Preventivna kontrola

[luissuares77]

Zdravím. PC sa rozbieha veľmi dlho až po 4 min. sa s nim dá pracovať. Neviem ci je to tým ze pri štarte sa naraz spusti veľa programov,procesov alebo niečo iné? Dakujem.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-01-2019
Ran by marian (administrator) on MARIAN-PC (07-01-2019 11:57:00)
Running from C:\Users\marian\Desktop
Loaded Profiles: marian (Available Profiles: marian)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [222600 2019-01-06] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1340413468-1491628633-588290400-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [13594584 2018-06-27] (Piriform Ltd)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcodec2.dll [416280 2008-07-26] (Logitech Inc.)
HKLM\...\Drivers32: [MSVideo] => C:\Windows\system32\vfwwdm32.dll [56832 2010-11-20] (Microsoft Corporation)
HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.)
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation)
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company)
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler)
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept)
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\system32\xvidvfw.dll [139264 2004-07-03] ()
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.)
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation)
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation)
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation)
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll [447752 2010-01-21] (On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll [447752 2010-01-21] (On2.com)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files\AVAST Software\Browser\Application\70.1.973.110\Installer\chrmstp.exe [2019-01-04] (AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-13] (Google Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-09-20] (Adobe Systems, Inc.)
Startup: C:\Users\marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2015-02-28]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DE49ACCF-984B-4476-9D52-BBE936F35C97}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1340413468-1491628633-588290400-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1340413468-1491628633-588290400-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.sk/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 6moqor4d.default-1419951729573-1528630576716
FF ProfilePath: C:\Users\marian\AppData\Roaming\Mozilla\Firefox\Profiles\6moqor4d.default-1419951729573-1528630576716 [2019-01-07]
FF Extension: (Avast Online Security) - C:\Users\marian\AppData\Roaming\Mozilla\Firefox\Profiles\6moqor4d.default-1419951729573-1528630576716\Extensions\wrc@avast.com.xpi [2019-01-07]
FF Extension: (Skype Click to Call) - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-05] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @oberon-media.com/ONCAdapter -> C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll [2011-05-24] (Oberon-Media )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default [2019-01-06]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-09-21]
CHR Extension: (AdBlock) - C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-09-21]
CHR Extension: (Avast Online Security) - C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-08-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-13]
CHR Extension: (Chrome Media Router) - C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-21]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6300272 2019-01-06] (AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-07] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [309480 2019-01-06] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [323544 2019-01-06] (AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-07] (AVAST Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [169216 2019-01-06] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [185848 2019-01-06] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [158288 2019-01-06] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [255416 2019-01-06] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [51320 2019-01-06] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42928 2019-01-06] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40888 2019-01-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [138464 2019-01-06] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [36104 2018-03-06] (AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [380080 2019-01-06] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [101176 2019-01-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72992 2019-01-06] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [785776 2019-01-06] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [401832 2019-01-06] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [163344 2019-01-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310400 2019-01-06] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-08-29] (Disc Soft Ltd)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-07 11:57 - 2019-01-07 11:58 - 000015068 _____ C:\Users\marian\Desktop\FRST.txt
2019-01-07 11:56 - 2019-01-07 11:57 - 000000000 ____D C:\FRST
2019-01-07 11:54 - 2019-01-07 11:54 - 001784320 _____ (Farbar) C:\Users\marian\Desktop\FRST.exe
2019-01-06 11:29 - 2019-01-06 11:28 - 000312200 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-06 11:29 - 2019-01-06 11:28 - 000255416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-06 11:29 - 2019-01-06 11:28 - 000185848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-06 11:29 - 2019-01-06 11:28 - 000158288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-06 11:29 - 2019-01-06 11:28 - 000051320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-03 20:49 - 2018-12-20 19:08 - 003437259 _____ C:\Users\marian\Desktop\Doľacký_Stanislav_20181220_724.tif

