Zdravím, prosím okontrolu tohoto zařízení, děkuji.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Home at 2018-11-23 08:26:24
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 291 GB (61%) free of 477 GB
Total RAM: 3207 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:28:22, on 23.11.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19178)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent.exe
C:\Program Files\Dolby Advanced Audio v2\pcee4.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\Elantech\ETDIntelligent.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Home\Desktop\RSIT.exe
C:\Program Files\trend micro\Home.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll
O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll
O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\Utility.exe
O4 - HKLM\..\Run: [RtsFT] RTFTrack.exe
O4 - HKLM\..\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe
O4 - HKLM\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe /t
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg32.exe,-100 (CxAudMsg) - Conexant Systems Inc. - C:\Windows\system32\CxAudMsg32.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
--
End of file - 8793 bytes
======Scheduled tasks folder======
C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS\AutoKMS.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3y4q501s.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
"{F04D2D30-776C-4d02-8627-8E4385ECA58D}"=C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.8.23\coFFPlgn\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 31.0.0.153 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_31_0_0_153.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.191.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.191.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3y4q501s.default\extensions\
staged
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-03-09 4171464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-11-04 480120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}]
Norton Identity Protection - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26 664888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-04 194424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A13C2648-91D4-4bf3-BC6D-0079707C4389} - Norton Identity Safe Toolbar - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26 664888]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-12-21 291280]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-03-05 2248080]
"Energy Management"=C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2012-03-10 8000560]
"EnergyUtility"=C:\Program Files\Lenovo\Energy Management\Utility.exe [2012-03-08 5936984]
"RtsFT"=C:\Windows\RTFTrack.exe [2013-01-04 4899552]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe [2013-02-04 843360]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2013-03-05 1647616]
"Dolby Advanced Audio v2"=C:\Program Files\Dolby Advanced Audio v2\pcee4.exe [2012-08-31 508656]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-01-31 36352]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 146032]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 181360]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 190064]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-11-18 242392]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2018-10-06 601424]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner.exe [2018-11-06 14554696]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 330752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-03-09 4171464]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-11-23 08:26:24 ----D---- C:\rsit
2018-11-23 08:26:24 ----D---- C:\Program Files\trend micro
2018-11-21 13:19:09 ----D---- C:\Program Files\paint.net
2018-11-19 12:17:00 ----HD---- C:\$AV_ASW
2018-11-19 11:40:54 ----A---- C:\Windows\system32\mshtml.dll
2018-11-19 11:40:53 ----A---- C:\Windows\system32\ieframe.dll
2018-11-19 11:40:52 ----A---- C:\Windows\system32\wininet.dll
2018-11-19 11:40:52 ----A---- C:\Windows\system32\tquery.dll
2018-11-19 11:40:52 ----A---- C:\Windows\system32\ole32.dll
2018-11-19 11:40:52 ----A---- C:\Windows\system32\mssrch.dll
2018-11-19 11:40:52 ----A---- C:\Windows\system32\iertutil.dll
2018-11-19 11:40:51 ----A---- C:\Windows\system32\vbscript.dll
2018-11-19 11:40:51 ----A---- C:\Windows\system32\rpcss.dll
2018-11-19 11:40:50 ----A---- C:\Windows\system32\win32k.sys
2018-11-19 11:40:50 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2018-11-19 11:40:50 ----A---- C:\Windows\system32\SearchIndexer.exe
2018-11-19 11:40:50 ----A---- C:\Windows\system32\scrobj.dll
2018-11-19 11:40:50 ----A---- C:\Windows\system32\rpcrt4.dll
2018-11-19 11:40:50 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-11-19 11:40:50 ----A---- C:\Windows\system32\ntkrnlpa.exe
