prosím o kontrolu logu

[neummi]

Zdravím,

prosím o kontrolu logu. NB patří známé a je velmi pomalý....už je to starší NB, ale doufáme, že mu pročištění ještě prodlouží život

Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-04-2020
Ran by Lenísek (administrator) on LÉŇA (Hewlett-Packard HP 15 Notebook PC) (14-04-2020 08:26:25)
Running from C:\Users\Lenísek\Desktop
Loaded Profiles: Lenísek (Available Profiles: Lenísek)
Platform: Windows 8.1 Connected (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(AVG Technologies CZ, s.r.o. -> ) C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(AVG Technologies CZ, s.r.o. -> ) C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <22>
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Huawei Software Technologies Co., LTD. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\Lenísek\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803440 2013-12-13] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [277664 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2180680 2016-12-09] (AVG Technologies CZ, s.r.o. -> )
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\Run: [BingSvc] => C:\Users\Lenísek\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-20] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91584872 2020-03-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {4030532a-43ad-11e8-8299-3863bb73d1fd} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {4030535b-43ad-11e8-8299-3863bb73d1fd} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {6167da12-29e8-11e7-8286-3863bb73d1fd} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {6167da3d-29e8-11e7-8286-3863bb73d1fd} - "I:\autorun.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {6acb9b20-6a99-11ea-829f-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {6acb9b28-6a99-11ea-829f-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {6acb9b35-6a99-11ea-829f-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {90e03b89-61b0-11e7-8288-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {90e03baa-61b0-11e7-8288-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {92649469-7fbc-11e9-829b-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {92649481-7fbc-11e9-829b-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {ead2ca2c-d604-11e8-829a-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-03] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\80.0.3764.149\Installer\chrmstp.exe [2020-04-02] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0513E762-3736-4397-A599-FFA565E68C70} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {0EB5D07F-F1C5-41B5-866A-C41DC8CC2384} - System32\Tasks\Driver Booster SkipUAC (Lenísek) => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
Task: {1E8857FE-C034-4E4D-A16A-B70FD6B08426} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {2D814D45-BF34-438E-AEFB-19F57E370938} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {48E9B193-02BE-4D1A-9244-B96893D872A9} - System32\Tasks\AVG EUpdate Task => C:\Program Files (x86)\AVG\Setup\avgsetupx.exe [3661072 2016-12-08] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
Task: {532CA859-56E8-4F4E-8373-E2BCDD6F7559} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {5B1B863B-7248-4F1A-88F7-C2CCE9680CA2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd -> Piriform Ltd)
Task: {643B0B65-3B31-4C61-AAC6-158EBF3A4B41} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {643B0B65-3B31-4C61-AAC6-158EBF3A4B41} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [ [ ]]
Task: {6E6A8518-ECCA-43AC-BF35-655E07439738} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542008 2014-01-13] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {72C0BD62-86F0-4852-959F-99C90FE7FFDF} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe
Task: {87329B59-B43D-433D-9510-612180AFAA43} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3894664 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
Task: {8F01AC4F-8514-481F-848F-4EC5225D230D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {9D9ADBD4-6F6A-4925-8F86-C7C44C7393C4} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1875592 2020-03-19] (Avast Software s.r.o. -> AVAST Software)
Task: {A46354AE-7C8D-4E2F-84BA-7C3B7AB7FA84} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [603008 2012-11-29] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {B1D7DFBE-3D97-4ACC-957A-17FDFC3482EB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-20] (Google Inc -> Google Inc.)
Task: {C20E88BC-CE34-461E-AFC6-0B6DA4FA0187} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542008 2014-01-13] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {D84F5074-174E-4E66-A5B5-E219B1A721CB} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1875592 2020-03-19] (Avast Software s.r.o. -> AVAST Software)
Task: {DA21A4A8-3E22-453C-A336-3564B8F93ABD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DFC291C8-1E1F-4505-9BB3-073F2D35B41A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {DFC291C8-1E1F-4505-9BB3-073F2D35B41A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {DFC291C8-1E1F-4505-9BB3-073F2D35B41A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [ [ ]]
Task: {EB24BDEE-BB30-40BB-A111-C96B9C7468E5} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803440 2013-12-13] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {EC06C2DC-715F-4B26-AA40-01967E86DF53} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-03-11] (Adobe Inc. -> Adobe)
Task: {F06A3031-C0AA-4269-9130-276718A53A0B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-20] (Google Inc -> Google Inc.)
Task: {F3DDBC04-A2DB-4003-A16F-BD011DF3E1B1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
Task: {FF0CAF7D-6A88-4F6B-90C9-08AE3A1849E2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll => No File
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{6C735C9F-59AD-464A-97A9-21EB54BB063A}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{78EC33E1-8458-49A4-A189-040BA1FA33FB}: [DhcpNameServer] 192.168.0.253

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> {CA6A283F-71F7-41AB-8E32-9EAD863CA20D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {CA6A283F-71F7-41AB-8E32-9EAD863CA20D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3753394254-3964526071-3340233125-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3753394254-3964526071-3340233125-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3753394254-3964526071-3340233125-1001 -> {2315A815-DAD5-4F80-B2E2-AE1C4C437EE8} URL = hxxp://www.search.ask.com/web?tpid=FF3-C2-G&o= ... psv=&pt=tb
SearchScopes: HKU\S-1-5-21-3753394254-3964526071-3340233125-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=v ... earchTerms}
SearchScopes: HKU\S-1-5-21-3753394254-3964526071-3340233125-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={C04F282B-A0A3-4C7E-B0E0-74F726BE4F1E}&mid=9397a578ce0047cca1dae92afd97380e-429952d646f045e6126b3017acc80522c3dbcebf&lang=cs&ds=AVG&coid=avgtbavg&cmpid=1116avz&pr=fr&d=2016-11-21 20:28:07&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3753394254-3964526071-3340233125-1001 -> {CA6A283F-71F7-41AB-8E32-9EAD863CA20D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2016-12-09] (AVG Technologies CZ, s.r.o. -> AVG)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2016-12-09] (AVG Technologies CZ, s.r.o. -> AVG)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)

FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default [2020-04-14]
CHR Notifications: Default -> hxxps://cz.pinterest.com; hxxps://www.fyzioklinika.cz; hxxps://www.lide.cz
CHR HomePage: Default -> search.ask.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR NewTab: Default -> Not-active:"chrome-extension://blmojkbhnkkphngknkmgccmlenfaelkd/speeddial/html/newTab.html", Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTabSwitcher.html"
CHR DefaultSearchURL: Default -> hxxps://www.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.ask.com
CHR DefaultSuggestURL: Default -> hxxps://lss.sse-iacapps.com/lss/api?token=466638d2-530f-3fe4-a57c-7db505bac25f&hi=0&q={searchTerms}
CHR Extension: (Ask Search) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaapdcjfaomkafnbpoclmfakjianjd [2019-10-15]
CHR Extension: (Prezentace) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Dokumenty) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-20]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-04-08]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2016-02-20]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-10-14]
CHR Extension: (YouTube) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-20]
CHR Extension: (Vyhledávání Google) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-20]
CHR Extension: (Tipli do prohlížeče) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2019-03-18]
CHR Extension: (Tabulky) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-14]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-04-08]
CHR Extension: (Gmail) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-08]
CHR HKLM\...\Chrome\Extension: [aaaaapdcjfaomkafnbpoclmfakjianjd]
CHR HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd]
CHR HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn]
CHR HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
CHR HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
CHR HKLM-x32\...\Chrome\Extension: [aaaaapdcjfaomkafnbpoclmfakjianjd]
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd]
CHR HKLM-x32\...\Chrome\Extension: [dogdoihocdkadpalbghcpfafbojcfofa]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6046624 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-08] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [413472 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-08] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\80.0.3764.149\elevation_service.exe [973760 2020-03-19] (Avast Software s.r.o. -> AVAST Software)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] (Huawei Software Technologies Co., LTD. -> )
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-05-15] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-05-15] (Microsoft Corporation -> Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [980552 2016-12-09] (AVG Technologies CZ, s.r.o. -> )

