Havěť z internetu - nefunkční antiviry

Zpráva

cilek · #16 Příspěvek od **cilek** » 03 srp 2019 21:16

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Milan on 03.08.2019 at 21:02:06,77.
Microsoft Windows 10 Home 10.0.17763 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Milan\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

03.08.2019 21:10:34 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Nokia deleted successfully
C:\Program Files\HyperSnap 8 deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\DigitalRadio deleted successfully
C:\PROGRA~3\Lamia deleted successfully
C:\PROGRA~3\Reprise deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Milan\AppData\Roaming\Configuration deleted successfully
C:\Users\Milan\AppData\Local\ActiveSync deleted successfully
C:\Users\Milan\AppData\Local\DBG deleted successfully
C:\Users\Milan\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Milan\AppData\Local\EmieSiteList deleted successfully
C:\Users\Milan\AppData\Local\EmieUserList deleted successfully
C:\Users\Milan\AppData\Local\GHISLER deleted successfully
C:\Users\Milan\AppData\Local\Skype deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3693916616-2222447667-2327344499-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DEF5B14A-841C-4011-83D5-AA4128582C55} deleted successfully
HKEY_USERS\S-1-5-21-3693916616-2222447667-2327344499-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DEF5B14A-841C-4011-83D5-AA4128582C55} deleted successfully
HKEY_USERS\S-1-5-21-3693916616-2222447667-2327344499-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F176BFED-D5D1-4BBF-BDD2-DDE1F6CBA172} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{DEF5B14A-841C-4011-83D5-AA4128582C55} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{DEF5B14A-841C-4011-83D5-AA4128582C55} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{F176BFED-D5D1-4BBF-BDD2-DDE1F6CBA172} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\prefs.js:
user_pref("browser.startup.homepage", "https://inline.go.mail.ru/homepage?inli ... t=11956636");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", false);

Added to C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Milan\AppData\Roaming\Thunderbird\Profiles\odvv0onk.default\prefs.js:

Added to C:\Users\Milan\AppData\Roaming\Thunderbird\Profiles\odvv0onk.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Instalace\FirefoxPortable\Data\profile\prefs.js:

Added to C:\Instalace\FirefoxPortable\Data\profile\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Nokia not found
C:\PROGRA~2\Bonjour deleted
C:\Users\Milan\AppData\Local\Flvto YouTube Downloader deleted
C:\Users\Milan\.android deleted
C:\PROGRA~2\Smart Professional Surveillance System deleted
C:\PROGRA~2\Skillbrains deleted
C:\PROGRA~2\COMMON~1\Wondershare deleted
C:\torbrowser-install-win64-8.5_en-US.exe deleted
C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\IP Search.lnk deleted
C:\Users\Milan\AppData\Roaming\Wondershare deleted
C:\Users\Milan\AppData\Roaming\pcouffin.log deleted
C:\Users\Milan\AppData\Roaming\GetRightToGo deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Milan\AppData\Local\updater.log deleted
C:\Users\Milan\AppData\Local\Wondershare deleted
C:\Users\Milan\AppData\Local\CrashRpt deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM22A0A.tmp deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grbl Controller deleted
C:\Users\Public\jdk-7u79-windows-x64.exe deleted
C:\WINDOWS\WININIT.INI deleted
C:\windows\SysNative\tasks\update-S-1-5-21-3693916616-2222447667-2327344499-1001 deleted
C:\windows\SysNative\tasks\update-sys deleted
C:\WINDOWS\tasks\update-S-1-5-21-3693916616-2222447667-2327344499-1001.job deleted
C:\WINDOWS\tasks\update-sys.job deleted
C:\windows\SysNative\GroupPolicy\Adm deleted
C:\WINDOWS\Syswow64\REN3896.tmp deleted
C:\WINDOWS\Syswow64\REN4856.tmp deleted
C:\WINDOWS\Syswow64\RENFB1A.tmp deleted
C:\WINDOWS\SysWow64\AI_RecycleBin deleted
C:\Users\Milan\Desktop\IP Search.lnk deleted
"C:\WINDOWS\Installer\6b84710.msi" deleted
"C:\Users\Milan\AppData\Roaming\Yandex\ui" deleted
"C:\Users\Milan\AppData\Roaming\Temp" deleted
"C:\Users\Milan\AppData\Roaming\Yandex" deleted

==== Orphaned Tasks deleted from Registry ======================

avast Emergency Update deleted
Imperia Online D1 deleted
Imperia Online N deleted
Imperia Online W1 deleted
Imperia Online W2 deleted
Imperia Online W3 deleted
NCH Software deleted
uquizyotpowptls deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Milan\AppData\Roaming\Thunderbird\Profiles\odvv0onk.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Instalace\FirefoxPortable\Data\profile
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
- Mail.Ru - %ProfilePath%\extensions\homepage@mail.ru.xpi
- Mail.Ru - %ProfilePath%\extensions\search@mail.ru.xpi
- short_ __MSG_appName__ - %ProfilePath%\extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.xpi

ProfilePath: C:\Users\Milan\AppData\Roaming\Thunderbird\Profiles\odvv0onk.default
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
- C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll - [?]
- C:\Program Files x86\HsWebPlugin\npLsNetClientCtl.dll - [?]
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll - [?]

==== Chromium Look ======================

Google Chrome Version: 76.0.3809.87

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
hjdkfkdkokphfploiiddakjokndinfgb - No path found[]
iepoegkaoeljnbhagabakjodgpfniimo - No path found[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - No path found[]

Disable Youtube™ HTML5 Player - Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\enmofgaijnbjpblfljopnpdogpldapoc
IE Tab - Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd
FormApps Extension - Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi
map - Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdaghagfopacdngbohiknlhcocjccjao
Chrome Media Router - Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Startpages ======================

C:\Users\Milan\AppData\Local\Chromium\Metro\User Data\Default\Preferences
"homepage": "http://www.seznam.cz/?clid=6826",

C:\Users\Milan\Appdata\Roaming\Opera Software\Opera Stable\Preferences
"homepage": "http://www.seznam.cz/?clid=6826",
"startup_urls": [ "http://www.seznam.cz/?clid=6826" ]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.cz/"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\fi]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\ma]
@="http://www.mapy.cz/?sourceid=quicksearch_6826&query=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\se]
@="http://search.seznam.cz/?sourceid=quicksearch_6826&q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\vi]
@="http://videa.seznam.cz/?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\zb]
@="http://www.zbozi.cz/?sourceid=quicksearch_6826&q=%s"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.cz/"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchT ... urceid=ie7
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchT ... urceid=ie7
HKCU\SearchScopes "DefaultScope"="{FFEBBF0A-C22C-4172-89FF-45215A135AC7}"
HKCU\SearchScopes\0FAD42904C5757E53FF8ED87A5C8CB6D - http://videa.seznam.cz/?q={searchTerms}
HKCU\SearchScopes\73AACFAD0E6A87DE7B869DC0B57ED150 - http://www.google.com/search?q={searchT ... IM_csCZ630
HKCU\SearchScopes\8DFE4FE72820543076B7D695B770E000 - http://www.zbozi.cz/?sourceid=quicksear ... earchTerms}
HKCU\SearchScopes\D17FB63023E8ABAE8C0F1D7F4A24AE7F - http://www.mapy.cz/?sourceid=quicksearc ... earchTerms}
HKCU\SearchScopes\D876294757B259950E87462A65FA1343 - http://www.firmy.cz/phr/{searchTerms}
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchT ... IM_csCZ630
HKCU\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} - https://go.mail.ru/distib/ep/?q={search ... &gp=811610