2018-11-19 11:40:50 ----A---- C:\Windows\system32\ntdll.dll
2018-11-19 11:40:50 ----A---- C:\Windows\system32\mssph.dll
2018-11-19 11:40:49 ----A---- C:\Windows\system32\wscript.exe
2018-11-19 11:40:49 ----A---- C:\Windows\system32\SearchFilterHost.exe
2018-11-19 11:40:49 ----A---- C:\Windows\system32\scrrun.dll
2018-11-19 11:40:49 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-11-19 11:40:49 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-11-19 11:40:49 ----A---- C:\Windows\system32\iedkcs32.dll
2018-11-19 11:40:49 ----A---- C:\Windows\system32\halmacpi.dll
2018-11-19 11:40:49 ----A---- C:\Windows\system32\halacpi.dll
2018-11-19 11:40:49 ----A---- C:\Windows\system32\hal.dll
2018-11-19 11:40:49 ----A---- C:\Windows\system32\drivers\msrpc.sys
2018-11-19 11:40:49 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-11-19 11:40:49 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-11-19 11:40:49 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-11-19 11:40:48 ----A---- C:\Windows\system32\wshcon.dll
2018-11-19 11:40:48 ----A---- C:\Windows\system32\winsrv.dll
2018-11-19 11:40:48 ----A---- C:\Windows\system32\wdigest.dll
2018-11-19 11:40:48 ----A---- C:\Windows\system32\urlmon.dll
2018-11-19 11:40:48 ----A---- C:\Windows\system32\TSpkg.dll
2018-11-19 11:40:48 ----A---- C:\Windows\system32\srcore.dll
2018-11-19 11:40:48 ----A---- C:\Windows\system32\smss.exe
2018-11-19 11:40:48 ----A---- C:\Windows\system32\schannel.dll
2018-11-19 11:40:48 ----A---- C:\Windows\system32\rstrui.exe
2018-11-19 11:40:48 ----A---- C:\Windows\system32\rpchttp.dll
2018-11-19 11:40:48 ----A---- C:\Windows\system32\ncrypt.dll
2018-11-19 11:40:48 ----A---- C:\Windows\system32\msv1_0.dll
2018-11-19 11:40:48 ----A---- C:\Windows\system32\lsasrv.dll
2018-11-19 11:40:48 ----A---- C:\Windows\system32\KernelBase.dll
2018-11-19 11:40:48 ----A---- C:\Windows\system32\kernel32.dll
2018-11-19 11:40:48 ----A---- C:\Windows\system32\kerberos.dll
2018-11-19 11:40:48 ----A---- C:\Windows\system32\jscript9.dll
2018-11-19 11:40:48 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-11-19 11:40:48 ----A---- C:\Windows\system32\drivers\viac7.sys
2018-11-19 11:40:48 ----A---- C:\Windows\system32\drivers\processr.sys
2018-11-19 11:40:48 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-11-19 11:40:48 ----A---- C:\Windows\system32\drivers\intelppm.sys
2018-11-19 11:40:48 ----A---- C:\Windows\system32\drivers\amdppm.sys
2018-11-19 11:40:48 ----A---- C:\Windows\system32\drivers\amdk8.sys
2018-11-19 11:40:48 ----A---- C:\Windows\system32\dispex.dll
2018-11-19 11:40:48 ----A---- C:\Windows\system32\d3d10warp.dll
2018-11-19 11:40:48 ----A---- C:\Windows\system32\csrsrv.dll
2018-11-19 11:40:48 ----A---- C:\Windows\system32\cscript.exe
2018-11-19 11:40:48 ----A---- C:\Windows\system32\conhost.exe
2018-11-19 11:40:48 ----A---- C:\Windows\system32\auditpol.exe
2018-11-19 11:40:48 ----A---- C:\Windows\system32\appidsvc.dll
2018-11-19 11:40:48 ----A---- C:\Windows\system32\appidapi.dll
2018-11-19 11:40:48 ----A---- C:\Windows\system32\advapi32.dll
2018-11-19 11:40:47 ----A---- C:\Windows\system32\sspicli.dll
2018-11-19 11:40:47 ----A---- C:\Windows\system32\srclient.dll
2018-11-19 11:40:47 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-11-19 11:40:47 ----A---- C:\Windows\system32\lsass.exe
2018-11-19 11:40:47 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-11-19 11:40:47 ----A---- C:\Windows\system32\cryptbase.dll
2018-11-19 11:40:47 ----A---- C:\Windows\system32\bcrypt.dll
2018-11-19 11:40:47 ----A---- C:\Windows\system32\apisetschema.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-11-19 11:40:46 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\webcheck.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\sspisrv.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\secur32.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\oleres.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\occache.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\mssvp.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\mssphtb.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\mssitlb.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\msrating.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\msobjs.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\mshtmled.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\msfeeds.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\msaudite.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\jsproxy.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\jscript9diag.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\jscript.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\inseng.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\ieUnatt.exe