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37864 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205576 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [271120 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206608 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [64272 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279360 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42976 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175400 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110560 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84056 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848672 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [458584 2020-03-11] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235184 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316256 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
S3 athr; C:\Windows\system32\DRIVERS\athw8x.sys [3680256 2013-06-18] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-10-12] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-10-12] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation) [File not signed]
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-02-14] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-01-23] (Intel(R) Software -> Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29936 2013-12-13] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-12-13] (Synaptics Incorporated -> Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-05-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-05-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-05-15] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-24] (Hewlett-Packard Company -> HP)
R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-24] (Hewlett-Packard Company -> HP)
S3 clwvd; \SystemRoot\system32\DRIVERS\clwvd.sys [X]
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
U3 McAPExe; no ImagePath
U3 McMPFSvc; no ImagePath
U3 McNaiAnn; no ImagePath
U3 mfecore; no ImagePath
U3 MSK80Service; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-14 08:26 - 2020-04-14 08:28 - 000031510 _____ C:\Users\Lenísek\Desktop\FRST.txt
2020-04-14 08:25 - 2020-04-14 08:27 - 000000000 ____D C:\FRST
2020-04-14 08:23 - 2020-04-14 08:24 - 002281984 _____ (Farbar) C:\Users\Lenísek\Desktop\FRST64.exe
2020-04-13 14:01 - 2020-04-13 14:20 - 000000000 ____D C:\Users\Lenísek\Desktop\Fotky_kniha tisk
2020-04-09 18:42 - 2020-04-09 18:42 - 000307461 _____ C:\Users\Lenísek\Downloads\MS SVP 2017-2018 2.pdf
2020-04-09 08:59 - 2020-04-09 08:59 - 001656678 _____ C:\Users\Lenísek\Downloads\video-1586414345.mp4
2020-04-09 08:56 - 2020-04-09 08:56 - 001656678 _____ C:\Users\Lenísek\Downloads\video-1586414764.mp4
2020-04-08 13:32 - 2020-04-08 13:32 - 000001341 _____ C:\Users\Public\Desktop\Skype.lnk
2020-04-08 13:32 - 2020-04-08 13:32 - 000001341 _____ C:\ProgramData\Desktop\Skype.lnk
2020-04-08 13:32 - 2020-04-08 13:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-04-08 13:30 - 2020-04-08 13:31 - 070011112 _____ (Skype Technologies S.A.) C:\Users\Lenísek\Downloads\Skype-8.58.0.93.exe
2020-04-03 21:21 - 2020-04-03 21:21 - 001612605 _____ C:\Users\Lenísek\Downloads\STRUNNÉ NÁSTROJE KVII.pptx
2020-04-03 21:12 - 2020-04-03 21:12 - 002437580 _____ C:\Users\Lenísek\Downloads\HUDEBNÍ NÁSTROJE KVI.pptx
2020-04-03 18:10 - 2020-04-03 18:11 - 000955309 _____ C:\Users\Lenísek\Downloads\Rámcový vzdělávací program pro předškolní vzdělávání 2016 (8).pdf
2020-04-03 17:22 - 2020-04-03 17:22 - 000123015 _____ C:\Users\Lenísek\Downloads\DPPR_2009_1_11410_OSZD001_75230_0_79478.pdf
2020-04-03 13:08 - 2020-04-03 13:08 - 003777764 _____ C:\Users\Lenísek\Downloads\DPTX_2009_1_11410_OSZD001_75230_0_79478 (3).pdf
2020-04-03 12:59 - 2020-04-03 12:59 - 000689395 _____ C:\Users\Lenísek\Downloads\hra_a_jeji_edukacni_vyuziti (7).pdf
2020-04-02 18:27 - 2020-04-02 18:27 - 000281155 _____ C:\Users\Lenísek\Downloads\zaverecna_prace.pdf
2020-04-02 18:23 - 2020-04-02 18:23 - 004387439 _____ C:\Users\Lenísek\Downloads\BPTX_2007_2_11410_OSZD001_87018_0_59427.pdf
2020-04-02 13:44 - 2020-04-02 13:44 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-04-02 13:44 - 2020-04-02 13:44 - 000003150 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-04-02 13:42 - 2020-04-02 13:42 - 003540600 _____ C:\Users\Lenísek\Downloads\KMTV9 Sborník činností a her s míčem - MŠ 3r kf.pdf
2020-04-02 13:35 - 2020-04-02 13:38 - 211410728 _____ (Google, Inc.) C:\Users\Lenísek\Downloads\GoogleDriveFSSetup.exe
2020-04-01 13:23 - 2020-04-01 13:23 - 000000000 ____D C:\Users\Lenísek\Desktop\STÁTNICOVÉ OTÁZKY
2020-03-31 20:58 - 2020-03-31 20:59 - 013455522 _____ C:\Users\Lenísek\Downloads\SKMBT_C22020031713450.pdf
2020-03-31 09:37 - 2020-03-31 09:37 - 000095433 _____ C:\Users\Lenísek\Downloads\KMTV8-jóga Rulíková.pdf
2020-03-30 18:31 - 2020-03-30 18:31 - 000236932 _____ C:\Users\Lenísek\Downloads\KMTV9a-Rulíková.pdf
2020-03-30 18:31 - 2020-03-30 18:31 - 000198040 _____ C:\Users\Lenísek\Downloads\KMTV9g-Rulíková.pdf
2020-03-30 17:30 - 2020-03-30 17:30 - 011159693 _____ C:\Users\Lenísek\Downloads\3a-{kz}_CVICENI_Hajek_CZ_Pohadkova_joga.pdf
2020-03-30 10:04 - 2020-03-30 10:04 - 000109947 _____ C:\Users\Lenísek\Downloads\EPD_1920_Králová (1).xlsx
2020-03-30 10:00 - 2020-03-30 10:03 - 000109947 _____ C:\Users\Lenísek\Downloads\EPD_1920_Králová.xlsx
2020-03-30 09:59 - 2020-03-30 09:59 - 000112543 _____ C:\Users\Lenísek\Downloads\EPD_1920_Pavelkova.xlsx
2020-03-27 14:49 - 2020-03-27 14:49 - 026988574 _____ C:\Users\Lenísek\Downloads\diplomova_prace_belohoubkova.pdf
2020-03-26 15:48 - 2020-03-31 09:35 - 000000000 ___DO C:\Users\Lenísek\OneDrive
2020-03-25 20:46 - 2020-04-11 07:24 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-03-25 20:45 - 2020-03-08 19:02 - 000368056 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-03-25 16:21 - 2020-03-25 16:23 - 020213461 _____ C:\Users\Lenísek\Downloads\DPTX_2005_2_11410_OSZD001_69114_0_20877.pdf
2020-03-24 10:44 - 2020-03-24 10:45 - 000991318 _____ C:\Users\Lenísek\Downloads\psychiatrie.zip
2020-03-18 13:33 - 2020-04-09 08:57 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-03-18 13:32 - 2020-03-18 13:32 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-18 12:47 - 2020-03-18 12:47 - 000533504 _____ C:\Users\Lenísek\Downloads\stupne podpory SP-TUL.ppt
2020-03-16 18:46 - 2020-03-16 18:46 - 000264539 _____ C:\Users\Lenísek\Downloads\Pedag_2001_4_02_Dětská_433_438.pdf
2020-03-15 09:28 - 2020-03-15 09:54 - 000013847 _____ C:\Users\Lenísek\Desktop\SEVT březen.xlsx
2020-03-15 09:22 - 2020-03-15 09:22 - 000010862 _____ C:\Users\Lenísek\Downloads\formulář SEVT (1).xlsx
2020-03-15 09:13 - 2020-03-15 09:13 - 000769245 _____ C:\Users\Lenísek\Downloads\Přehled_změn_OB_KB_PB.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-14 07:35 - 2016-02-20 08:56 - 000003962 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{BFE3C6DF-0EE2-4ADA-961F-159243382B2F}
2020-04-13 18:44 - 2018-09-30 21:33 - 000000000 ____D C:\Users\Lenísek\AppData\Local\CrashDumps
2020-04-13 12:41 - 2016-09-20 21:40 - 000003600 _____ C:\Windows\system32\Tasks\AVG EUpdate Task
2020-04-09 09:11 - 2014-04-26 15:47 - 000768392 _____ C:\Windows\system32\perfh005.dat
2020-04-09 09:11 - 2014-04-26 15:47 - 000166490 _____ C:\Windows\system32\perfc005.dat
2020-04-09 09:11 - 2014-03-18 11:53 - 001883104 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-09 09:11 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2020-04-09 08:57 - 2018-09-10 17:42 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-04-09 08:57 - 2018-03-09 20:43 - 000004536 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-04-09 08:57 - 2018-03-09 20:43 - 000004408 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-04-09 08:57 - 2018-02-18 13:45 - 000002882 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (Lenísek)
2020-04-09 08:57 - 2016-02-20 07:42 - 000002786 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-04-09 08:57 - 2016-02-20 07:34 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-04-09 08:57 - 2016-02-20 07:34 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-04-09 08:57 - 2016-02-20 07:33 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-04-09 08:57 - 2014-10-09 07:34 - 000002990 _____ C:\Windows\system32\Tasks\Synaptics TouchPad Enhancements
2020-04-09 08:52 - 2016-02-20 11:35 - 000000000 ____D C:\Users\Lenísek\AppData\Roaming\MPC-HC
2020-04-08 14:04 - 2016-02-20 07:11 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3753394254-3964526071-3340233125-1001
2020-04-08 13:32 - 2017-03-15 20:31 - 000000000 ___RD C:\Program Files (x86)\Skype
2020-04-08 13:32 - 2016-02-20 17:26 - 000000000 ____D C:\ProgramData\Skype
2020-04-06 16:54 - 2019-09-20 09:25 - 000000000 ____D C:\Users\Lenísek\Desktop\Bakalářská práce
2020-04-03 17:48 - 2016-02-20 07:35 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-02 13:44 - 2018-04-08 10:52 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-03-26 17:02 - 2016-02-20 07:06 - 000000000 ____D C:\Users\Lenísek\AppData\Local\Packages
2020-03-26 16:57 - 2018-02-18 16:40 - 000000000 ____D C:\Users\Lenísek\AppData\Local\AVAST Software
2020-03-26 16:28 - 2017-02-03 22:45 - 000002026 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-03-26 16:28 - 2017-02-03 22:45 - 000002026 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-03-26 16:28 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-26 16:26 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-03-26 15:48 - 2016-02-20 07:06 - 000000000 ____D C:\Users\Lenísek
2020-03-26 15:07 - 2016-02-20 07:29 - 000000000 ____D C:\ProgramData\AVAST Software
2020-03-24 10:30 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\NDF