==== Reset Google Chrome ======================

C:\Users\Milan\AppData\Local\betaflight-configurator\User Data\Default\Preferences was reset successfully
C:\Users\Milan\AppData\Local\betaflight-configurator\User Data\Default\Secure Preferences was reset successfully
C:\Users\Milan\AppData\Local\Chromium\User Data\Default\Preferences was reset successfully
C:\Users\Milan\AppData\Local\Chromium\User Data\Default\Preferences_20160122224103.backup was reset successfully
C:\Users\Milan\AppData\Local\Chromium\Metro\User Data\Default\Preferences was reset successfully
C:\Users\Milan\AppData\Local\Chromium\Metro\User Data\Default\Preferences_20160122224104.backup was reset successfully
C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Preferences_20160122224102.backup was reset successfully
C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Milan\AppData\Local\Google\Chrome\User Data\System Profile\Preferences was reset successfully
C:\Users\Milan\AppData\Local\Google\Chrome\User Data\System Profile\Secure Preferences was reset successfully
C:\Users\Milan\AppData\Local\Google\Chrome\Metro\User Data\Default\Preferences was reset successfully
C:\Users\Milan\AppData\Local\Google\Chrome\Metro\User Data\Default\Preferences_20160122224103.backup was reset successfully
C:\Users\Milan\Appdata\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Milan\Appdata\Roaming\Opera Software\Opera Stable\Preferences.backup was reset successfully
C:\Users\Milan\Appdata\Roaming\Opera Software\Opera Stable\Preferences_20160122224104.backup was reset successfully
C:\Users\Milan\Appdata\Roaming\Opera Software\Opera Stable\Secure Preferences was reset successfully
C:\Users\Milan\AppData\Local\betaflight-configurator\User Data\Default\Web Data was reset successfully
C:\Users\Milan\AppData\Local\betaflight-configurator\User Data\Default\Web Data-journal was reset successfully
C:\Users\Milan\AppData\Local\Chromium\User Data\Default\Web Data was reset successfully
C:\Users\Milan\AppData\Local\Chromium\Metro\User Data\Default\Web Data was reset successfully
C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Milan\AppData\Local\Google\Chrome\User Data\System Profile\Web Data was reset successfully
C:\Users\Milan\Appdata\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A7F3CAB7369BE86489E25B06A87804D8 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7BAC3F7A-B963-468E-982E-B5608A87408D} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A7F3CAB7369BE86489E25B06A87804D8 deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default.migrated\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Milan\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Milan\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Edge Cache ======================

Edge Cache is not empty, a reboot is needed

==== Empty Chrome Cache ======================

C:\Users\Milan\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Milan\AppData\Local\betaflight-configurator\User Data\Default\Cache emptied successfully
C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Milan\AppData\Local\Google\Chrome\User Data\System Profile\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=4316 folders=430 1226799289 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Milan\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Milan\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Milan\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Microsoft" not found
"C:\Users\Milan\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge" not found
"C:\Users\Milan\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp" not found

==== EOF on 03.08.2019 at 22:14:31,90 ======================

cilek · #17 Příspěvek od **cilek** » 03 srp 2019 21:18

V rozšíření Chrome už jsou zase: Vizualnyje zakladky a Damášňaja straníca. Mám je odstranit?
A rozšíření, která jsem tam potřeboval, zmizela.

cilek · #18 Příspěvek od **cilek** » 03 srp 2019 21:34

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by Milan (Administrator) on 03.08.2019 at 22:25:50,80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 0

Successfully deleted: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uninstall flvto youtube downloader.lnk (Shortcut)
Successfully deleted: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\user.js (File)

Registry: 0

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} (Registry Key)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.08.2019 at 22:34:09,84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cilek · #19 Příspěvek od **cilek** » 03 srp 2019 23:26

Bohužel jsem zjistil, že chrome stále přesměrovává na nechtěné stránky. Občas,

#20 Příspěvek od **Rudy** » 04 srp 2019 10:32

OK. Chrome přeinstalujeme. Zazálohujte ho pomocí ChromeBackup: https://www.stahuj.cz/internet_a_site/p ... me-backup/ . Potom Chrome kompletně odinstalujte vč. jeho profilu (podadresáře Chrome v c:\users\Milan\appdata\local, c:\users\Milan\appdata\roaming, c:\users\Milan\data aplikací, c:\users\Milan\local settings a v c:\program data musí být smazány). Pak znovu Chrome nainstalujte a zpět ze zálohy nakopírujte pouze záložky a hesla.

cilek · #21 Příspěvek od **cilek** » 04 srp 2019 11:39

Nevypadá to dobře. Po spuštění backup hláška, že nemám Chrome nainstalovaný. Ignoroval jsem a zkusil jsem backup provést. Vytvořil jsem cestu pro soubor, vše jakoby proběhlo. Ve složce žádný soubor není. Po znovuspuštění chrome chybí všechny moje záložky a asi i nastavení, hesla apod.

#22 Příspěvek od **Rudy** » 04 srp 2019 11:46

To je samozřejmé. To se tam musí vrátit ze zálohy. Měl jste se přesvědčit, že byl zálohový soubor vytvořen. Proč ChromeBackup nainstalovaný Chrome neviděl, nevím. Ještě jsem ten problém neviděl.

cilek · #23 Příspěvek od **cilek** » 04 srp 2019 11:51

Ve vytvořené složce žádný soubor není, to jsem právě zkontroloval. Ty záložky v Chrome stále jsou, byl jsem přepnutý na jiného uživatele, kterého jsem si vytvořil, když jsem se pokoušel zprovoznit nefunkční překládání stránek do češtiny. Jen se do chromu zase doinstalovaly doplňky od Seznamu. Mám znovu zkusit ten backup?

#24 Příspěvek od **Rudy** » 04 srp 2019 15:26

Sotva. Když žádný soubor nevytvořil, pak tam nebude. Chyba se stala, že jste so nezkontroloval, zda to fungovalo. Jinak jsem ještě nezažil, že by ChromeBackup nefungoval.

cilek · #25 Příspěvek od **cilek** » 04 srp 2019 16:11

Odinstaloval jsem ho, nainstaloval znovu a stále nefunguje. Zasekne se hned při nabíhání (to poprvé neudělal). Pod hlavním oknem je okno s hláškou: "It looks like you do not have Google Chrome Installed. Do you want to continue?" Ale stejně na ano/ne nejde kliknout, protože je to schované pod tím zaseknutým oknem. Poprvé jsem kliknul na ano.
Pokud už jiné řešení není, děkuji za pomoc a přeji hezký zbytek víkendu.

#26 Příspěvek od **Rudy** » 04 srp 2019 16:25

Zde: https://translate.google.com/translate? ... rev=search jsou nějaké pokyny při problémech s instalací. Jinak nevím, sám Chrome nepoužívám.

cilek · #27 Příspěvek od **cilek** » 04 srp 2019 21:27

Mohl byste mi, prosím, ještě prohlédnout logy, jestli tam něco nezůstalo?