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-07 11:36 - 2016-11-18 20:30 - 000000000 ____D C:\Users\marian\AppData\LocalLow\Mozilla
2019-01-07 11:29 - 2009-07-14 05:34 - 000023376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-07 11:29 - 2009-07-14 05:34 - 000023376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-01-07 11:17 - 2018-01-18 21:27 - 000000000 ____D C:\Users\marian\AppData\Local\AVAST Software
2019-01-07 11:15 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-07 11:14 - 2012-04-30 16:33 - 000000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2019-01-06 11:28 - 2018-10-19 16:51 - 000040888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-01-06 11:28 - 2018-03-06 18:54 - 000380080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2019-01-06 11:28 - 2017-11-09 17:56 - 000169216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-01-06 11:28 - 2014-08-01 18:46 - 000163344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-01-06 11:28 - 2014-08-01 18:46 - 000042928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-01-06 11:28 - 2013-09-02 16:09 - 000785776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-01-06 11:28 - 2013-09-02 16:09 - 000401832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-01-06 11:28 - 2013-09-02 16:09 - 000310400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-01-06 11:28 - 2013-09-02 16:09 - 000101176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-01-06 11:28 - 2013-09-02 16:09 - 000072992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-01-06 11:28 - 2013-09-02 16:08 - 000138464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-06 08:31 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2019-01-05 17:59 - 2015-11-10 18:05 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-01-05 07:34 - 2012-04-30 16:21 - 000782510 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-04 14:56 - 2018-06-07 16:39 - 000002347 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-12-28 17:24 - 2012-12-20 11:26 - 000000000 ____D C:\Users\marian\Documents\Hesla
2018-12-15 07:36 - 2016-11-18 15:14 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-12-15 07:36 - 2014-12-29 19:36 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2018-12-13 16:42 - 2012-04-30 19:51 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-13 16:42 - 2012-04-30 19:51 - 000002101 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2015-04-24 15:37 - 2006-04-26 08:49 - 001233920 ____R (Microsoft Corporation) C:\Users\marian\AppData\Roaming\msxml4.dll
2015-04-24 15:37 - 2006-04-26 08:49 - 000044544 ____R (Microsoft Corporation) C:\Users\marian\AppData\Roaming\msxml4a.dll
2006-04-26 08:49 - 2006-04-26 08:49 - 000082432 ____R (Microsoft Corporation) C:\Users\marian\AppData\Roaming\msxml4r.dll
2014-01-04 19:03 - 2014-01-04 19:03 - 000138056 _____ () C:\Users\marian\AppData\Roaming\PnkBstrK.sys
2013-09-01 16:42 - 2013-09-02 18:22 - 000000154 _____ () C:\Users\marian\AppData\Roaming\Rim.Desktop.Exception.log
2013-09-01 16:41 - 2014-03-03 19:17 - 000002009 _____ () C:\Users\marian\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-09-01 16:42 - 2013-09-02 18:22 - 000000154 _____ () C:\Users\marian\AppData\Roaming\Rim.DesktopHelper.Exception.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-01-04 16:49

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-01-2019
Ran by marian (07-01-2019 11:58:44)
Running from C:\Users\marian\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2012-04-30 15:26:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1340413468-1491628633-588290400-500 - Administrator - Disabled)
Guest (S-1-5-21-1340413468-1491628633-588290400-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1340413468-1491628633-588290400-1002 - Limited - Enabled)
marian (S-1-5-21-1340413468-1491628633-588290400-1001 - Administrator - Enabled) => C:\Users\marian