==================== Files in the root of some directories ========

2017-02-03 21:29 - 2017-02-03 21:29 - 000000017 _____ () C:\Users\Lenísek\AppData\Local\resmon.resmoncfg
2016-07-11 15:46 - 2016-07-11 15:46 - 000000000 _____ () C:\Users\Lenísek\AppData\Local\{9D7290E5-5812-4BDE-B244-BEFE128B4335}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-04-13 08:20
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2020
Ran by Lenísek (14-04-2020 08:30:06)
Running from C:\Users\Lenísek\Desktop
Windows 8.1 Connected (Update) (X64) (2016-02-20 05:06:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3753394254-3964526071-3340233125-500 - Administrator - Disabled)
Guest (S-1-5-21-3753394254-3964526071-3340233125-501 - Limited - Disabled)
Lenísek (S-1-5-21-3753394254-3964526071-3340233125-1001 - Administrator - Enabled) => C:\Users\Lenísek

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\uTorrent) (Version: 3.4.6.42094 - BitTorrent Inc.)
7-Zip 18.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1801-000001000000}) (Version: 18.01.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.344 - Adobe)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.1.2397 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 80.0.3764.149 - Autoři prohlížeče Avast Secure Browser)
AVG (HKLM\...\AvgZen) (Version: 1.116.3.1052 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.6.255 - AVG Technologies)
AVG Zen (HKLM\...\{219E7C4A-0902-4CD4-82B8-EF908BF3198E}) (Version: 1.116.2 - AVG Technologies) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3303 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
FMW 1 (HKLM\...\{DC2A8E3D-D5E1-4837-A2E0-C308100AC412}) (Version: 1.143.3 - AVG Technologies) Hidden
FormatFactory 3.7.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.7.0.0 - Format Factory)
Fotogaléria (HKLM-x32\...\{08466673-3905-4437-93E8-34A221B7CA4E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Documentation (HKLM-x32\...\{F29E3AA8-CF19-4452-92B7-F1FE31CD11C5}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7372.4698 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{891A1782-8B20-4403-8383-458962525926}) (Version: 2.3.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
K-Lite Codec Pack 11.5.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.5.0 - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{379A0618-EF50-423C-9637-EEB2D25A4BB4}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{CFBFE244-6269-41DC-85B6-86F99C88ED02}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MyStart Toolbar (HKLM-x32\...\mystarttb) (Version: 5.6.0.6 - Visicom Media Inc.)
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
PlayDance verze 1.0.980 (HKLM-x32\...\{EC8642E4-7CE3-4379-9114-6E34DEF98D58}_is1) (Version: 1.0.980 - VISO SPORT s.r.o.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.24.1218.2013 - Realtek)
Skype verze 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
StepMania 3.9 (remove only) (HKLM-x32\...\StepMania) (Version: - )
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
vanBasco's Karaoke Player (HKLM-x32\...\VMidi) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Your Software Deals 1.0.0 (HKLM-x32\...\Your Software Deals_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG) <==== ATTENTION