cilek · #28 Příspěvek od **cilek** » 04 srp 2019 21:28

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 4-08-2019
Ran by Milan (administrator) on PC-MILAN (MSI MS-7817) (04-08-2019 21:58:09)
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan (Available Profiles: Milan)
Platform: Windows 10 Home Version 1809 17763.557 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
() [File not signed] C:\Program Files (x86)\Paradox Security Systems\NEware Demo\nxServer.Exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19061.410.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVerMedia) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
(Brother Industries, Ltd. -> ) C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
(Dassault Systèmes) [File not signed] C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google) C:\Users\Milan\AppData\Local\Google\Chrome\User Data\SwReporter\43.210.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Milan\AppData\Local\Google\Chrome\User Data\SwReporter\43.210.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Milan\AppData\Local\Google\Chrome\User Data\SwReporter\43.210.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Milan\AppData\Local\Google\Chrome\User Data\SwReporter\43.210.200.3\software_reporter_tool.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MpCmdRun.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
(National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\nisvcloc.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575256 2014-05-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1087960 2014-04-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [847872 2009-12-03] (SEIKO EPSON CORPORATION) [File not signed]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [764472 2012-09-19] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare software CO., LIMITED -> Wondershare)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-21-3693916616-2222447667-2327344499-1001\...\Run: [EPSON SX620FW Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGBE.EXE [224768 2010-01-12] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3693916616-2222447667-2327344499-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Milan\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-3693916616-2222447667-2327344499-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Milan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-3693916616-2222447667-2327344499-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3693916616-2222447667-2327344499-1001\...\Run: [EPSON56202B (Epson Stylus SX620FW)] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGBE.EXE [224768 2010-01-12] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3693916616-2222447667-2327344499-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG -> Nero AG)
HKU\S-1-5-21-3693916616-2222447667-2327344499-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646912 2019-07-02] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3693916616-2222447667-2327344499-1001\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
HKLM\...\Drivers32: [VIDC.I420] => MSH263.DRV
HKLM\...\Drivers32: [VIDC.SP54] => SP5X_32.DLL
HKLM\...\Drivers32: [VIDC.SP55] => SP5X_32.DLL
HKLM\...\Drivers32: [VIDC.SP56] => SP5X_32.DLL
HKLM\...\Drivers32: [VIDC.SP57] => SP5X_32.DLL
HKLM\...\Drivers32: [VIDC.SP58] => SP5X_32.DLL
HKLM\...\Drivers32-x32: [vidc.H264] => TH264Codec.dll
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [240640 2011-05-30] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.87\Installer\chrmstp.exe [2019-08-04] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2014-08-25]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2014-08-25]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2019-01-14]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe () [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0463E39F-FAEA-4A2A-8817-776F2BA52912} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [135349160 2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {0D6B5C20-1097-44D6-9FE3-21A09222DFDC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {19E672F2-CCFE-4F6C-92C7-FC030BA045E7} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {23329890-13A0-4E1F-A90F-DDE5B8C167FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {25E04CEF-837B-4E8F-AAB0-946FFE8FD869} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {269852AD-8878-4E6D-8CBD-79C40A21ECAF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {385853C6-403C-4D04-900B-10A9749AF7BB} - System32\Tasks\{B2590FEB-4571-4E01-B388-834828AABF86} => C:\WINDOWS\system32\pcalua.exe -a H:\INTRO.EXE -d H:\
Task: {38EE4FF3-15F9-480B-940C-85EE0BB704A0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4D015E66-A9D7-457F-B838-77CE1D7597D6} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {50278F63-E948-4BCA-9DBA-D0535D1880F4} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {520A7B56-6364-4B12-83F3-1461F96741B3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {54EC1D1F-328A-434E-AB2E-5FB7C45F74D2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {568F7D06-C9DB-4CA2-904F-8DA83FD06C77} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {56A03CD8-2C85-4DB1-8DBF-35BBDEE88BF0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5707FA7C-63EB-4FFA-A6AB-60AC34E3FD81} - System32\Tasks\update-S-1-5-21-3693916616-2222447667-2327344499-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [31232 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
Task: {6BAB8665-5E90-46C0-AD60-7E81352A6C18} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {78457E91-520D-48DE-8C69-5F4CCB50A5AB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {86994E43-57F5-47B5-87A2-4CBF29A14EF7} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8F3626CA-F74D-4CB1-A3AA-C8EB8591D453} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-09] (Adobe Inc. -> Adobe)
Task: {92818122-B8FD-4B70-8944-6A9585DDCC6C} - System32\Tasks\Opera scheduled Autoupdate 1557064071 => C:\Users\Milan\AppData\Local\Programs\Opera\launcher.exe
Task: {95BF83FE-44C2-4773-9856-0C2854CC7B12} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {97CBD79D-5841-4D93-94FF-56B7416512C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9D6A22DE-939A-48E4-9430-F38FACA73A37} - \WPD\SqmUpload_S-1-5-21-3693916616-2222447667-2327344499-1001 -> No File <==== ATTENTION
Task: {A014E54A-4E51-4B3E-8A23-00A279912E70} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {A4187693-3380-4436-B0E6-7D6973C3ABDF} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {A653562F-5FF2-40CF-9F36-DE24E308D00C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B432B2A5-C39E-432C-98DC-EDDEBCB9904D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C0AF55D3-7D85-4485-AE27-13039A9549D4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {C552D958-9536-4759-9EC4-70DC3D56C8E3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {CBA5C4D2-20EA-4C0F-B6E5-623F7B6E0241} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CE3E64B4-33C1-4FCE-A653-4BF4768B8A39} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D7AF9FC3-C37F-4ADD-BC6F-988E0D375CB6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {D840F7D2-1747-48A5-A75D-AF40E5C4F2F8} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-09] (Adobe Inc. -> Adobe)
Task: {EBEAB995-898F-40E1-B466-1D0B2B22D911} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-09] (Adobe Inc. -> Adobe)
Task: {EC77A1BC-8B01-4DE5-BE73-37FC16D084BC} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F04EC4E8-6D93-43C1-A590-E51148E9710F} - System32\Tasks\{4404C7AA-AD11-4570-8903-920A37D56080} => C:\WINDOWS\system32\pcalua.exe -a H:\SETUP.EXE -d H:\
Task: {FC33C6A4-353C-415D-BE01-D943780E84CE} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3693916616-2222447667-2327344499-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.4.4 10.0.0.138
Tcpip\..\Interfaces\{13128339-0c35-4e21-9737-db4dd995f833}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{13128339-0c35-4e21-9737-db4dd995f833}: [DhcpNameServer] 8.8.4.4 10.0.0.138

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3693916616-2222447667-2327344499-1001 -> 0FAD42904C5757E53FF8ED87A5C8CB6D URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3693916616-2222447667-2327344499-1001 -> 8DFE4FE72820543076B7D695B770E000 URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3693916616-2222447667-2327344499-1001 -> D17FB63023E8ABAE8C0F1D7F4A24AE7F URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826& ... earchTerms}
SearchScopes: HKU\S-1-5-21-3693916616-2222447667-2327344499-1001 -> D876294757B259950E87462A65FA1343 URL = hxxp://www.firmy.cz/phr/{searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc -> Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-11] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc -> Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-11] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-3693916616-2222447667-2327344499-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc -> Google Inc.)
DPF: HKLM-x32 {0AB562B9-0A66-4CA6-97D9-9E81246304C2} hxxp://10.0.0.40:49152/SuperClient2.exe
DPF: HKLM-x32 {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} hxxp://autonat.com/d3/WebClient.exe

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3693916616-2222447667-2327344499-1001 -> hxxp://www.seznam.cz/?clid=6826