2018-11-19 11:40:46 ----A---- C:\Windows\system32\ieui.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\ieapfltr.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\dxtrans.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\dxtmsft.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\drivers\appid.sys
2018-11-19 11:40:46 ----A---- C:\Windows\system32\credssp.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\comcat.dll
2018-11-19 11:40:46 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-11-19 11:40:46 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-11-19 11:40:46 ----A---- C:\Windows\system32\adtschema.dll
2018-11-19 11:40:45 ----A---- C:\Windows\system32\mssprxy.dll
2018-11-19 11:40:45 ----A---- C:\Windows\system32\msshooks.dll
2018-11-19 11:40:45 ----A---- C:\Windows\system32\msscntrs.dll
2018-11-19 11:40:45 ----A---- C:\Windows\system32\iesetup.dll
2018-11-19 11:40:45 ----A---- C:\Windows\system32\iernonce.dll
2018-11-19 11:40:45 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-11-19 11:40:45 ----A---- C:\Windows\system32\ie4uinit.exe
2018-11-19 11:40:44 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-11-18 18:15:50 ----A---- C:\Windows\system32\aswBoot.exe
2018-11-04 04:34:09 ----D---- C:\Program Files\Common Files\Java
2018-11-04 04:33:16 ----D---- C:\Program Files\Common Files\Oracle
2018-11-01 15:42:19 ----A---- C:\Windows\system32\wmp.dll
2018-11-01 15:42:19 ----A---- C:\Windows\system32\termsrv.dll
2018-11-01 15:42:17 ----A---- C:\Windows\system32\msxml6.dll
2018-11-01 15:42:17 ----A---- C:\Windows\system32\diagtrack.dll
2018-11-01 15:42:16 ----A---- C:\Windows\system32\themeui.dll
2018-11-01 15:42:16 ----A---- C:\Windows\system32\drivers\ntfs.sys
2018-11-01 15:42:15 ----A---- C:\Windows\system32\msrd3x40.dll
2018-11-01 15:42:15 ----A---- C:\Windows\system32\itss.dll
2018-11-01 15:42:15 ----A---- C:\Windows\system32\gdi32.dll
2018-11-01 15:42:15 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2018-11-01 15:42:15 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2018-11-01 15:42:15 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-11-01 15:42:14 ----A---- C:\Windows\system32\UtcResources.dll
2018-11-01 15:42:14 ----A---- C:\Windows\system32\spwmp.dll
2018-11-01 15:42:14 ----A---- C:\Windows\system32\itircl.dll
2018-11-01 15:42:14 ----A---- C:\Windows\system32\dxmasf.dll
2018-11-01 15:42:14 ----A---- C:\Windows\system32\cdd.dll
2018-11-01 15:42:13 ----A---- C:\Windows\system32\wmploc.DLL
2018-11-01 15:42:11 ----A---- C:\Windows\system32\msxml6r.dll
2018-11-01 15:42:11 ----A---- C:\Windows\system32\aeinv.dll
2018-11-01 15:15:41 ----A---- C:\Windows\system32\drivers\aswKbd.sys
======List of files/folders modified in the last 1 month======
2018-11-23 08:26:36 ----D---- C:\Windows\Prefetch
2018-11-23 08:26:24 ----RD---- C:\Program Files
2018-11-23 08:24:51 ----D---- C:\Windows\inf
2018-11-23 08:24:49 ----D---- C:\Windows\Temp
2018-11-23 08:24:49 ----D---- C:\Windows
2018-11-23 06:31:58 ----D---- C:\Windows\system32\config
2018-11-23 06:22:44 ----D---- C:\Windows\System32
2018-11-23 06:22:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-11-23 06:20:13 ----A---- C:\Windows\system32\log.txt
2018-11-23 06:19:10 ----D---- C:\Windows\Tasks
2018-11-21 13:21:09 ----D---- C:\Windows\Microsoft.NET
2018-11-21 13:20:05 ----RSD---- C:\Windows\assembly
2018-11-21 13:19:58 ----SHD---- C:\Windows\Installer
2018-11-21 13:19:09 ----SHD---- C:\System Volume Information
2018-11-21 13:12:54 ----SD---- C:\Users\Home\AppData\Roaming\Microsoft
2018-11-21 11:18:40 ----D---- C:\Windows\rescache
2018-11-21 09:26:06 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2018-11-21 09:26:04 ----D---- C:\Windows\system32\Macromed
2018-11-21 08:36:18 ----D---- C:\Windows\system32\drivers
2018-11-21 08:29:38 ----D---- C:\Windows\system32\Tasks
2018-11-19 11:50:10 ----D---- C:\Windows\winsxs
2018-11-19 11:46:14 ----D---- C:\Windows\system32\migration
2018-11-19 11:46:14 ----D---- C:\Windows\system32\en-US
2018-11-19 11:46:14 ----D---- C:\Windows\system32\cs-CZ
2018-11-19 11:46:14 ----D---- C:\Program Files\Internet Explorer
2018-11-19 11:46:12 ----D---- C:\Windows\system32\DriverStore
2018-11-19 11:36:31 ----D---- C:\Windows\system32\catroot2
2018-11-19 11:28:30 ----D---- C:\Program Files\Mozilla Maintenance Service
2018-11-19 11:28:30 ----D---- C:\Program Files\Mozilla Firefox
2018-11-18 18:25:36 ----D---- C:\Windows\debug
2018-11-04 16:04:35 ----D---- C:\Windows\system32\drivers\UMDF
2018-11-04 04:36:04 ----D---- C:\Program Files\WinRAR
2018-11-04 04:34:09 ----D---- C:\Program Files\Common Files
2018-11-04 04:33:05 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2018-11-04 04:32:29 ----D---- C:\Program Files\Java
2018-11-04 04:30:11 ----D---- C:\Program Files\CCleaner
2018-11-01 17:01:57 ----D---- C:\Program Files\Windows Media Player
2018-11-01 15:54:00 ----D---- C:\Windows\system32\MRT