Packages:
=========
Box for Windows 8 -> C:\Program Files\WindowsApps\134D4F5B.Box_2.1.4.4_neutral__2qk4zy5s3qmee [2016-02-20] (Box, Inc.)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2016-02-20] (Hewlett-Packard Company)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-10-09] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2016-02-20] (Microsoft Corporation) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2016-02-20] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-28] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2016-02-20] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-25] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-29] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2016-02-20] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-28] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2016-02-20] (Skype) [MS Ad]
The Weather Channel for HP -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforHP_2.1.20.0_x64__t3yemqpq4kp7p [2016-02-20] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_1.18.3.0_x64__8wekyb3d8bbwe [2017-04-10] (Microsoft Corporation)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2016-02-20] (Microsoft Corporation) [MS Ad]
YouCam for HP -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.YouCamforHP_1.0.2.29632_x86__06qsbagp91rvg [2016-02-20] (CYBERLINKCOM CORP)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3753394254-3964526071-3340233125-1001_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-08] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2014-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=13472&utm_medium=desktop&x-pos=Metro

==================== Loaded Modules (Whitelisted) =============

2016-12-08 20:00 - 2016-12-08 19:59 - 048920064 _____ () [File not signed] C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2020-04-08 13:32 - 2020-03-12 21:49 - 001899520 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2020-04-08 13:32 - 2020-03-12 21:49 - 000115712 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2020-04-08 13:32 - 2020-03-12 21:49 - 006668800 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2018-01-28 21:00 - 2018-01-28 21:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2014-10-09 07:43 - 2014-10-09 07:43 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2019-01-05 19:58 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C1041840-BC9B-490A-9AEC-BC364F6B61A7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{50BAC705-4DDC-4E09-AB98-337881F214E9}] => (Allow) LPort=2869
FirewallRules: [{48B3F4CC-CFBB-4C49-9AFD-BD35CCC02F06}] => (Allow) LPort=1900
FirewallRules: [{888FE608-493A-4376-8F7A-CFF7ADD78E05}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe (Meridian Audio Ltd -> Meridian Audio Ltd)
FirewallRules: [{70D0CBED-23EF-4B29-BB1C-08AA0AA47E01}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe (Meridian Audio Ltd -> Meridian Audio Ltd)
FirewallRules: [{E2955C3D-D1A3-4D33-ADAA-3A3B51B904CF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FAF723D3-5018-46D1-A10F-7446DD62E9D1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{953F9908-81FE-4D33-9B46-20D87CFBBE79}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [UDP Query User{B04F896D-028F-49FF-883A-8B31827D331A}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [TCP Query User{BB91ED26-D310-4A6E-853F-0936B885B152}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [TCP Query User{14559F0F-5C37-4783-A2CF-BF013BA36BD6}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Block) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe (chen jun hao -> Picosmos) [File not signed]
FirewallRules: [UDP Query User{B864B118-9A49-4843-80AD-5374EC960020}C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe] => (Block) C:\program files (x86)\formatfactory\ffmodules\package\pfinstonline.exe (chen jun hao -> Picosmos) [File not signed]
FirewallRules: [{19DD0605-D673-49D1-8F42-BC363197AA0F}] => (Allow) C:\Users\Lenísek\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7E135226-702C-4D61-B36F-ACB3310B226E}] => (Allow) C:\Users\Lenísek\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4587CCE1-E5AB-4087-9719-DF25AB80BE22}] => (Allow) C:\Users\Lenísek\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{3D57B226-80A5-4CA8-A9A1-2D340A9E2B7F}] => (Allow) C:\Users\Lenísek\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4F51CAC2-494A-46AE-97F3-28357688A370}] => (Allow) C:\Users\Lenísek\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{15DF0409-B45A-4C5A-89B4-1F0076084A6F}] => (Allow) C:\Users\Lenísek\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{AC3287FC-5005-47E0-8792-79A476CE1160}C:\program files (x86)\formatfactory\formatfactory.exe] => (Block) C:\program files (x86)\formatfactory\formatfactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [UDP Query User{0B0C295D-83A9-4653-82DA-4C71474EA15C}C:\program files (x86)\formatfactory\formatfactory.exe] => (Block) C:\program files (x86)\formatfactory\formatfactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{51D40312-2A0D-4607-9699-399EDF93E05F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{77D16057-E909-4D3B-8C11-76A8BC49771A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{5C7C8E6E-7D62-4B5F-9DDE-3C657A795FE8}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3335DCBE-E3A7-4C1C-9477-1F4DA3C54A0D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{75DA7E01-648B-463C-81C9-3950151B0341}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BD951CEA-C256-4D30-9FEF-8A221FEDF677}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

24-03-2020 13:00:11 Naplánovaný kontrolní bod
02-04-2020 16:07:00 Naplánovaný kontrolní bod
09-04-2020 18:03:10 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (04/14/2020 07:56:15 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (04/14/2020 07:44:44 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (04/14/2020 07:32:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1187

Error: (04/14/2020 07:32:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1187

Error: (04/13/2020 08:15:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/13/2020 07:56:18 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (04/13/2020 07:33:22 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (04/13/2020 06:44:59 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.


System errors:
=============
Error: (04/11/2020 07:19:48 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : Integrovaný řadič neodpověděl během zadaného časového limitu. Může to znamenat chybu hardwaru nebo firmwaru integrovaného řadiče nebo že systém BIOS přistupuje k integrovanému řadiči nesprávně. Měli byste zjistit, zda výrobce počítače nemá k dispozici upgrade systému BIOS. V některých situacích může tato chyba způsobit, že počítač nebude pracovat správně.

Error: (04/10/2020 04:30:29 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby BFE bylo dosaženo časového limitu (30000 ms).

Error: (03/31/2020 09:31:15 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : Integrovaný řadič neodpověděl během zadaného časového limitu. Může to znamenat chybu hardwaru nebo firmwaru integrovaného řadiče nebo že systém BIOS přistupuje k integrovanému řadiči nesprávně. Měli byste zjistit, zda výrobce počítače nemá k dispozici upgrade systému BIOS. V některých situacích může tato chyba způsobit, že počítač nebude pracovat správně.

Error: (03/26/2020 04:28:21 PM) (Source: APPHOSTSVC) (EventID: 9010) (User: )
Description: Při pokusu o přístup ke kořenovému adresáři historie C:\inetpub\history zjistila pomocná služba hostitele aplikace chybu. Adresář buď neexistuje, nebo jeho oprávnění nepovolují přístup službě historie. Funkce historie konfigurací je prozatím zakázána a bude povolena po vyřešení problému. Chcete-li tento problém vyřešit, zkontrolujte, zda adresář existuje a zda k němu má skupina Administrators přístup pro čtení a zápis. Datové pole obsahuje číslo chyby.