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
Avast Internet Security (HKLM\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Avast Secure Browser (HKLM\...\Avast Secure Browser) (Version: 70.1.973.110 - AVAST Software)
Balík Compatibility Pack pre systém Office 2007 (HKLM\...\{90120000-0020-041B-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.47.1.0337 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.15 - Piriform)
Google Earth Plug-in (HKLM\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 71.0.3578.98 - Spoločnosť Google Inc.)
Google SketchUp 8 (HKLM\...\{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}) (Version: 3.0.4811 - Google, Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.600 - Oracle)
Logitech Vid HD (HKLM\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 2010 pro studenty a domácnosti (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 64.0 (x86 sk) (HKLM\...\Mozilla Firefox 64.0 (x86 sk)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0.0.6914 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype verzia 8.28 (HKLM\...\Skype_is1) (Version: 8.28 - Skype Technologies S.A.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.0 - VideoLAN)
WinRAR 5.50 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{44EC053A-400F-11D0-9DCD-00A0C90391D3}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2013-08-20] (Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-02-11] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2013-08-20] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {051D8AC1-1B2B-4D9C-B528-6E787DBD5831} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1340413468-1491628633-588290400-1001
Task: {07919E4B-E914-4BDF-81F8-A1DF747A5FD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1D06F344-BB86-427B-9849-2038B9DD68AC} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {451310B4-5F4B-4744-B363-406B61A9A082} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-07] (AVAST Software)
Task: {5F11C20C-44D5-42C3-8EE0-39B45E5B4376} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {6208D3E3-6C80-4989-BCDE-AD16E8387A35} - System32\Tasks\{CEF993D7-81C7-4C06-9111-9E4E3AC7B8FC} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.2.0.103/cs/abandoninstall?page=tsPlugin
Task: {68FC05AA-48CF-49C9-92FE-17A0BB93F27E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-27] (Piriform Ltd)
Task: {7852CB31-AA6F-4740-8A0F-746F8F09323E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-27] (Piriform Ltd)
Task: {7BD59DF0-FDB0-496F-8904-8B813AE39EBB} - System32\Tasks\{D4E23857-193D-4FB2-B01D-57B34A85C21F} => C:\Program Files\Smart View\Smart View.exe
Task: {9E0C2B12-9C76-4DF6-858F-BD245082438B} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)
Task: {B9A18DA5-A7BE-4ACB-8F7F-9491DCAAC733} - System32\Tasks\{031C4729-E3B9-4081-AF4C-518FF8593D40} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.18.0.106/sk/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {C2905718-8643-4E10-B907-D467CCD1D060} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {DE57AA8F-F86F-4BCC-9BF7-6FD746D33B05} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-07] (AVAST Software)
Task: {E0A9BCD2-989D-442A-925E-8E713BF4800C} - System32\Tasks\{905F3D73-815D-4921-B33D-F3D23DF0639C} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.18.0.106/sk/abandoninstall?source=lightinstaller&page=tsBing
Task: {E26E4963-4E2A-4E07-8916-588B5512CB10} - System32\Tasks\{7EFC50B1-BFEB-475B-A189-2D8E567435F5} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller Pro"
Task: {E46EEF16-1B25-4ED3-888D-EDFDB94732AF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-10-27] (AVAST Software)
Task: {E8D65F22-CF20-4BC2-B28F-38019E542428} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {F12CA986-ECBF-4D0E-AA6A-36BC39A3D20A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {F6A021D6-34A6-416D-B14D-17C3C6A0B126} - System32\Tasks\Adobe online update program => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {FAD357AB-843C-4D36-A1C0-58462C37B6F4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-06] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\marian\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co