FireFox:
========
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default [2019-08-04]
FF Extension: (Домашняя страница Mail.Ru) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\homepage@mail.ru.xpi [2019-08-02] [UpdateUrl:hxxps://crxmailru.cdnmail.ru/go_ffhp_update.json]
FF Extension: (Поиск Mail.Ru) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\search@mail.ru.xpi [2019-08-02] [UpdateUrl:hxxps://crxmailru.cdnmail.ru/searchff/update.json]
FF Extension: (Seznam doplněk - Esko) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\sko-extension@firma.seznam.cz [2019-08-04]
FF Extension: (Визуальные закладки) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.xpi [2019-08-02] [UpdateUrl:hxxps://crxmailru.cdnmail.ru/ff_pult/update.json]
FF Extension: (Seznam doplněk - Email) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2019-08-04]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-07-22] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> )
FF Plugin-x32: @EDVR/WebClient -> C:\windows\system32\WebClient\npwebclient.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @IPC/npmedia3.0.0.3,version=3.0.0.3 -> C:\Program Files\webrec\Torch\3.0.0.3\npmedia3.0.0.3.dll [2016-01-25] (Zhejiang Dahua Technology CO.,LTD. -> )
FF Plugin-x32: @IPC/WebClient -> C:\windows\system32\SuperClient2\npSuperClient.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-07-22] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2017-12-18] (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FF Plugin HKU\S-1-5-21-3693916616-2222447667-2327344499-1001: @tvt.cn/npWebClient_9000 -> C:\Program Files\WebClient_9000\npWebClient_9000.dll [2016-11-11] () [File not signed]
FF Plugin HKU\S-1-5-21-3693916616-2222447667-2327344499-1001: @tvt.cn/npWebClient_9000_P2P -> C:\Program Files\WebClient_9000_P2P\npWebClient_9000.dll [2017-01-06] () [File not signed]
FF Plugin HKU\S-1-5-21-3693916616-2222447667-2327344499-1001: @tvt.cn/WebClient_VPPlugin -> C:\Program Files\WebClient_VPPlugin\npWebClient_VPPlugin.dll [2018-01-10] () [File not signed]
FF Plugin HKU\S-1-5-21-3693916616-2222447667-2327344499-1001: @tvt.cn/WebClient_VPPlugin_P2P -> C:\Program Files\WebClient_VPPlugin_P2P\npWebClient_VPPlugin_P2P.dll [2017-10-27] () [File not signed]
FF Plugin HKU\S-1-5-21-3693916616-2222447667-2327344499-1001: @tvt.cn/WebClient_VPPlugin_v2_P2P -> C:\Program Files\WebClient_VPPlugin_v2_P2P\npWebClient_VPPlugin_v2_P2P.dll [2019-01-08] () [File not signed]
FF Plugin HKU\S-1-5-21-3693916616-2222447667-2327344499-1001: lsjt.com/LsNetClientCtl -> C:\Program Files (x86)\HsWebPlugin\npLsNetClientCtl.dll [2018-09-28] (HEROSPEED TECHNOLOGY LIMITED -> ls)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> inline.go.mail.ru
CHR DefaultSearchURL: Default -> hxxps://inline.go.mail.ru/search?inline_comp=chxtnhp15.1.4.3&q={searchTerms}&fr=chxtnhp15.1.4.3
CHR DefaultSearchKeyword: Default -> inline.go.mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default [2019-08-04]
CHR Extension: (Prezentace) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-03]
CHR Extension: (Dokumenty) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-03]
CHR Extension: (Disk Google) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-08-03]
CHR Extension: (YouTube) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-03]
CHR Extension: (Adobe Acrobat) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-08-04]
CHR Extension: (Tabulky) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-08-03]
CHR Extension: (Adblocker for Youtube™) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaifmpegndoadklfhjffnpilecgegfbb [2019-08-02] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Skype) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2019-08-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-08-04]
CHR Extension: (Gmail) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-03]
CHR Extension: (Chrome Media Router) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-04]
CHR Profile: C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-08-04]
CHR Extension: (Prezentace) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-04]
CHR Extension: (Dokumenty) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-04]
CHR Extension: (Disk Google) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-08-04]
CHR Extension: (YouTube) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-04]
CHR Extension: (Adobe Acrobat) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-08-04]
CHR Extension: (Tabulky) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-08-04]
CHR Extension: (Skype) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2019-08-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-08-04]
CHR Extension: (Gmail) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-04]
CHR Extension: (Chrome Media Router) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-04]
CHR Profile: C:\Users\Milan\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-04]
CHR Extension: (Adblocker for Youtube™) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\iaifmpegndoadklfhjffnpilecgegfbb [2019-08-02] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Adblocker for Youtube™) - C:\Users\Milan\AppData\Roaming\Opera Software\Opera Stable\Extensions\anaddkhpbjbaijaigjhccplficbmbbfk [2019-08-02]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [352256 2008-10-21] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [405504 2008-12-09] () [File not signed]
S4 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
R2 BRA_Scheduler; C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [115536 2018-10-22] (Brother Industries, Ltd. -> )
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [125440 2016-02-04] (Dassault Systèmes) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-10-28] (Macrovision Europe Ltd.) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel(R) pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2014-01-06] (Intel Corporation - Business Client Platform Division -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2008-10-31] (National Instruments Corporation -> National Instruments, Inc.)
R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [42544 2009-06-18] (National Instruments Corporation -> National Instruments Corporation)
R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [53296 2009-06-18] (National Instruments Corporation -> National Instruments Corporation)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992 2012-10-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MICRO-STAR INTERNATIONAL CO., LTD.)
R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [356912 2009-06-18] (National Instruments Corporation -> National Instruments Corporation)
R2 niLXIDiscovery; C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [131704 2009-03-05] (National Instruments Corporation -> National Instruments Corporation)
R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [193648 2009-06-04] (National Instruments Corporation -> National Instruments Corporation)
R2 niSvcLoc; C:\Windows\SysWOW64\nisvcloc.exe [13896 2009-06-04] (National Instruments Corporation -> National Instruments Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG -> Nero AG)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11795800 2019-04-15] (TeamViewer GmbH -> TeamViewer GmbH)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2018-07-23] (Microsoft) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2018-07-23] (Microsoft) [File not signed]
R2 NEWare_Database_16101; C:\Program Files (x86)\Paradox Security Systems\NEware Demo\nxServer.exe /ServiceName:NEWare_Database_16101 "/CONFIG:C:\Users\Public\Documents\Paradox Security Systems\NEware\{1E5C047A-97E1-4FB9-8B60-CC67C7BC103C}\DBServer" /ALLOWSYSTEM <==== ATTENTION
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AVerAF15DMBTH64; C:\WINDOWS\System32\Drivers\AVerAF15DMBTH64.sys [592256 2009-07-27] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
S3 Bulk1528; C:\WINDOWS\System32\Drivers\Bulk1528.sys [14848 2008-06-28] (Microsoft Windows Hardware Compatibility Publisher -> SunPlus)
R2 Ca1528av; C:\WINDOWS\System32\Drivers\Ca1528av.sys [533760 2008-12-17] (Microsoft Windows Hardware Compatibility Publisher -> Digital Camera)
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [59904 2015-02-06] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
S3 Hantek6022BE1; C:\WINDOWS\System32\Drivers\Hantek6022BEAMD641.sys [24432 2014-09-19] (青岛汉泰电子有限公司 -> )
S3 Hantek6022BE1; C:\Windows\SysWOW64\Drivers\Hantek6022BEAMD641.sys [24432 2014-09-19] (青岛汉泰电子有限公司 -> )
R2 Hantek6022BE2; C:\WINDOWS\System32\Drivers\Hantek6022BEAMD642.SYS [24432 2014-09-19] (青岛汉泰电子有限公司 -> )
R2 Hantek6022BE2; C:\Windows\SysWOW64\Drivers\Hantek6022BEAMD642.SYS [24432 2014-09-19] (青岛汉泰电子有限公司 -> )