Error: (03/25/2020 08:03:16 PM) (Source: DCOM) (EventID: 10010) (User: LÉŇA)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/25/2020 05:12:15 PM) (Source: DCOM) (EventID: 10010) (User: LÉŇA)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/25/2020 05:11:45 PM) (Source: DCOM) (EventID: 10010) (User: LÉŇA)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/24/2020 02:46:57 PM) (Source: DCOM) (EventID: 10010) (User: LÉŇA)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2016-02-20 06:34:37.174
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2014-04-26 07:21:11.143
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

Date: 2014-04-26 06:37:55.216
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

Date: 2014-04-26 06:34:15.708
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

Date: 2014-04-26 06:23:44.279
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

CodeIntegrity:
===================================

Date: 2020-03-26 15:28:06.034
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\iaiogpioe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-03-26 15:28:04.784
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\iaiogpioe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-12-29 11:09:42.649
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\iaiogpioe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-12-29 11:09:41.587
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\iaiogpioe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-02 20:35:50.426
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\iaiogpioe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-02 20:35:49.223
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\iaiogpioe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-25 20:28:07.488
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\iaiogpioe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-10-25 20:28:06.300
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\iaiogpioe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Insyde F.23 09/19/2014
Motherboard: Hewlett-Packard 2213
Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 68%
Total physical RAM: 3984.27 MB
Available physical RAM: 1252.82 MB
Total Virtual: 6510.29 MB
Available Virtual: 2668.2 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:226.36 GB) (Free:168.7 GB) NTFS
Drive d: (Data, fotky a filmy) (Fixed) (Total:221.26 GB) (Free:101.09 GB) NTFS
Drive e: (RECOVERY) (Fixed) (Total:17.12 GB) (Free:1.66 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{c0c2f126-aa24-45da-a1a7-a52477b24d64}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.34 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6DA15431)

Partition: GPT.

==================== End of Addition.txt =======================

[JaRon]

ahoj,
1. pozri aka je velkost adresara plocha - ak je viac ako 1GB - vycisti
2. vycisti PC s ADWCleanerom - su tam nejake blchy

[neummi]

Plocha pročištěna...sám jsem nemohl uvěřit kolik tam toho měla

Zkontrolováno AdwCleanerem a výsledek přikládám....ještě nějaké další čistící kroky?

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-14-2020
# Duration: 00:00:17
# OS: Windows 8.1 Connected
# Cleaned: 57
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted C:\Program Files (x86)\STEEL CUT
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\ProgramData\AVG Security Toolbar
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\ProgramData\apn
Deleted C:\Users\Lenísek\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\Lenísek\AppData\LocalLow\mystarttb
Deleted C:\Users\Lenísek\AppData\Local\avg web tuneup
Deleted C:\Users\Lenísek\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\Lenísek\AppData\Roaming\Seznam.cz
Deleted C:\Users\Lenísek\AppData\Roaming\Systweak
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\mystarttb
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

Deleted C:\Windows\System32\roboot64.exe

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Advanced SystemCare 10
Deleted HKCU\Software\Reg\Clean
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\systweak
Deleted HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\Software\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Deleted HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{607B689F-7600-45E4-B8E5-887F72DAB15C}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted HKLM\Software\Wow6432Node\Reg\Clean
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{607B689F-7600-45E4-B8E5-887F72DAB15C}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\mystarttb
Deleted HKLM\Software\Wow6432Node\mystarttb
Deleted HKLM\Software\Wow6432Node\systweak

***** [ Chromium (and derivatives) ] *****

Deleted MSN Homepage & Bing Search Engine - fcfenmboojpjinhpgggodefccipikbpd
Deleted Search Extension by Ask - aaaaapdcjfaomkafnbpoclmfakjianjd
Deleted Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
Deleted Seznam doplněk - Esko - olfeabkoenfaoljndfecamgilllcpiak
Deleted Video AdBlock for Chrome - bknbnapaddjdnbilpmlacdkjdkjmbjhd
Deleted Video AdBlock for Chrome - bknbnapaddjdnbilpmlacdkjdkjmbjhd

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [9575 octets] - [14/04/2020 10:06:08]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[JaRon]

vloz aktualny log FRST - docistime

[neummi]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-04-2020
Ran by Lenísek (administrator) on LÉŇA (Hewlett-Packard HP 15 Notebook PC) (14-04-2020 10:27:29)
Running from C:\Users\Lenísek\Desktop
Loaded Profiles: Lenísek (Available Profiles: Lenísek)
Platform: Windows 8.1 Connected (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Huawei Software Technologies Co., LTD. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\Lenísek\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803440 2013-12-13] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [277664 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\Run: [BingSvc] => C:\Users\Lenísek\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-20] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91585088 2020-03-31] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {4030532a-43ad-11e8-8299-3863bb73d1fd} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {4030535b-43ad-11e8-8299-3863bb73d1fd} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {6167da12-29e8-11e7-8286-3863bb73d1fd} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {6167da3d-29e8-11e7-8286-3863bb73d1fd} - "I:\autorun.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {6acb9b20-6a99-11ea-829f-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {6acb9b28-6a99-11ea-829f-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {6acb9b35-6a99-11ea-829f-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {90e03b89-61b0-11e7-8288-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {90e03baa-61b0-11e7-8288-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {92649469-7fbc-11e9-829b-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {92649481-7fbc-11e9-829b-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {ead2ca2c-d604-11e8-829a-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-03] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\80.0.3764.149\Installer\chrmstp.exe [2020-04-02] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0513E762-3736-4397-A599-FFA565E68C70} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {0EB5D07F-F1C5-41B5-866A-C41DC8CC2384} - System32\Tasks\Driver Booster SkipUAC (Lenísek) => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
Task: {1E8857FE-C034-4E4D-A16A-B70FD6B08426} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {2D814D45-BF34-438E-AEFB-19F57E370938} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {532CA859-56E8-4F4E-8373-E2BCDD6F7559} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {5B1B863B-7248-4F1A-88F7-C2CCE9680CA2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd -> Piriform Ltd)
Task: {643B0B65-3B31-4C61-AAC6-158EBF3A4B41} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {643B0B65-3B31-4C61-AAC6-158EBF3A4B41} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [ [ ]]
Task: {6E6A8518-ECCA-43AC-BF35-655E07439738} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542008 2014-01-13] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {72C0BD62-86F0-4852-959F-99C90FE7FFDF} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe
Task: {87329B59-B43D-433D-9510-612180AFAA43} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3894664 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
Task: {8F01AC4F-8514-481F-848F-4EC5225D230D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {9D9ADBD4-6F6A-4925-8F86-C7C44C7393C4} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1875592 2020-03-19] (Avast Software s.r.o. -> AVAST Software)
Task: {A46354AE-7C8D-4E2F-84BA-7C3B7AB7FA84} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [603008 2012-11-29] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {B1D7DFBE-3D97-4ACC-957A-17FDFC3482EB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-20] (Google Inc -> Google Inc.)
Task: {C20E88BC-CE34-461E-AFC6-0B6DA4FA0187} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542008 2014-01-13] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {D84F5074-174E-4E66-A5B5-E219B1A721CB} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1875592 2020-03-19] (Avast Software s.r.o. -> AVAST Software)
Task: {DA21A4A8-3E22-453C-A336-3564B8F93ABD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DFC291C8-1E1F-4505-9BB3-073F2D35B41A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {DFC291C8-1E1F-4505-9BB3-073F2D35B41A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {DFC291C8-1E1F-4505-9BB3-073F2D35B41A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [ [ ]]
Task: {EB24BDEE-BB30-40BB-A111-C96B9C7468E5} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803440 2013-12-13] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {EC06C2DC-715F-4B26-AA40-01967E86DF53} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-03-11] (Adobe Inc. -> Adobe)
Task: {F06A3031-C0AA-4269-9130-276718A53A0B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-20] (Google Inc -> Google Inc.)
Task: {F3DDBC04-A2DB-4003-A16F-BD011DF3E1B1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
Task: {FF0CAF7D-6A88-4F6B-90C9-08AE3A1849E2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll => No File
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{6C735C9F-59AD-464A-97A9-21EB54BB063A}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{78EC33E1-8458-49A4-A189-040BA1FA33FB}: [DhcpNameServer] 192.168.0.253