==================== Loaded Modules (Whitelisted) ==============

2019-01-06 11:28 - 2019-01-06 11:28 - 000570248 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-01-06 11:28 - 2019-01-06 11:28 - 000475016 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2019-01-06 11:28 - 2019-01-06 11:28 - 001030536 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2019-01-06 11:28 - 2019-01-06 11:28 - 001793928 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2019-01-07 11:17 - 2019-01-07 11:17 - 005740176 _____ () C:\Program Files\AVAST Software\Avast\defs\19010700\algo.dll
2009-10-14 12:36 - 2009-10-14 12:36 - 002793304 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
2009-10-14 12:34 - 2009-10-14 12:34 - 000560472 _____ () C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
2018-06-27 18:24 - 2018-06-27 18:24 - 000061408 _____ () C:\Program Files\CCleaner\branding.dll
2018-06-27 18:24 - 2018-06-27 18:24 - 000083208 _____ () C:\Program Files\CCleaner\lang\lang-1051.dll
2018-03-01 18:36 - 2018-03-01 18:36 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2019-01-04 14:43 - 000000028 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1340413468-1491628633-588290400-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\marian\AppData\Roaming\Mozilla\Firefox\Pozadie plochy.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8FEAFC1D-3D95-43B2-9CEE-8473E881EF95}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
FirewallRules: [{01DF3956-7BB1-4488-86B4-911F6594AB97}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
FirewallRules: [{C2193938-A1AA-4ADD-9B04-9260FF8D53FA}] => (Allow) C:\Windows\System32\msiexec.exe (Microsoft Corporation)
FirewallRules: [{FE7B71EF-6418-4375-A339-D38C50A81272}] => (Allow) C:\Windows\System32\msiexec.exe (Microsoft Corporation)
FirewallRules: [TCP Query User{C8F20A8A-1E19-4304-BA81-98A377BB6ACB}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe (Oracle Corporation)
FirewallRules: [UDP Query User{2CF23922-23F0-4EDF-9B4F-7D99826F2ABD}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe (Oracle Corporation)
FirewallRules: [TCP Query User{F6202953-C8D7-42D5-A3F1-4BA6D4C88641}C:\program files\logitech\vid hd\vid.exe] => (Allow) C:\program files\logitech\vid hd\vid.exe (Logitech Inc.)
FirewallRules: [UDP Query User{E30937C3-31D9-4090-9BCF-5E776F3094EF}C:\program files\logitech\vid hd\vid.exe] => (Allow) C:\program files\logitech\vid hd\vid.exe (Logitech Inc.)
FirewallRules: [TCP Query User{71B686B6-3974-4578-9C7D-36AB5FF192E6}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe (Oracle Corporation)
FirewallRules: [UDP Query User{53B39183-B621-4691-96CB-1F0DD33C8A1E}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe (Oracle Corporation)
FirewallRules: [{E7E0919E-1D5B-405F-9400-364C36CB1971}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
FirewallRules: [{FA6FEE87-943F-4AC3-BE4B-8D4C4AF3BDA6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{CEE7EE81-B9FD-4CD2-96B2-5E7BE0093967}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [TCP Query User{74AD5FBC-6FB7-4B8C-9A4C-FB6146BFBDC4}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [UDP Query User{D630C134-760F-413F-8FFE-A73F303600E1}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{799F2EB0-ED18-4FE4-BC09-219B6951D9F5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{9D793869-6CDD-429F-A557-6C2F8F75AFCB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{A2EE0248-EBB5-4BA8-AFD1-D841ABCF6636}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{BFC964C0-6190-44A2-944B-6AF1D22ABC5F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{1A2D385D-7921-49D3-859F-F23ABA0C509D}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{4246C807-BF4E-4929-BFAA-5387AE87D486}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{BFAC5F4C-9D4A-4D05-807C-B2CE6FCF8C73}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{9C661DA8-646B-4BB4-A464-9951AA4455CD}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software)
FirewallRules: [{B2984203-3D20-4569-9B69-982D2C5286E3}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{70D82197-6534-4A6B-AEC2-9B1E54886904}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)

==================== Restore Points =========================

29-12-2018 08:24:19 Plánovaný kontrolný bod
05-01-2019 08:42:23 Plánovaný kontrolný bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/07/2019 11:43:11 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadané konto už existuje.

Error: (01/07/2019 11:25:14 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadané konto už existuje.

Error: (01/06/2019 06:43:12 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadané konto už existuje.

Error: (01/06/2019 05:43:12 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadané konto už existuje.

Error: (01/06/2019 04:43:13 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadané konto už existuje.

Error: (01/06/2019 03:43:12 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadané konto už existuje.

Error: (01/06/2019 02:53:02 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadané konto už existuje.

Error: (01/06/2019 02:43:32 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadané konto už existuje.