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [22216 2014-02-03] (Intel CASE -> )
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [22728 2014-02-03] (Intel CASE -> )
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD.sys [44744 2014-02-03] (Intel CASE -> )
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [52832 2017-01-29] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47928 2017-01-29] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2017-01-11] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 nidimk; C:\Windows\system32\drivers\nidimkl.sys [11872 2008-06-13] (National Instruments Corporation -> National Instruments Corporation)
S3 niorbk; C:\Windows\system32\drivers\niorbkl.sys [11856 2009-06-14] (National Instruments Corporation -> National Instruments Corporation)
S3 nipalfwedl; C:\WINDOWS\System32\drivers\nipalfwedl.sys [12928 2009-05-26] (National Instruments Corporation -> National Instruments Corporation)
R0 NIPALK; C:\WINDOWS\System32\drivers\nipalk.sys [883288 2009-05-26] (National Instruments Corporation -> National Instruments Corporation)
S3 nipalusbedl; C:\WINDOWS\System32\drivers\nipalusbedl.sys [12920 2009-05-26] (National Instruments Corporation -> National Instruments Corporation)
R0 nipbcfk; C:\WINDOWS\System32\drivers\nipbcfk.sys [16472 2008-08-21] (National Instruments Corporation -> National Instruments Corporation)
S3 NiViFWK; C:\WINDOWS\System32\drivers\NiViFWKl.sys [11896 2009-03-05] (National Instruments Corporation -> National Instruments Corporation)
S3 NiViPciK; C:\WINDOWS\System32\drivers\NiViPciKl.sys [11872 2009-06-21] (National Instruments Corporation -> National Instruments Corporation)
R2 NiViPxiK; C:\WINDOWS\System32\drivers\NiViPxiKl.sys [11872 2009-06-21] (National Instruments Corporation -> National Instruments Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (PRINTING COMMUNICATIONS ASSOCIATES, INC -> Printing Communications Assoc., Inc. (PCAUSA))
S3 Ser2pl; C:\WINDOWS\system32\DRIVERS\ser2pl64.sys [199960 2016-10-06] (WDKTestCert charles-yeh,131069736795923936 -> Prolific Technology Inc.)
S3 silabenm; C:\WINDOWS\system32\DRIVERS\silabenm.sys [23552 2014-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
R3 tpfilter; C:\WINDOWS\System32\drivers\tpfilter.sys [25928 2015-10-30] (BYD precision manufacture company -> TP Microelectronic)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-07-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344288 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-07-26] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-04 21:58 - 2019-08-04 22:01 - 000045489 _____ C:\Users\Milan\Desktop\FRST.txt
2019-08-04 21:55 - 2019-08-04 21:56 - 002096640 _____ (Farbar) C:\Users\Milan\Desktop\FRST64.exe
2019-08-04 21:45 - 2019-08-04 21:45 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-04 21:45 - 2019-08-04 21:45 - 000002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-04 13:19 - 2019-08-04 20:35 - 000000000 ____D C:\Program Files (x86)\Google Chrome Backup
2019-08-04 12:44 - 2019-08-04 12:44 - 000045707 _____ C:\Users\Milan\Documents\Záložky.html
2019-08-04 12:27 - 2019-08-04 12:28 - 000000000 ____D C:\Users\Milan\Documents\Záloha chrome
2019-08-04 12:22 - 2019-08-04 13:19 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Google Chrome Backup
2019-08-04 12:21 - 2019-08-04 20:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Parhelia Tools
2019-08-04 08:49 - 2019-08-04 08:49 - 000000000 ____D C:\Users\Milan\.AE
2019-08-03 23:05 - 2019-08-03 23:05 - 000000000 ____D C:\Users\Milan\AppData\Local\DBG
2019-08-03 22:34 - 2019-08-03 22:34 - 000000934 _____ C:\Users\Milan\Desktop\JRT.txt
2019-08-03 21:02 - 2019-08-04 20:26 - 000000000 ____D C:\zoek_backup
2019-08-03 19:20 - 2019-08-03 19:23 - 000028653 _____ C:\Users\Milan\Desktop\Fixlog.txt
2019-08-02 21:05 - 2019-08-03 13:10 - 000000000 ____D C:\Users\Milan\AppData\Local\ESET
2019-08-02 20:57 - 2019-08-02 20:57 - 000000000 ____D C:\Users\Milan\AppData\LocalLow\xHLLMjruyIoAv
2019-08-02 20:37 - 2019-08-04 20:44 - 109576192 _____ C:\WINDOWS\system32\config\SOFTWARE
2019-08-02 18:33 - 2019-08-02 18:33 - 000000735 _____ C:\Users\Milan\AppData\Local\recently-used.xbel
2019-08-02 18:30 - 2019-08-02 18:30 - 003139935 _____ C:\Users\Milan\Downloads\setup_13359-fa4e6d.zip
2019-08-02 16:20 - 2019-08-02 16:20 - 000030948 _____ C:\Users\Milan\Desktop\playboy.nc
2019-08-02 15:05 - 2019-08-02 15:17 - 000000000 ____D C:\Users\Milan\AppData\Roaming\LaserGRBL
2019-07-31 19:43 - 2019-07-31 19:43 - 000700553 _____ C:\Users\Milan\Downloads\Copy of Intro to Easel (2).nc
2019-07-31 19:39 - 2019-07-31 19:39 - 000505091 _____ C:\Users\Milan\Downloads\Copy of Intro to Easel (1).nc
2019-07-31 19:32 - 2019-07-31 19:33 - 000492991 _____ C:\Users\Milan\Downloads\Copy of Intro to Easel.nc
2019-07-31 19:17 - 2019-08-04 20:35 - 000000000 ____D C:\EaselLocal
2019-07-31 19:03 - 2019-07-31 19:03 - 014086058 _____ C:\Users\Milan\Downloads\EaselDriver_0.3.14_d6f009f8ae.zip
2019-07-30 20:34 - 2019-07-30 20:34 - 011425414 _____ C:\Users\Milan\Downloads\grblControl_0.5.2.zip
2019-07-30 09:51 - 2019-07-30 09:51 - 000233703 _____ C:\Users\Milan\Downloads\navod_nvms1000 (1).zip
2019-07-30 09:44 - 2019-07-30 09:44 - 090401060 _____ C:\Users\Milan\Downloads\nvms_3.4.5 (1).zip
2019-07-29 08:37 - 2019-07-29 08:37 - 004849457 _____ C:\Users\Milan\Downloads\03_Kulickova_pouzdra_vodici_tyce_v3.pdf
2019-07-29 08:37 - 2019-07-29 08:37 - 004849457 _____ C:\Users\Milan\Downloads\03_Kulickova_pouzdra_vodici_tyce_v3 (1).pdf
2019-07-27 22:43 - 2019-07-27 22:43 - 001722691 _____ C:\Users\Milan\Downloads\3018-Assembly instructions for CNC 3018.pdf
2019-07-26 11:05 - 2019-07-26 11:05 - 000115062 _____ C:\Users\Milan\Downloads\20262.zip
2019-07-22 19:24 - 2019-07-22 19:24 - 000119892 _____ C:\Users\Milan\Downloads\Vypis_z_uctu_1880615349_z_20190630.pdf
2019-07-22 19:22 - 2019-07-22 19:22 - 000121923 _____ C:\Users\Milan\Downloads\Vypis_z_uctu_1880615349_z_20190531.pdf
2019-07-22 19:18 - 2019-07-22 19:18 - 000123199 _____ C:\Users\Milan\Downloads\Vypis_z_uctu_1880615349_z_20190430.pdf
2019-07-19 12:02 - 2019-07-19 12:02 - 000039514 _____ C:\Users\Milan\Downloads\20181221013602test-examples.rar
2019-07-17 19:40 - 2019-07-17 19:40 - 000107171 _____ C:\Users\Milan\Downloads\priloha_693740692_0_MobilniKlic.pdf
2019-07-15 21:26 - 2019-07-15 21:26 - 000218596 _____ C:\Users\Milan\Downloads\p - predzamci -obrazek.pdf
2019-07-11 20:46 - 2019-07-11 20:46 - 001343075 _____ C:\Users\Milan\Downloads\Výzva k podání nabídky - _Restaurování stropní malby_ e.č. 110_2019.pdf
2019-07-10 19:50 - 2019-07-10 19:50 - 000162929 _____ C:\Users\Milan\Desktop\krt.jpeg
2019-07-10 19:49 - 2019-07-10 19:49 - 000012515 _____ C:\Users\Milan\Desktop\3E93F5FE-CE2C-4C30-ADCA-05B572DF821F.jpeg
2019-07-09 12:52 - 2019-07-09 12:52 - 000125234 _____ C:\Users\Milan\Downloads\Invoice_68313608.pdf
2019-07-08 11:19 - 2019-07-08 11:19 - 000420519 _____ C:\Users\Milan\Downloads\Zaves_lupinkove_pilky.pdf
2019-07-07 17:21 - 2019-07-07 17:21 - 000371442 _____ C:\Users\Milan\Downloads\Odpověď na petici, týkající se problematiky uzavření průjezdu centrem města Hranic.pdf
2019-07-06 16:26 - 2019-07-06 16:26 - 000078134 _____ C:\Users\Milan\Downloads\Beispiel Zusätzlicher 3 Wege Schalter (1).pdf
2019-07-05 18:54 - 2019-07-05 18:54 - 000078134 _____ C:\Users\Milan\Downloads\Beispiel Zusätzlicher 3 Wege Schalter.pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-04 21:58 - 2015-02-03 09:23 - 000000000 ____D C:\FRST
2019-08-04 21:45 - 2014-08-22 07:31 - 000000000 ____D C:\Program Files (x86)\Google
2019-08-04 21:34 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-04 21:34 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-04 21:26 - 2017-12-27 13:16 - 000000000 ____D C:\Users\Milan\AppData\Local\Packages
2019-08-04 20:58 - 2019-01-21 10:38 - 000000000 ____D C:\Users\Milan
2019-08-04 20:58 - 2017-06-02 08:50 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-08-04 20:58 - 2014-08-25 19:53 - 000000000 __SHD C:\Users\Milan\IntelGraphicsProfiles
2019-08-04 20:48 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-04 20:45 - 2019-04-16 20:51 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-08-04 20:45 - 2019-01-21 11:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-04 20:44 - 2017-08-11 00:07 - 000000000 ____D C:\Users\Milan\AppData\Local\Flvto YouTube Downloader
2019-08-04 20:37 - 2018-09-15 19:34 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-08-04 20:37 - 2018-09-15 19:34 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-08-04 20:37 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2019-08-04 20:37 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-08-04 20:37 - 2018-09-15 09:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-08-04 20:37 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\TextInput