2018-11-01 15:48:45 ----AC---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2018-11-18 165384]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2018-11-18 284256]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2018-11-18 57904]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-11-18 72800]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-11-18 310200]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-01-31 524784]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-01-31 26608]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-12-04 16440]
R0 LHDmgr;LHDmgr; C:\Windows\System32\DRIVERS\LhdX86.sys [2010-01-15 32352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 173288]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-11-18 167480]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2018-11-18 188976]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-11-21 182960]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2018-11-18 40688]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-11-18 100984]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-11-18 784560]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-11-18 397992]
R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\Windows\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [2013-09-27 127064]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2018-06-29 389632]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-11-18 135200]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-11-18 156936]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2011-12-15 24672]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-09-25 170552]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2012-05-17 4877888]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 94208]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-12-04 508184]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-05-02 152400]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2012-03-06 175144]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-17 33832]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-03-06 18728]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2013-03-05 1363040]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2013-03-05 311696]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-12-14 3759616]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 280576]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-12-04 351288]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-12-04 796216]
R3 MEI;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECI.sys [2012-07-02 55104]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 rtsuvc;Lenovo EasyCamera; C:\Windows\system32\DRIVERS\rtsuvc.sys [2013-01-04 6367072]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2018-02-10 52928]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-11-18 42736]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x86.sys [2012-11-19 100504]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2013-01-15 242760]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2018-02-10 51904]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2018-02-10 52928]
S3 ViaC7;Ovladač procesoru VIA C7; C:\Windows\system32\drivers\viac7.sys [2018-11-11 53248]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-08-14 83984]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-11-18 324000]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2013-02-19 829656]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg32.exe,-100; C:\Windows\system32\CxAudMsg32.exe [2013-03-05 193696]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-01-31 15344]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-19 462088]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-08-21 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-09-11 277792]
R2 NCO;Norton Identity Safe; C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [2015-03-05 131144]
R2 SAService;Conexant SmartAudio service; C:\Windows\system32\SAsrv.exe [2013-03-05 447104]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-09-11 365344]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2018-11-18 6799632]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2017-10-19 153168]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-21 335872]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2018-03-26 47200]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\system32\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2017-10-19 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-10-12 104960]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-03-09 30798512]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2018-11-18 202192]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-11-20 1343400]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím prev.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prosím prev.