System errors:
=============
Error: (01/07/2019 11:21:41 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update sa pri spustení zablokovala.

Error: (01/07/2019 11:19:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Služba %1!s! Update (avast) zlyhalo kvôli nasledujúcej chybe:
Služba neodpovedala na riadiaci alebo spúšťací pokyn načas.

Error: (01/07/2019 11:19:00 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Služba 30000!s! Update (avast) bol dosiahnutý časový limit (30000 ms).

Error: (01/06/2019 02:47:10 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Služba WMPNetworkSvc sa nespustila správne, pretože sa vo funkcii CoCreateInstance(CLSID_UPnPDeviceFinder) vyskytla chyba 0x80004005. Uistite sa, že je služba UPnPHost spustená a že je súčasť UPnPHost systému Windows správne nainštalovaná.

Error: (01/05/2019 07:19:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {ED1D0FDF-4414-470A-A56D-CFB68623FC58} did not register with DCOM within the required timeout.

Error: (01/05/2019 05:49:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Služba %1!s! Update (avast) zlyhalo kvôli nasledujúcej chybe:
Služba neodpovedala na riadiaci alebo spúšťací pokyn načas.

Error: (01/05/2019 05:49:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Služba 30000!s! Update (avast) bol dosiahnutý časový limit (30000 ms).

Error: (01/05/2019 03:32:24 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Služba WMPNetworkSvc sa nespustila správne, pretože sa vo funkcii CoCreateInstance(CLSID_UPnPDeviceFinder) vyskytla chyba 0x80004005. Uistite sa, že je služba UPnPHost spustená a že je súčasť UPnPHost systému Windows správne nainštalovaná.


Windows Defender:
===================================
Date: 2016-07-06 05:07:57.283
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{2DA33A29-FEEA-42FE-8C4E-5697DC809C9D}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2016-06-02 05:54:15.949
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{D884125E-D148-4999-BCFC-3E430DD90D97}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2016-03-07 05:10:04.033
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{0B502B00-3647-4191-B2CA-B482CC0CF3C9}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2016-02-08 05:11:08.783
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{B854E727-F8B2-41CE-AD5B-DE139BB320BE}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2016-03-23 13:12:27.578
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x8050800d
Error description:Niektoré položky histórie sa nepodarilo zobraziť. Počkajte niekoľko minút a zopakujte pokus. Ak sa tým problém nevyrieši, vymažte históriu a zopakujte pokus.
Signature version:1.215.2540.0
Engine version:1.1.12505.0

Date: 2016-03-19 19:40:50.290
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x8050800d
Error description:Niektoré položky histórie sa nepodarilo zobraziť. Počkajte niekoľko minút a zopakujte pokus. Ak sa tým problém nevyrieši, vymažte históriu a zopakujte pokus.
Signature version:1.215.2245.0
Engine version:1.1.12505.0

Date: 2016-01-09 14:42:18.475
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:Systém nemôže nájsť zadaný súbor.
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2016-01-09 14:02:48.153
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:Systém nemôže nájsť zadaný súbor.
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2016-01-09 13:53:50.919
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:Systém nemôže nájsť zadaný súbor.
Signature version:0.0.0.0
Engine version:0.0.0.0

CodeIntegrity:
===================================

Date: 2016-09-09 16:40:39.615
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-09 16:40:39.225
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 21:23:38.239
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 21:23:37.864
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 17:20:39.786
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 17:20:39.412
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 05:36:11.223
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 05:36:11.130
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU E3400 @ 2.60GHz
Percentage of memory in use: 63%
Total physical RAM: 2013.18 MB
Available physical RAM: 743.56 MB
Total Virtual: 4026.36 MB
Available Virtual: 2641.23 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.65 GB) (Free:31.57 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Nový svazek) (Fixed) (Total:184.4 GB) (Free:55.65 GB) NTFS
Drive h: (SAMSUNG) (Fixed) (Total:465.76 GB) (Free:75.84 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: F599F599)
Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200.4 GB) - (Type=05)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: C35D7796)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[Kodlz]