2019-08-04 20:37 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-08-04 20:37 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2019-08-04 20:37 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-08-04 20:37 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-08-04 20:37 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-08-04 20:37 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\DDFs
2019-08-04 20:37 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-08-04 20:37 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-08-04 20:37 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-08-04 20:37 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\Provisioning
2019-08-04 20:37 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-08-04 20:37 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\L2Schemas
2019-08-04 20:37 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-08-04 20:37 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-08-04 20:37 - 2018-09-15 08:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-08-04 20:37 - 2013-08-22 17:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-08-04 20:36 - 2019-05-05 15:50 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Cool Record Edit Pro New Version Available
2019-08-04 20:36 - 2019-04-16 12:48 - 000000000 ____D C:\WINDOWS\Searcher
2019-08-04 20:36 - 2019-04-16 12:48 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Searcher
2019-08-04 20:36 - 2018-10-17 15:16 - 000000000 ____D C:\Users\Milan\AppData\Roaming\uTorrent
2019-08-04 20:36 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\Containers
2019-08-04 20:36 - 2018-09-15 08:09 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2019-08-04 20:36 - 2018-09-15 08:09 - 000000000 ____D C:\WINDOWS\servicing
2019-08-04 20:36 - 2017-08-11 00:08 - 000000000 ____D C:\Users\Milan\AppData\Roaming\FlvtoConverter
2019-08-04 20:36 - 2017-07-10 18:31 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2019-08-04 20:36 - 2017-01-13 09:27 - 000000000 ____D C:\Users\Milan\AppData\Local\IE Tab
2019-08-04 20:36 - 2016-09-08 21:15 - 000000000 ____D C:\Users\Milan\AppData\Roaming\vlc
2019-08-04 20:36 - 2016-08-08 08:25 - 000000000 ____D C:\Users\Milan\AppData\Roaming\GetRightToGo
2019-08-04 20:36 - 2015-06-11 21:01 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Wondershare
2019-08-04 20:36 - 2014-11-16 16:05 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Seznam.cz
2019-08-04 20:36 - 2014-08-25 21:39 - 000000000 ____D C:\Users\Milan\Documents\AVerTV
2019-08-04 20:36 - 2014-08-25 19:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-04 20:35 - 2019-05-06 06:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
2019-08-04 20:35 - 2018-08-20 07:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-08-04 20:35 - 2018-08-03 07:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SADPTool
2019-08-04 20:35 - 2018-08-03 07:58 - 000000000 ____D C:\Program Files (x86)\SADPTool
2019-08-04 20:35 - 2018-07-30 09:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AxCrypt
2019-08-04 20:35 - 2017-12-27 13:37 - 000000000 ___RD C:\Users\Milan\3D Objects
2019-08-04 20:35 - 2017-11-08 14:53 - 000000000 ____D C:\ProgramData\NVMS-1000
2019-08-04 20:35 - 2017-11-08 14:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVMS-1000
2019-08-04 20:35 - 2017-11-08 14:53 - 000000000 ____D C:\Program Files (x86)\NVMS-1000
2019-08-04 20:35 - 2016-12-01 17:01 - 000000000 ____D C:\Program Files (x86)\Smart Professional Surveillance System
2019-08-04 20:35 - 2016-11-23 16:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HsWebPlugin
2019-08-04 20:35 - 2016-11-23 16:06 - 000000000 ____D C:\Program Files (x86)\HsWebPlugin
2019-08-04 20:35 - 2016-10-03 20:07 - 000000000 ____D C:\Users\Milan\AppData\Local\ConnectedDevicesPlatform
2019-08-04 20:35 - 2016-06-14 18:32 - 000000000 ____D C:\Program Files (x86)\Searcher
2019-08-04 20:35 - 2016-03-02 11:12 - 000000000 ____D C:\Program Files (x86)\Skillbrains
2019-08-04 20:35 - 2015-05-14 14:16 - 000000000 ____D C:\Program Files (x86)\Java
2019-08-04 20:35 - 2015-05-14 10:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-08-04 20:35 - 2015-04-26 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2019-08-04 20:35 - 2015-04-26 15:49 - 000000000 ____D C:\Program Files (x86)\Inkscape
2019-08-04 20:35 - 2015-04-26 15:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grbl Controller
2019-08-04 20:35 - 2015-02-04 22:47 - 000000000 ___HD C:\msiFastBoot
2019-08-04 20:35 - 2014-10-28 23:08 - 000000000 ____D C:\Program Files (x86)\Bonjour
2019-08-04 20:35 - 2014-08-27 10:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2019-08-04 20:35 - 2014-08-27 10:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-08-04 20:35 - 2014-08-26 22:10 - 000000000 ____D C:\Instalace
2019-08-04 20:35 - 2014-08-22 07:39 - 000000000 ____D C:\Program Files (x86)\Seznam.cz
2019-08-04 20:35 - 2014-08-22 07:30 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-08-04 20:35 - 2014-08-22 07:28 - 000000000 ____D C:\ProgramData\Package Cache
2019-08-04 20:01 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\registration
2019-08-04 19:59 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\Vss
2019-08-04 19:52 - 2017-09-09 01:33 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2019-08-04 19:51 - 2019-04-16 20:51 - 000000000 ____D C:\Users\Milan\AppData\Roaming\TeamViewer
2019-08-04 19:51 - 2017-12-27 13:39 - 000000000 ___HD C:\Users\Milan\MicrosoftEdgeBackups
2019-08-04 19:51 - 2015-04-26 17:59 - 000000000 ____D C:\Users\Milan\AppData\LocalLow\Oracle
2019-08-04 19:51 - 2015-04-26 17:57 - 000000000 ____D C:\Users\Milan\AppData\LocalLow\Sun
2019-08-04 19:51 - 2014-12-21 11:29 - 000000000 ____D C:\Users\Milan\AppData\LocalLow\Adobe
2019-08-04 19:51 - 2014-08-27 10:23 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Mozilla
2019-08-04 19:51 - 2014-08-26 20:55 - 000000000 ____D C:\Users\Milan\Documents\MIKA
2019-08-04 19:51 - 2014-08-25 19:53 - 000000000 ____D C:\Users\Milan\AppData\Local\VirtualStore
2019-08-04 19:49 - 2014-09-15 10:25 - 000000000 ____D C:\ProgramData\VSO
2019-08-04 12:21 - 2018-07-30 09:39 - 000000000 ____D C:\Users\Milan\AppData\Local\AxCrypt
2019-08-03 19:22 - 2016-05-03 00:05 - 000000000 ____D C:\Users\Milan\AppData\LocalLow\Temp
2019-08-03 17:01 - 2014-09-25 14:33 - 000000000 ____D C:\AdwCleaner
2019-08-02 18:54 - 2015-04-26 15:51 - 000000000 ____D C:\Users\Milan\AppData\Roaming\inkscape
2019-08-02 18:54 - 2014-09-15 10:25 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Vso
2019-08-02 17:57 - 2015-04-26 16:26 - 000000000 ____D C:\nic
2019-07-31 18:57 - 2018-08-03 07:49 - 000008276 _____ C:\Users\Milan\Documents\Slahe-txt.axx
2019-07-26 09:02 - 2018-03-01 13:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-07-23 17:37 - 2014-09-01 08:35 - 000013030 _____ C:\PDOXUSRS.NET
2019-07-23 17:37 - 2014-09-01 08:23 - 000000000 ____D C:\WinloadPrivateDir
2019-07-22 09:30 - 2015-03-08 12:19 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Google
2019-07-16 18:58 - 2016-12-12 23:11 - 000000000 ____D C:\Users\Milan\AppData\LocalLow\Mozilla
2019-07-16 08:57 - 2016-04-08 16:42 - 000000000 ____D C:\Users\Milan\Documents\Screenshoty
2019-07-13 09:23 - 2014-08-26 20:38 - 000000000 ____D C:\Users\Milan\Documents\ConvertXtoDVD
2019-07-11 16:38 - 2014-08-25 19:56 - 000000000 ___RD C:\Users\Milan\OneDrive
2019-07-10 08:06 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-10 08:03 - 2014-08-27 08:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-10 07:14 - 2014-08-27 15:05 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-07-09 23:15 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-07-09 08:22 - 2019-01-21 11:01 - 000004652 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-07-09 08:22 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-07-09 08:22 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-07-09 08:18 - 2019-01-21 11:01 - 000004640 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-08 20:29 - 2014-08-26 21:08 - 000000000 ____D C:\Users\Milan\Documents\Scany
2019-07-07 00:07 - 2017-09-24 20:51 - 000001116 _____ C:\Users\Milan\Desktop\JETI Studio.lnk
2019-07-07 00:07 - 2017-03-26 22:33 - 000001510 _____ C:\Users\Milan\Desktop\LogView.exe – zástupce.lnk
2019-07-07 00:07 - 2015-04-26 15:20 - 000001102 _____ C:\Users\Milan\Desktop\Grbl Controller.lnk
2019-07-07 00:07 - 2015-02-20 16:55 - 000001889 _____ C:\Users\Milan\Desktop\Gaosuo.lnk
2019-07-07 00:07 - 2015-01-18 17:17 - 000000950 _____ C:\Users\Milan\Desktop\EPSON Scan.lnk
2019-07-07 00:06 - 2015-12-23 01:44 - 000001936 _____ C:\Users\Milan\Desktop\Hantek6022BE.lnk
2019-07-07 00:06 - 2015-01-05 21:54 - 000001049 _____ C:\Users\Milan\Desktop\Modely – zástupce.lnk
2019-07-07 00:06 - 2014-10-08 08:18 - 000001356 _____ C:\Users\Milan\Desktop\VYPNOUT.lnk
2019-07-05 10:31 - 2014-12-09 00:41 - 000000000 ____D C:\RecData