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> {CA6A283F-71F7-41AB-8E32-9EAD863CA20D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {CA6A283F-71F7-41AB-8E32-9EAD863CA20D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3753394254-3964526071-3340233125-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3753394254-3964526071-3340233125-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3753394254-3964526071-3340233125-1001 -> {2315A815-DAD5-4F80-B2E2-AE1C4C437EE8} URL = hxxp://www.search.ask.com/web?tpid=FF3-C2-G&o= ... psv=&pt=tb
SearchScopes: HKU\S-1-5-21-3753394254-3964526071-3340233125-1001 -> {CA6A283F-71F7-41AB-8E32-9EAD863CA20D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)

FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default [2020-04-14]
CHR Notifications: Default -> hxxps://cz.pinterest.com; hxxps://www.fyzioklinika.cz; hxxps://www.lide.cz
CHR HomePage: Default -> search.ask.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR NewTab: Default -> Not-active:"chrome-extension://blmojkbhnkkphngknkmgccmlenfaelkd/speeddial/html/newTab.html"
CHR DefaultSearchURL: Default -> hxxps://www.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.ask.com
CHR DefaultSuggestURL: Default -> hxxps://lss.sse-iacapps.com/lss/api?token=466638d2-530f-3fe4-a57c-7db505bac25f&hi=0&q={searchTerms}
CHR Extension: (Prezentace) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Dokumenty) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-20]
CHR Extension: (No Name) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-04-08]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-10-14]
CHR Extension: (YouTube) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-20]
CHR Extension: (Vyhledávání Google) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-20]
CHR Extension: (Tipli do prohlížeče) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2019-03-18]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2020-04-14]
CHR Extension: (Tabulky) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-14]
CHR Extension: (Gmail) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Lenísek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-08]
CHR HKLM\...\Chrome\Extension: [aaaaapdcjfaomkafnbpoclmfakjianjd]
CHR HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd]
CHR HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
CHR HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
CHR HKLM-x32\...\Chrome\Extension: [aaaaapdcjfaomkafnbpoclmfakjianjd]
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd]
CHR HKLM-x32\...\Chrome\Extension: [dogdoihocdkadpalbghcpfafbojcfofa]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6046624 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-08] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [413472 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-08] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\80.0.3764.149\elevation_service.exe [973760 2020-03-19] (Avast Software s.r.o. -> AVAST Software)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] (Huawei Software Technologies Co., LTD. -> )
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-05-15] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-05-15] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37864 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205576 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [271120 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206608 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [64272 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279360 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42976 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175400 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110560 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84056 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848672 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [458584 2020-03-11] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235184 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316256 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
S3 athr; C:\Windows\system32\DRIVERS\athw8x.sys [3680256 2013-06-18] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-10-12] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-10-12] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation) [File not signed]
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-02-14] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-01-23] (Intel(R) Software -> Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29936 2013-12-13] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-12-13] (Synaptics Incorporated -> Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-05-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-05-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-05-15] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-24] (Hewlett-Packard Company -> HP)
R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-24] (Hewlett-Packard Company -> HP)
S3 clwvd; \SystemRoot\system32\DRIVERS\clwvd.sys [X]
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
U3 McAPExe; no ImagePath
U3 McMPFSvc; no ImagePath
U3 McNaiAnn; no ImagePath
U3 mfecore; no ImagePath
U3 MSK80Service; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-14 10:27 - 2020-04-14 10:28 - 000027687 _____ C:\Users\Lenísek\Desktop\FRST.txt
2020-04-14 10:05 - 2020-04-14 10:07 - 000000000 ____D C:\AdwCleaner
2020-04-14 10:04 - 2020-04-14 10:04 - 008196784 _____ (Malwarebytes) C:\Users\Lenísek\Desktop\adwcleaner_8.0.4.exe
2020-04-14 08:25 - 2020-04-14 10:28 - 000000000 ____D C:\FRST
2020-04-14 08:23 - 2020-04-14 08:24 - 002281984 _____ (Farbar) C:\Users\Lenísek\Desktop\FRST64.exe
2020-04-09 18:42 - 2020-04-09 18:42 - 000307461 _____ C:\Users\Lenísek\Downloads\MS SVP 2017-2018 2.pdf
2020-04-09 08:59 - 2020-04-09 08:59 - 001656678 _____ C:\Users\Lenísek\Downloads\video-1586414345.mp4
2020-04-09 08:56 - 2020-04-09 08:56 - 001656678 _____ C:\Users\Lenísek\Downloads\video-1586414764.mp4
2020-04-08 13:32 - 2020-04-14 10:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-04-08 13:32 - 2020-04-08 13:32 - 000001341 _____ C:\Users\Public\Desktop\Skype.lnk
2020-04-08 13:32 - 2020-04-08 13:32 - 000001341 _____ C:\ProgramData\Desktop\Skype.lnk
2020-04-08 13:30 - 2020-04-08 13:31 - 070011112 _____ (Skype Technologies S.A.) C:\Users\Lenísek\Downloads\Skype-8.58.0.93.exe
2020-04-03 21:21 - 2020-04-03 21:21 - 001612605 _____ C:\Users\Lenísek\Downloads\STRUNNÉ NÁSTROJE KVII.pptx
2020-04-03 21:12 - 2020-04-03 21:12 - 002437580 _____ C:\Users\Lenísek\Downloads\HUDEBNÍ NÁSTROJE KVI.pptx