Ahoj.
Na plose, tam kde mas umisteny FRST vytvor TXT soubor, ktery pojmenujes fixlist.txt a do nej vloz nasledujici text:

( Spusť znovu FRST a klikni na >Fix<. Po skončení akce se objeví log, který sem zkopíruj).

start
CreateRestorePoint:

CloseProcesses:

Hosts:

EmptyTemp:



HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Extension: (Skype Click to Call) - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] [Legacy] [not signed]
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{44EC053A-400F-11D0-9DCD-00A0C90391D3}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
Task: {051D8AC1-1B2B-4D9C-B528-6E787DBD5831} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1340413468-1491628633-588290400-1001
Task: {07919E4B-E914-4BDF-81F8-A1DF747A5FD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {6208D3E3-6C80-4989-BCDE-AD16E8387A35} - System32\Tasks\{CEF993D7-81C7-4C06-9111-9E4E3AC7B8FC} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.2.0.103/cs/a ... e=tsPlugin
Task: {5F11C20C-44D5-42C3-8EE0-39B45E5B4376} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {B9A18DA5-A7BE-4ACB-8F7F-9491DCAAC733} - System32\Tasks\{031C4729-E3B9-4081-AF4C-518FF8593D40} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.18.0.106/sk/ ... Error=1618
Task: {E0A9BCD2-989D-442A-925E-8E713BF4800C} - System32\Tasks\{905F3D73-815D-4921-B33D-F3D23DF0639C} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.18.0.106/sk/ ... age=tsBing
Task: {F12CA986-ECBF-4D0E-AA6A-36BC39A3D20A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Shortcut: C:\Users\marian\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]


end

[luissuares77]

Fix result of Farbar Recovery Scan Tool (x86) Version: 09-01-2019
Ran by marian (09-01-2019 19:58:53) Run:1
Running from C:\Users\marian\Desktop
Loaded Profiles: marian (Available Profiles: marian)
Boot Mode: Normal

==============================================

fixlist content:
*****************
start
CreateRestorePoint:

CloseProcesses:

Hosts:

EmptyTemp:



HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Extension: (Skype Click to Call) - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] [Legacy] [not signed]
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{44EC053A-400F-11D0-9DCD-00A0C90391D3}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
Task: {051D8AC1-1B2B-4D9C-B528-6E787DBD5831} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1340413468-1491628633-588290400-1001
Task: {07919E4B-E914-4BDF-81F8-A1DF747A5FD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {6208D3E3-6C80-4989-BCDE-AD16E8387A35} - System32\Tasks\{CEF993D7-81C7-4C06-9111-9E4E3AC7B8FC} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.2.0.103/cs/a ... e=tsPlugin
Task: {5F11C20C-44D5-42C3-8EE0-39B45E5B4376} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {B9A18DA5-A7BE-4ACB-8F7F-9491DCAAC733} - System32\Tasks\{031C4729-E3B9-4081-AF4C-518FF8593D40} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.18.0.106/sk/ ... Error=1618
Task: {E0A9BCD2-989D-442A-925E-8E713BF4800C} - System32\Tasks\{905F3D73-815D-4921-B33D-F3D23DF0639C} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.18.0.106/sk/ ... age=tsBing
Task: {F12CA986-ECBF-4D0E-AA6A-36BC39A3D20A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Shortcut: C:\Users\marian\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]