==================== Files in the root of some directories ================

2015-05-14 10:14 - 2015-05-14 09:49 - 146861984 _____ (Oracle Corporation) C:\Users\Public\jdk-7u79-windows-x64.exe
2017-08-11 00:10 - 2018-04-22 14:06 - 000014573 _____ () C:\Users\Milan\AppData\Roaming\downloads.json
2014-09-15 10:25 - 2014-09-15 10:25 - 000099384 _____ () C:\Users\Milan\AppData\Roaming\inst.exe
2014-09-15 10:25 - 2014-09-15 10:25 - 000007859 _____ () C:\Users\Milan\AppData\Roaming\pcouffin.cat
2014-09-15 10:25 - 2014-09-15 10:25 - 000001167 _____ () C:\Users\Milan\AppData\Roaming\pcouffin.inf
2014-09-15 10:25 - 2014-09-15 10:25 - 000082816 _____ (VSO Software) C:\Users\Milan\AppData\Roaming\pcouffin.sys
2015-01-14 00:17 - 2018-01-03 10:00 - 000039936 _____ () C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-08-03 16:50 - 2017-08-03 16:50 - 000000001 _____ () C:\Users\Milan\AppData\Local\llftool.4.40.agreement
2019-08-02 18:33 - 2019-08-02 18:33 - 000000735 _____ () C:\Users\Milan\AppData\Local\recently-used.xbel
2014-09-17 18:29 - 2019-06-05 20:41 - 000007602 _____ () C:\Users\Milan\AppData\Local\resmon.resmoncfg
2019-08-04 21:43 - 2019-08-04 21:43 - 000000003 _____ () C:\Users\Milan\AppData\Local\updater.log
2016-03-02 11:12 - 2017-05-06 21:41 - 000000425 _____ () C:\Users\Milan\AppData\Local\UserProducts.xml

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

#29 Příspěvek od **Rudy** » 05 srp 2019 09:09

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3693916616-2222447667-2327344499-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Milan\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-3693916616-2222447667-2327344499-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Milan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] (Seznam.cz, a.s. -> )
GroupPolicy: Restriction ? <==== ATTENTION
Task: {4D015E66-A9D7-457F-B838-77CE1D7597D6} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {520A7B56-6364-4B12-83F3-1461F96741B3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {568F7D06-C9DB-4CA2-904F-8DA83FD06C77} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {6BAB8665-5E90-46C0-AD60-7E81352A6C18} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {95BF83FE-44C2-4773-9856-0C2854CC7B12} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {9D6A22DE-939A-48E4-9430-F38FACA73A37} - \WPD\SqmUpload_S-1-5-21-3693916616-2222447667-2327344499-1001 -> No File <==== ATTENTION
Task: {A014E54A-4E51-4B3E-8A23-00A279912E70} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {A4187693-3380-4436-B0E6-7D6973C3ABDF} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {B432B2A5-C39E-432C-98DC-EDDEBCB9904D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C0AF55D3-7D85-4485-AE27-13039A9549D4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {C552D958-9536-4759-9EC4-70DC3D56C8E3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {CBA5C4D2-20EA-4C0F-B6E5-623F7B6E0241} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CE3E64B4-33C1-4FCE-A653-4BF4768B8A39} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D7AF9FC3-C37F-4ADD-BC6F-988E0D375CB6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EC77A1BC-8B01-4DE5-BE73-37FC16D084BC} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F04EC4E8-6D93-43C1-A590-E51148E9710F} - System32\Tasks\{4404C7AA-AD11-4570-8903-920A37D56080} => C:\WINDOWS\system32\pcalua.exe -a H:\SETUP.EXE -d H:\
Task: {385853C6-403C-4D04-900B-10A9749AF7BB} - System32\Tasks\{B2590FEB-4571-4E01-B388-834828AABF86} => C:\WINDOWS\system32\pcalua.exe -a H:\INTRO.EXE -d H:\
Task: {23329890-13A0-4E1F-A90F-DDE5B8C167FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc -> Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc -> Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-3693916616-2222447667-2327344499-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc -> Google Inc.)
FF Plugin-x32: @EDVR/WebClient -> C:\windows\system32\WebClient\npwebclient.dll [No File]
CHR HomePage: Default -> inline.go.mail.ru
CHR DefaultSearchURL: Default -> hxxps://inline.go.mail.ru/search?inline ... 5.1.4.3&q={searchTerms}&fr=chxtnhp15.1.4.3
CHR DefaultSearchKeyword: Default -> inline.go.mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
R2 NEWare_Database_16101; C:\Program Files (x86)\Paradox Security Systems\NEware Demo\nxServer.exe /ServiceName:NEWare_Database_16101 "/CONFIG:C:\Users\Public\Documents\Paradox Security Systems\NEware\{1E5C047A-97E1-4FB9-8B60-CC67C7BC103C}\DBServer" /ALLOWSYSTEM <==== ATTENTION
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

