu.pdf
2019-04-20 18:36 - 2019-04-20 18:36 - 000039764 _____ C:\Users\Marie\Documents\ZUSPVY.pdf
2019-04-19 08:16 - 2019-04-19 08:16 - 000000000 _____ C:\WINDOWS\system32\last.dump

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-13 10:12 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-13 10:03 - 2018-06-24 06:27 - 000000000 ____D C:\Users\Marie\AppData\Roaming\WhatsApp
2019-05-13 10:02 - 2017-12-18 19:05 - 000000000 __SHD C:\Users\Marie\IntelGraphicsProfiles
2019-05-13 10:01 - 2018-05-23 09:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-13 10:01 - 2018-05-23 08:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-13 08:20 - 2018-05-23 08:48 - 000000000 ____D C:\Users\Marie
2019-05-13 08:02 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-05-13 08:02 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-05-13 08:01 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Registration
2019-05-13 07:55 - 2018-09-15 19:59 - 000000000 ___HD C:\$WINDOWS.~BT
2019-05-13 07:54 - 2018-05-23 09:04 - 000017148 _____ C:\WINDOWS\diagwrn.xml
2019-05-13 07:54 - 2018-05-23 09:04 - 000017148 _____ C:\WINDOWS\diagerr.xml
2019-05-12 17:44 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-05-12 17:09 - 2017-12-18 19:05 - 000000000 ____D C:\Users\Marie\AppData\Local\VirtualStore
2019-05-12 16:16 - 2018-05-22 19:52 - 000000000 ___DC C:\WINDOWS\Panther
2019-05-12 15:11 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-12 08:31 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-12 08:21 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-11 19:16 - 2018-12-04 23:42 - 000000000 ____D C:\Users\Marie\AppData\Local\CrashDumps
2019-05-11 19:03 - 2018-10-15 19:52 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-05-11 19:03 - 2018-05-23 09:04 - 000002852 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4011732912-2476353102-880969235-500
2019-05-11 19:02 - 2018-10-15 19:48 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-05-11 19:02 - 2018-10-15 19:48 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-05-11 19:02 - 2018-05-23 09:04 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-05-11 19:02 - 2018-05-23 09:04 - 000003398 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-11 19:02 - 2018-05-23 09:04 - 000003174 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-11 19:02 - 2018-05-23 09:04 - 000002858 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4011732912-2476353102-880969235-1002
2019-05-08 14:57 - 2018-05-23 08:48 - 000002361 _____ C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-08 14:57 - 2017-12-24 19:01 - 000000000 ___RD C:\Users\Marie\OneDrive
2019-05-03 15:46 - 2017-12-24 19:10 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-03 06:34 - 2018-10-15 19:52 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-05-02 18:39 - 2017-12-26 17:13 - 000000000 ____D C:\Users\Marie\AppData\Local\Packages
2019-04-25 07:36 - 2019-04-12 18:29 - 000000077 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2019-04-25 07:36 - 2018-10-15 19:51 - 000476776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-04-25 07:36 - 2018-10-15 19:51 - 000385848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-04-25 07:26 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-25 07:25 - 2019-02-25 08:30 - 000257832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-04-25 07:25 - 2019-01-14 16:38 - 000254128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-04-25 07:25 - 2019-01-08 17:34 - 000320624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-04-25 07:25 - 2019-01-08 17:34 - 000196000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-04-25 07:25 - 2019-01-08 17:34 - 000057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-04-25 07:25 - 2019-01-08 17:34 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-04-25 07:25 - 2018-10-15 19:51 - 001031000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-04-25 07:25 - 2018-10-15 19:51 - 000220640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-04-25 07:25 - 2018-10-15 19:51 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-04-25 07:25 - 2018-10-15 19:51 - 000166848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-04-25 07:25 - 2018-10-15 19:51 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-04-25 07:25 - 2018-10-15 19:51 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-04-25 07:25 - 2018-10-15 19:51 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-04-17 06:58 - 2018-06-24 06:27 - 000000000 ____D C:\Users\Marie\AppData\Local\WhatsApp

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

díky moc

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
C:\Users\Marie\AppData\Local\Temp
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0C1B8E25-F817-4B75-A078-136A3F566437} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-24] (Google Inc -> Google Inc.)
Task: {7420DEDE-45D8-4516-B36E-479CB9A7130E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {96D0C025-0DC0-4C89-9520-FF9D27E5F82F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-24] (Google Inc -> Google Inc.)
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-05.2019
Ran by Marie (13-05-2019 16:35:30) Run:1
Running from C:\Users\Marie\Desktop
Loaded Profiles: Marie (Available Profiles: defaultuser0 & Marie)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
C:\Users\Marie\AppData\Local\Temp
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0C1B8E25-F817-4B75-A078-136A3F566437} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-24] (Google Inc -> Google Inc.)
Task: {7420DEDE-45D8-4516-B36E-479CB9A7130E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {96D0C025-0DC0-4C89-9520-FF9D27E5F82F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-24] (Google Inc -> Google Inc.)
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
C:\Users\Marie\AppData\Local\Temp => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C1B8E25-F817-4B75-A078-136A3F566437}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C1B8E25-F817-4B75-A078-136A3F566437}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7420DEDE-45D8-4516-B36E-479CB9A7130E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7420DEDE-45D8-4516-B36E-479CB9A7130E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{96D0C025-0DC0-4C89-9520-FF9D27E5F82F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96D0C025-0DC0-4C89-9520-FF9D27E5F82F}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 11821056 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 78568530 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 156280 B
Edge => 20922 B
Chrome => 158520867 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 15336 B
LocalService => 0 B
NetworkService => 6015784 B
NetworkService => 0 B
defaultuser0 => 7168 B
Marie => 2394089 B

RecycleBin => 9193417 B
EmptyTemp: => 254.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:36:06 ====

Smazáno. Nastala nějaká změna?

Právě že vůbec, to jste mi poradil už spoustu věcí Pořád zamrzá, jakmile u něj pár minut nejsem finito, zastaví se i čas, kurzor, musím ho natvrdo vypnout.. pak nabíhá dlouho, Whatsapp se zrestartoval, internet naběhne, hned hláška že nemám připojení k netu přitom ho mám.. Tak spustím diagnostiku sítě a v půlce jí můžu vypnout, vidím jak to začne nabíhat. Nevím co s tím Proč

Zkuste přes příkazový řádek příkazem sfc /scannow spustit sken a příp. opravu systémových souborů. Po akci restartujte.

Ježíš a to se dělá jak? Moc děkuji

Otevřete příkazový řádek, napíšete sfc /scannow a odentrujete. Toť vše. Návod: https://wintip.cz/626-jak-spustit-prika ... windows-10 .

Moc děkuji a tu opravu si to dělá samo, nebo taky musím něco zadat? Strašně moc se omlouvám co máte se mnou práce