end
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKLM\Software\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9} => removed successfully.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully.
C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi => moved successfully
HKLM\System\CurrentControlSet\Services\AvastVBoxSvc => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\AppMgmt => removed successfully.
AppMgmt => service removed successfully.
HKLM\System\CurrentControlSet\Services\MBAMSwissArmy => removed successfully.
MBAMSwissArmy => service removed successfully.
HKLM\System\CurrentControlSet\Services\VBoxAswDrv => could not remove, key could be protected
HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0000002F-0000-0000-C000-000000000046} => removed successfully.
HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046} => removed successfully.
HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046} => removed successfully.
HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046} => removed successfully.
HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046} => removed successfully.
HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046} => removed successfully.
HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046} => removed successfully.
HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0002E005-0000-0000-C000-000000000046} => removed successfully.
HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851} => removed successfully.
HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851} => removed successfully.
HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851} => removed successfully.
HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851} => removed successfully.
HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851} => removed successfully.
HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{44EC053A-400F-11D0-9DCD-00A0C90391D3} => removed successfully.
HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4} => removed successfully.
HKU\S-1-5-21-1340413468-1491628633-588290400-1001_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07} => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{051D8AC1-1B2B-4D9C-B528-6E787DBD5831}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{051D8AC1-1B2B-4D9C-B528-6E787DBD5831}" => removed successfully.
C:\Windows\System32\Tasks\Games\UpdateCheck_S-1-5-21-1340413468-1491628633-588290400-1001 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Games\UpdateCheck_S-1-5-21-1340413468-1491628633-588290400-1001" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{07919E4B-E914-4BDF-81F8-A1DF747A5FD1}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07919E4B-E914-4BDF-81F8-A1DF747A5FD1}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6208D3E3-6C80-4989-BCDE-AD16E8387A35}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6208D3E3-6C80-4989-BCDE-AD16E8387A35}" => removed successfully.
C:\Windows\System32\Tasks\{CEF993D7-81C7-4C06-9111-9E4E3AC7B8FC} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CEF993D7-81C7-4C06-9111-9E4E3AC7B8FC}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F11C20C-44D5-42C3-8EE0-39B45E5B4376}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F11C20C-44D5-42C3-8EE0-39B45E5B4376}" => removed successfully.
C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player NPAPI Notifier" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9A18DA5-A7BE-4ACB-8F7F-9491DCAAC733}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9A18DA5-A7BE-4ACB-8F7F-9491DCAAC733}" => removed successfully.
C:\Windows\System32\Tasks\{031C4729-E3B9-4081-AF4C-518FF8593D40} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{031C4729-E3B9-4081-AF4C-518FF8593D40}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0A9BCD2-989D-442A-925E-8E713BF4800C}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0A9BCD2-989D-442A-925E-8E713BF4800C}" => removed successfully.
C:\Windows\System32\Tasks\{905F3D73-815D-4921-B33D-F3D23DF0639C} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{905F3D73-815D-4921-B33D-F3D23DF0639C}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F12CA986-ECBF-4D0E-AA6A-36BC39A3D20A}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F12CA986-ECBF-4D0E-AA6A-36BC39A3D20A}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
C:\Users\marian\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk => moved successfully
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 51850311 B
Java, Flash, Steam htmlcache => 1154 B
Windows/system/drivers => 403792 B
Edge => 0 B
Chrome => 959993 B
Firefox => 1082999030 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
LocalService => 0 B
NetworkService => 38822 B
marian => 4814009 B

RecycleBin => 1837696 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 09-01-2019 20:09:56)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\AvastVBoxSvc => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\VBoxAswDrv => could not remove, key could be protected

==== End of Fixlog 20:09:57 ====

[Kodlz]

Stáhni AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Ulož na plochu
Ukonči všechny programy
Klikni nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vlož.


nasledne tento tool MBAM: http://forum.viry.cz/viewtopic.php?f=29&t=144868
-Nainstaluj,Vyber "Vlastní sken" a klikni na "Konfigurovat sken"
V okně "Konfigurace vlastního skenu" vyber všechny pevné disky a zatrhni možnost u "Hledat rootkity"
Kliknutím na Skenovat nyní začne MBAM pracovat.

-Log zkopíruj sem.