cilek · #30 Příspěvek od **cilek** » 05 srp 2019 11:44

Fix result of Farbar Recovery Scan Tool (x64) Version: 4-08-2019
Ran by Milan (05-08-2019 12:19:20) Run:1
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan (Available Profiles: Milan)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3693916616-2222447667-2327344499-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Milan\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-3693916616-2222447667-2327344499-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Milan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] (Seznam.cz, a.s. -> )
GroupPolicy: Restriction ? <==== ATTENTION
Task: {4D015E66-A9D7-457F-B838-77CE1D7597D6} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {520A7B56-6364-4B12-83F3-1461F96741B3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {568F7D06-C9DB-4CA2-904F-8DA83FD06C77} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {6BAB8665-5E90-46C0-AD60-7E81352A6C18} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {95BF83FE-44C2-4773-9856-0C2854CC7B12} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {9D6A22DE-939A-48E4-9430-F38FACA73A37} - \WPD\SqmUpload_S-1-5-21-3693916616-2222447667-2327344499-1001 -> No File <==== ATTENTION
Task: {A014E54A-4E51-4B3E-8A23-00A279912E70} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {A4187693-3380-4436-B0E6-7D6973C3ABDF} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {B432B2A5-C39E-432C-98DC-EDDEBCB9904D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C0AF55D3-7D85-4485-AE27-13039A9549D4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {C552D958-9536-4759-9EC4-70DC3D56C8E3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {CBA5C4D2-20EA-4C0F-B6E5-623F7B6E0241} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CE3E64B4-33C1-4FCE-A653-4BF4768B8A39} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D7AF9FC3-C37F-4ADD-BC6F-988E0D375CB6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EC77A1BC-8B01-4DE5-BE73-37FC16D084BC} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F04EC4E8-6D93-43C1-A590-E51148E9710F} - System32\Tasks\{4404C7AA-AD11-4570-8903-920A37D56080} => C:\WINDOWS\system32\pcalua.exe -a H:\SETUP.EXE -d H:\
Task: {385853C6-403C-4D04-900B-10A9749AF7BB} - System32\Tasks\{B2590FEB-4571-4E01-B388-834828AABF86} => C:\WINDOWS\system32\pcalua.exe -a H:\INTRO.EXE -d H:\
Task: {23329890-13A0-4E1F-A90F-DDE5B8C167FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc -> Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc -> Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-3693916616-2222447667-2327344499-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc -> Google Inc.)
FF Plugin-x32: @EDVR/WebClient -> C:\windows\system32\WebClient\npwebclient.dll [No File]
CHR HomePage: Default -> inline.go.mail.ru
CHR DefaultSearchURL: Default -> hxxps://inline.go.mail.ru/search?inline ... 5.1.4.3&q={searchTerms}&fr=chxtnhp15.1.4.3
CHR DefaultSearchKeyword: Default -> inline.go.mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
R2 NEWare_Database_16101; C:\Program Files (x86)\Paradox Security Systems\NEware Demo\nxServer.exe /ServiceName:NEWare_Database_16101 "/CONFIG:C:\Users\Public\Documents\Paradox Security Systems\NEware\{1E5C047A-97E1-4FB9-8B60-CC67C7BC103C}\DBServer" /ALLOWSYSTEM <==== ATTENTION
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End

*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKU\S-1-5-21-3693916616-2222447667-2327344499-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate" => not found
"HKU\S-1-5-21-3693916616-2222447667-2327344499-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop" => not found
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D015E66-A9D7-457F-B838-77CE1D7597D6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D015E66-A9D7-457F-B838-77CE1D7597D6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{520A7B56-6364-4B12-83F3-1461F96741B3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{520A7B56-6364-4B12-83F3-1461F96741B3}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{568F7D06-C9DB-4CA2-904F-8DA83FD06C77}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{568F7D06-C9DB-4CA2-904F-8DA83FD06C77}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6BAB8665-5E90-46C0-AD60-7E81352A6C18}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BAB8665-5E90-46C0-AD60-7E81352A6C18}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95BF83FE-44C2-4773-9856-0C2854CC7B12}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95BF83FE-44C2-4773-9856-0C2854CC7B12}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D6A22DE-939A-48E4-9430-F38FACA73A37}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D6A22DE-939A-48E4-9430-F38FACA73A37}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3693916616-2222447667-2327344499-1001" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A014E54A-4E51-4B3E-8A23-00A279912E70}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A014E54A-4E51-4B3E-8A23-00A279912E70}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A4187693-3380-4436-B0E6-7D6973C3ABDF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4187693-3380-4436-B0E6-7D6973C3ABDF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B432B2A5-C39E-432C-98DC-EDDEBCB9904D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B432B2A5-C39E-432C-98DC-EDDEBCB9904D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C0AF55D3-7D85-4485-AE27-13039A9549D4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0AF55D3-7D85-4485-AE27-13039A9549D4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C552D958-9536-4759-9EC4-70DC3D56C8E3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C552D958-9536-4759-9EC4-70DC3D56C8E3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBA5C4D2-20EA-4C0F-B6E5-623F7B6E0241}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBA5C4D2-20EA-4C0F-B6E5-623F7B6E0241}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE3E64B4-33C1-4FCE-A653-4BF4768B8A39}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE3E64B4-33C1-4FCE-A653-4BF4768B8A39}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D7AF9FC3-C37F-4ADD-BC6F-988E0D375CB6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7AF9FC3-C37F-4ADD-BC6F-988E0D375CB6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC77A1BC-8B01-4DE5-BE73-37FC16D084BC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC77A1BC-8B01-4DE5-BE73-37FC16D084BC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F04EC4E8-6D93-43C1-A590-E51148E9710F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F04EC4E8-6D93-43C1-A590-E51148E9710F}" => removed successfully
C:\WINDOWS\System32\Tasks\{4404C7AA-AD11-4570-8903-920A37D56080} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4404C7AA-AD11-4570-8903-920A37D56080}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{385853C6-403C-4D04-900B-10A9749AF7BB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{385853C6-403C-4D04-900B-10A9749AF7BB}" => removed successfully
C:\WINDOWS\System32\Tasks\{B2590FEB-4571-4E01-B388-834828AABF86} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B2590FEB-4571-4E01-B388-834828AABF86}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23329890-13A0-4E1F-A90F-DDE5B8C167FF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23329890-13A0-4E1F-A90F-DDE5B8C167FF}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => removed successfully
HKLM\Software\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => removed successfully
"HKU\S-1-5-21-3693916616-2222447667-2327344499-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@EDVR/WebClient => removed successfully
"Chrome HomePage" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome DefaultSuggestURL" => removed successfully
HKLM\System\CurrentControlSet\Services\NEWare_Database_16101 => removed successfully
NEWare_Database_16101 => service removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 41971743 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 35387993 B
Edge => 340054644 B
Chrome => 399974391 B
Firefox => 0 B
Opera => 296 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 47110 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 10554 B
NetworkService => 0 B
Milan => 169790477 B

RecycleBin => 1048791 B
EmptyTemp: => 952.3 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 12:21:47 ====

VIRY.CZ

Havěť z internetu - nefunkční antiviry

Re: Havěť z internetu - nefunkční antiviry

Re: Havěť z internetu - nefunkční antiviry

Re: Havěť z internetu - nefunkční antiviry

Re: Havěť z internetu - nefunkční antiviry

Re: Havěť z internetu - nefunkční antiviry

Re: Havěť z internetu - nefunkční antiviry

Re: Havěť z internetu - nefunkční antiviry

Re: Havěť z internetu - nefunkční antiviry

Re: Havěť z internetu - nefunkční antiviry

Re: Havěť z internetu - nefunkční antiviry

Re: Havěť z internetu - nefunkční antiviry

Re: Havěť z internetu - nefunkční antiviry

Re: Havěť z internetu - nefunkční antiviry

Re: Havěť z internetu - nefunkční antiviry

Re: Havěť z internetu - nefunkční antiviry