2020-04-03 18:10 - 2020-04-03 18:11 - 000955309 _____ C:\Users\Lenísek\Downloads\Rámcový vzdělávací program pro předškolní vzdělávání 2016 (8).pdf
2020-04-03 17:22 - 2020-04-03 17:22 - 000123015 _____ C:\Users\Lenísek\Downloads\DPPR_2009_1_11410_OSZD001_75230_0_79478.pdf
2020-04-03 13:08 - 2020-04-03 13:08 - 003777764 _____ C:\Users\Lenísek\Downloads\DPTX_2009_1_11410_OSZD001_75230_0_79478 (3).pdf
2020-04-03 12:59 - 2020-04-03 12:59 - 000689395 _____ C:\Users\Lenísek\Downloads\hra_a_jeji_edukacni_vyuziti (7).pdf
2020-04-02 18:27 - 2020-04-02 18:27 - 000281155 _____ C:\Users\Lenísek\Downloads\zaverecna_prace.pdf
2020-04-02 18:23 - 2020-04-02 18:23 - 004387439 _____ C:\Users\Lenísek\Downloads\BPTX_2007_2_11410_OSZD001_87018_0_59427.pdf
2020-04-02 13:44 - 2020-04-02 13:44 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-04-02 13:44 - 2020-04-02 13:44 - 000003150 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-04-02 13:42 - 2020-04-02 13:42 - 003540600 _____ C:\Users\Lenísek\Downloads\KMTV9 Sborník činností a her s míčem - MŠ 3r kf.pdf
2020-04-02 13:35 - 2020-04-02 13:38 - 211410728 _____ (Google, Inc.) C:\Users\Lenísek\Downloads\GoogleDriveFSSetup.exe
2020-03-31 20:58 - 2020-03-31 20:59 - 013455522 _____ C:\Users\Lenísek\Downloads\SKMBT_C22020031713450.pdf
2020-03-31 09:37 - 2020-03-31 09:37 - 000095433 _____ C:\Users\Lenísek\Downloads\KMTV8-jóga Rulíková.pdf
2020-03-30 18:31 - 2020-03-30 18:31 - 000236932 _____ C:\Users\Lenísek\Downloads\KMTV9a-Rulíková.pdf
2020-03-30 18:31 - 2020-03-30 18:31 - 000198040 _____ C:\Users\Lenísek\Downloads\KMTV9g-Rulíková.pdf
2020-03-30 17:30 - 2020-03-30 17:30 - 011159693 _____ C:\Users\Lenísek\Downloads\3a-{kz}_CVICENI_Hajek_CZ_Pohadkova_joga.pdf
2020-03-30 10:04 - 2020-03-30 10:04 - 000109947 _____ C:\Users\Lenísek\Downloads\EPD_1920_Králová (1).xlsx
2020-03-30 10:00 - 2020-03-30 10:03 - 000109947 _____ C:\Users\Lenísek\Downloads\EPD_1920_Králová.xlsx
2020-03-30 09:59 - 2020-03-30 09:59 - 000112543 _____ C:\Users\Lenísek\Downloads\EPD_1920_Pavelkova.xlsx
2020-03-27 14:49 - 2020-03-27 14:49 - 026988574 _____ C:\Users\Lenísek\Downloads\diplomova_prace_belohoubkova.pdf
2020-03-26 15:48 - 2020-04-14 10:13 - 000000000 ___DO C:\Users\Lenísek\OneDrive
2020-03-25 20:46 - 2020-04-11 07:24 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-03-25 20:45 - 2020-03-08 19:02 - 000368056 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-03-25 16:21 - 2020-03-25 16:23 - 020213461 _____ C:\Users\Lenísek\Downloads\DPTX_2005_2_11410_OSZD001_69114_0_20877.pdf
2020-03-24 10:44 - 2020-03-24 10:45 - 000991318 _____ C:\Users\Lenísek\Downloads\psychiatrie.zip
2020-03-18 13:33 - 2020-04-09 08:57 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-03-18 13:32 - 2020-03-18 13:32 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-18 12:47 - 2020-03-18 12:47 - 000533504 _____ C:\Users\Lenísek\Downloads\stupne podpory SP-TUL.ppt
2020-03-16 18:46 - 2020-03-16 18:46 - 000264539 _____ C:\Users\Lenísek\Downloads\Pedag_2001_4_02_Dětská_433_438.pdf
2020-03-15 09:28 - 2020-03-15 09:54 - 000013847 _____ C:\Users\Lenísek\Desktop\SEVT březen.xlsx
2020-03-15 09:22 - 2020-03-15 09:22 - 000010862 _____ C:\Users\Lenísek\Downloads\formulář SEVT (1).xlsx
2020-03-15 09:13 - 2020-03-15 09:13 - 000769245 _____ C:\Users\Lenísek\Downloads\Přehled_změn_OB_KB_PB.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-14 10:26 - 2016-02-20 07:11 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3753394254-3964526071-3340233125-1001
2020-04-14 10:17 - 2014-04-26 15:47 - 000768392 _____ C:\Windows\system32\perfh005.dat
2020-04-14 10:17 - 2014-04-26 15:47 - 000166490 _____ C:\Windows\system32\perfc005.dat
2020-04-14 10:17 - 2014-03-18 11:53 - 001883104 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-14 10:17 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2020-04-14 10:13 - 2018-02-18 16:40 - 000000000 ____D C:\Users\Lenísek\AppData\Local\AVAST Software
2020-04-14 10:10 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-14 10:09 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-04-14 10:07 - 2017-02-03 21:50 - 000000000 ____D C:\Users\Lenísek\AppData\LocalLow\IObit
2020-04-14 10:07 - 2017-02-03 21:48 - 000000000 ____D C:\Users\Lenísek\AppData\Roaming\IObit
2020-04-14 10:07 - 2017-02-03 21:48 - 000000000 ____D C:\ProgramData\IObit
2020-04-14 10:07 - 2017-02-03 21:48 - 000000000 ____D C:\Program Files (x86)\IObit
2020-04-14 10:02 - 2016-02-20 07:40 - 000000000 ____D C:\ProgramData\Ashampoo
2020-04-14 10:00 - 2016-02-20 20:39 - 000000000 ____D C:\ProgramData\Avg
2020-04-14 10:00 - 2016-02-20 20:39 - 000000000 ____D C:\Program Files (x86)\AVG
2020-04-14 09:59 - 2016-02-20 20:38 - 000000000 ____D C:\Users\Lenísek\AppData\Local\AvgSetupLog
2020-04-14 09:49 - 2018-09-30 21:33 - 000000000 ____D C:\Users\Lenísek\AppData\Local\CrashDumps
2020-04-14 07:35 - 2016-02-20 08:56 - 000003962 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{BFE3C6DF-0EE2-4ADA-961F-159243382B2F}
2020-04-09 08:57 - 2018-09-10 17:42 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-04-09 08:57 - 2018-03-09 20:43 - 000004536 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-04-09 08:57 - 2018-03-09 20:43 - 000004408 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-04-09 08:57 - 2018-02-18 13:45 - 000002882 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (Lenísek)
2020-04-09 08:57 - 2016-02-20 07:42 - 000002786 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-04-09 08:57 - 2016-02-20 07:34 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-04-09 08:57 - 2016-02-20 07:34 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-04-09 08:57 - 2016-02-20 07:33 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-04-09 08:57 - 2014-10-09 07:34 - 000002990 _____ C:\Windows\system32\Tasks\Synaptics TouchPad Enhancements
2020-04-09 08:52 - 2016-02-20 11:35 - 000000000 ____D C:\Users\Lenísek\AppData\Roaming\MPC-HC
2020-04-08 13:32 - 2017-03-15 20:31 - 000000000 ___RD C:\Program Files (x86)\Skype
2020-04-08 13:32 - 2016-02-20 17:26 - 000000000 ____D C:\ProgramData\Skype
2020-04-03 17:48 - 2016-02-20 07:35 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-02 13:44 - 2018-04-08 10:52 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-03-26 17:02 - 2016-02-20 07:06 - 000000000 ____D C:\Users\Lenísek\AppData\Local\Packages
2020-03-26 16:28 - 2017-02-03 22:45 - 000002026 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-03-26 16:28 - 2017-02-03 22:45 - 000002026 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-03-26 15:48 - 2016-02-20 07:06 - 000000000 ____D C:\Users\Lenísek
2020-03-26 15:07 - 2016-02-20 07:29 - 000000000 ____D C:\ProgramData\AVAST Software
2020-03-24 10:30 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\NDF