[luissuares77]

Malwarebytes
www.malwarebytes.com

-Podrobnosti denníka-
Dátum skenovania: 14. 1. 2019
Čas skenovania: 2:24
Súbor denníka: 29619b78-179b-11e9-a428-8c89a5558681.json

-Údaje o softvéri-
Verzia: 3.6.1.2711
Verzia súčastí: 1.0.519
Aktualizovať verziu balíka: 1.0.8762
Licencia: Skúšobná verzia

-Systémové informácie-
OS: Windows 7 Service Pack 1
Procesor: x86
Systém súborov: NTFS
Používateľ: System

-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Skenovanie bolo spustené: Plánovač
Výsledok: Dokončené
Preskenované objekty: 213762
Zistené hrozby: 0
Hrozby umiestnené do karantény: 0
Uplynulý čas: 17 min, 37 s

-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Zistiť
PUM: Zistiť

-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)

Modul: 0
(Nezistili sa nijaké škodlivé položky)

Kľúč databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Hodnota databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)

Priečinok: 0
(Nezistili sa nijaké škodlivé položky)

Súbor: 0
(Nezistili sa nijaké škodlivé položky)

Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)

WMI: 0
(Nezistili sa nijaké škodlivé položky)


(end)

[luissuares77]

# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-13-2019
# Duration: 00:00:07
# OS: Windows 7 Home Premium
# Cleaned: 14
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Windows\System32\config\systemprofile\AppData\LocalLow\AVG Secure Search

***** [ Files ] *****

Deleted C:\Program Files\Mozilla Firefox\avg-secure-search.xml

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKU\S-1-5-18\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\IB Updater
Deleted HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1340413468-1491628633-588290400-1001\Software\IB Updater
Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\IB Updater
Deleted HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1340413468-1491628633-588290400-1001\Software\incredibar.com
Deleted HKU\S-1-5-18\Software\AVG Secure Search
Deleted HKU\.DEFAULT\Software\AVG Secure Search
Deleted HKU\S-1-5-18\Software\ImInstaller
Deleted HKU\.DEFAULT\Software\ImInstaller
Deleted HKLM\Software\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Deleted HKLM\Software\Classes\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Deleted HKLM\Software\Classes\CLSID\{0C1284BA-4F3A-41C6-94B5-77446F5948A9}
Deleted HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1340413468-1491628633-588290400-1001\Software\SweetIM

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2766 octets] - [13/01/2019 20:34:27]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Kodlz]

Prosim cti pozorne to co ti pisu.
pust jeste jednou MBAM a zaskrtni možnost u "Hledat rootkity"

[luissuares77]

Malwarebytes
www.malwarebytes.com

-Podrobnosti denníka-
Dátum skenovania: 15. 1. 2019
Čas skenovania: 18:31
Súbor denníka: 5e104562-18eb-11e9-aded-8c89a5558681.json

-Údaje o softvéri-
Verzia: 3.6.1.2711
Verzia súčastí: 1.0.519
Aktualizovať verziu balíka: 1.0.8800
Licencia: Skúšobná verzia

-Systémové informácie-
OS: Windows 7 Service Pack 1
Procesor: x86
Systém súborov: NTFS
Používateľ: marian-PC\marian

-Zhrnutie skenovania-
Typ skenovania: Vlastné skenovanie
Skenovanie bolo spustené: Manuálne
Výsledok: Dokončené
Preskenované objekty: 257131
Zistené hrozby: 0
Hrozby umiestnené do karantény: 0
Uplynulý čas: 4 h, 9 min, 1 s

-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Povolené
Heuristika: Povolené
PUP: Zistiť
PUM: Zistiť

-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)

Modul: 0
(Nezistili sa nijaké škodlivé položky)

Kľúč databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Hodnota databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)

Priečinok: 0
(Nezistili sa nijaké škodlivé položky)

Súbor: 0
(Nezistili sa nijaké škodlivé položky)

Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)

WMI: 0
(Nezistili sa nijaké škodlivé položky)


(end)

[Kodlz]

pc mas ciste, nastala nejaka zmena?

[luissuares77]

Pracuje viditelne lepsie,dakujem.

[Kodlz]

dobre,
muzes odinstalovat/smazat nastroje, ktere sme pouzivali, popripade jeste pouzit ccleaner na procisteni.