==================== Files in the root of some directories ========

2017-02-03 21:29 - 2017-02-03 21:29 - 000000017 _____ () C:\Users\Lenísek\AppData\Local\resmon.resmoncfg
2016-07-11 15:46 - 2016-07-11 15:46 - 000000000 _____ () C:\Users\Lenísek\AppData\Local\{9D7290E5-5812-4BDE-B244-BEFE128B4335}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-04-13 08:20
==================== End of FRST.txt ========================

[JaRon]

citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {4030532a-43ad-11e8-8299-3863bb73d1fd} - "H:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {4030535b-43ad-11e8-8299-3863bb73d1fd} - "H:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {6167da12-29e8-11e7-8286-3863bb73d1fd} - "H:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {6167da3d-29e8-11e7-8286-3863bb73d1fd} - "I:\autorun.exe" 
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {6acb9b20-6a99-11ea-829f-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {6acb9b28-6a99-11ea-829f-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {6acb9b35-6a99-11ea-829f-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {90e03b89-61b0-11e7-8288-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {90e03baa-61b0-11e7-8288-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {92649469-7fbc-11e9-829b-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {92649481-7fbc-11e9-829b-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {ead2ca2c-d604-11e8-829a-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe" 
GroupPolicy: Restriction - Chrome <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {643B0B65-3B31-4C61-AAC6-158EBF3A4B41} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [ [ ]]
Task: {DFC291C8-1E1F-4505-9BB3-073F2D35B41A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [ [ ]]
SearchScopes: HKU\S-1-5-21-3753394254-3964526071-3340233125-1001 -> {2315A815-DAD5-4F80-B2E2-AE1C4C437EE8} URL = hxxp://www.search.ask.com/web?tpid=FF3- ... &pf=V7&p2=^B2Z^YYYYYY^BY^CZ&gct=&itbv=12.38.0.3192&apn_uid=620E48BE-24C2-4BF8-B126-
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
CHR HomePage: Default -> search.ask.com
S3 clwvd; \SystemRoot\system32\DRIVERS\clwvd.sys [X]
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
U3 McAPExe; no ImagePath
U3 McMPFSvc; no ImagePath
U3 McNaiAnn; no ImagePath
U3 mfecore; no ImagePath
U3 MSK80Service; no ImagePath


EmptyTemp:
Reboot:
End

•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[neummi]

Fix result of Farbar Recovery Scan Tool (x64) Version: 13-04-2020
Ran by Lenísek (14-04-2020 10:41:23) Run:1
Running from C:\Users\Lenísek\Desktop
Loaded Profiles: Lenísek (Available Profiles: Lenísek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {4030532a-43ad-11e8-8299-3863bb73d1fd} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {4030535b-43ad-11e8-8299-3863bb73d1fd} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {6167da12-29e8-11e7-8286-3863bb73d1fd} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {6167da3d-29e8-11e7-8286-3863bb73d1fd} - "I:\autorun.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {6acb9b20-6a99-11ea-829f-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {6acb9b28-6a99-11ea-829f-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {6acb9b35-6a99-11ea-829f-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {90e03b89-61b0-11e7-8288-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {90e03baa-61b0-11e7-8288-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {92649469-7fbc-11e9-829b-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {92649481-7fbc-11e9-829b-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\...\MountPoints2: {ead2ca2c-d604-11e8-829a-3863bb73d1fd} - "G:\HiSuiteDownLoader.exe"
GroupPolicy: Restriction - Chrome <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {643B0B65-3B31-4C61-AAC6-158EBF3A4B41} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [ [ ]]
Task: {DFC291C8-1E1F-4505-9BB3-073F2D35B41A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [ [ ]]
SearchScopes: HKU\S-1-5-21-3753394254-3964526071-3340233125-1001 -> {2315A815-DAD5-4F80-B2E2-AE1C4C437EE8} URL = hxxp://www.search.ask.com/web?tpid=FF3- ... &pf=V7&p2=^B2Z^YYYYYY^BY^CZ&gct=&itbv=12.38.0.3192&apn_uid=620E48BE-24C2-4BF8-B126-
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
CHR HomePage: Default -> search.ask.com
S3 clwvd; \SystemRoot\system32\DRIVERS\clwvd.sys [X]
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
U3 McAPExe; no ImagePath
U3 McMPFSvc; no ImagePath
U3 McNaiAnn; no ImagePath
U3 mfecore; no ImagePath
U3 MSK80Service; no ImagePath


EmptyTemp:
Reboot:
End
*****************

HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4030532a-43ad-11e8-8299-3863bb73d1fd} => removed successfully
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4030535b-43ad-11e8-8299-3863bb73d1fd} => removed successfully
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6167da12-29e8-11e7-8286-3863bb73d1fd} => removed successfully
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6167da3d-29e8-11e7-8286-3863bb73d1fd} => removed successfully
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6acb9b20-6a99-11ea-829f-3863bb73d1fd} => removed successfully
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6acb9b28-6a99-11ea-829f-3863bb73d1fd} => removed successfully
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6acb9b35-6a99-11ea-829f-3863bb73d1fd} => removed successfully
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{90e03b89-61b0-11e7-8288-3863bb73d1fd} => removed successfully
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{90e03baa-61b0-11e7-8288-3863bb73d1fd} => removed successfully
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{92649469-7fbc-11e9-829b-3863bb73d1fd} => removed successfully
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{92649481-7fbc-11e9-829b-3863bb73d1fd} => removed successfully
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ead2ca2c-d604-11e8-829a-3863bb73d1fd} => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{643B0B65-3B31-4C61-AAC6-158EBF3A4B41}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{643B0B65-3B31-4C61-AAC6-158EBF3A4B41}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DFC291C8-1E1F-4505-9BB3-073F2D35B41A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFC291C8-1E1F-4505-9BB3-073F2D35B41A}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
HKU\S-1-5-21-3753394254-3964526071-3340233125-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2315A815-DAD5-4F80-B2E2-AE1C4C437EE8} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => removed successfully
"Chrome HomePage" => removed successfully
HKLM\System\CurrentControlSet\Services\clwvd => removed successfully
clwvd => service removed successfully
HKLM\System\CurrentControlSet\Services\IntcAzAudAddService => removed successfully
IntcAzAudAddService => service removed successfully
HKLM\System\CurrentControlSet\Services\McAPExe => removed successfully
McAPExe => service removed successfully
HKLM\System\CurrentControlSet\Services\McMPFSvc => removed successfully
McMPFSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\McNaiAnn => removed successfully
McNaiAnn => service removed successfully
HKLM\System\CurrentControlSet\Services\mfecore => removed successfully
mfecore => service removed successfully
HKLM\System\CurrentControlSet\Services\MSK80Service => removed successfully
MSK80Service => service removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 264123634 B
Java, Flash, Steam htmlcache => 1080 B
Windows/system/drivers => 2994203 B
Edge => 0 B
Chrome => 587193433 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 4214 B
Users => 4214 B
ProgramData => 4214 B
Public => 4214 B
systemprofile => 4342 B
systemprofile32 => 4470 B
LocalService => 6934 B
NetworkService => 6934 B
Lenísek => 124012701 B

RecycleBin => 1451577 B
EmptyTemp: => 942.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:42:29 ====

[JaRon]

hotovo

[neummi]

super.....děkujeme...NB je viditelně rychlejší

[JaRon]

rado sa stalo