Ahoj 
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
- Nechaj zaskrtnute vsetky nalezy
- Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
- Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
- Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: prosím prev.
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-11-19.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-25-2018
# Duration: 00:00:02
# OS: Windows 7 Professional
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1257 octets] - [25/11/2018 10:38:55]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-11-19.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-25-2018
# Duration: 00:00:02
# OS: Windows 7 Professional
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1257 octets] - [25/11/2018 10:38:55]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Re: prosím prev.
Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: prosím prev.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09.12.2018
Ran by Home (administrator) on HOME-PC (12-12-2018 15:55:17)
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Lenovo (Beijing) Limited) C:\Program Files\Lenovo\Energy Management\Energy Management.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg32.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Energy Management\utility.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Advanced Audio v2\pcee4.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Symantec Corporation) C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(AVAST Software) C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291280 2012-12-21] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2248080 2013-03-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files\Lenovo\Energy Management\Energy Management.exe [8000560 2012-03-10] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files\Lenovo\Energy Management\Utility.exe [5936984 2012-03-08] (Lenovo(beijing) Limited)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [4899552 2013-01-04] (Realtek semiconductor)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe [843360 2013-02-04] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2013-03-05] (Conexant Systems, Inc.)
HKLM\...\Run: [Dolby Advanced Audio v2] => C:\Program Files\Dolby Advanced Audio v2\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-18] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-903533670-810270944-866817839-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [14554696 2018-11-06] (Piriform Software Ltd)
HKU\S-1-5-21-903533670-810270944-866817839-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [293888 2010-11-20] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-11-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2015-02-11]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{61C6DA8D-F284-4B16-9E27-66303E80A7BB}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{816D727F-04B3-4527-95A3-1B1218EC167C}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Internet Explorer:
==================
HKU\S-1-5-21-903533670-810270944-866817839-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-11-04] (Oracle Corporation)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-04] (Oracle Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
FireFox:
========
FF DefaultProfile: 3y4q501s.default
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3y4q501s.default [2018-12-12]
FF Homepage: Mozilla\Firefox\Profiles\3y4q501s.default -> www.seznam.cz
FF Extension: (Avast Online Security) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3y4q501s.default\Extensions\wrc@avast.com.xpi [2018-11-21]
FF Extension: (Vývojové sestavení Adblock Plus) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3y4q501s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-12-04]
FF HKLM\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.8.23\coFFPlgn
FF Extension: (Norton Identity Safe Toolbar) - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.8.23\coFFPlgn [2018-12-12] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-08] ()
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-04] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-09-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-09-17] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-10-19] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default [2018-12-12]
CHR Extension: (Dokumenty) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-19]
CHR Extension: (Disk Google) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-19]
CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-19]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-04]
CHR Extension: (Avast Online Security) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-11-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-04]
CHR Extension: (Norton Security Toolbar) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2017-10-19]
CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-19]
CHR Extension: (Chrome Media Router) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-10]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-28]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6799632 2018-11-18] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-11-18] (AVAST Software)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [829656 2013-02-19] (Broadcom Corporation.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [277616 2012-12-14] (Intel Corporation)
R2 CxAudMsg; C:\Windows\system32\CxAudMsg32.exe [193696 2013-03-05] (Conexant Systems Inc.)
S3 GoogleChromeElevationService; C:\Program Files\Google\Chrome\Application\71.0.3578.80\elevation_service.exe [375776 2018-11-30] (Google Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [462088 2012-06-19] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 NCO; C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
R2 SAService; C:\Windows\system32\SAsrv.exe [447104 2013-03-05] (Conexant Systems, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ACPIVPC; C:\Windows\System32\DRIVERS\AcpiVpc.sys [24672 2011-12-15] (Lenovo Corporation)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167480 2018-11-18] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188976 2018-11-18] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165384 2018-11-18] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284256 2018-11-18] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57904 2018-11-18] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [183176 2018-12-03] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42736 2018-11-18] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2018-11-18] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135200 2018-11-18] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100984 2018-11-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2018-11-18] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784560 2018-11-18] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397992 2018-11-18] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [156936 2018-11-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310200 2018-11-18] (AVAST Software)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170552 2012-09-25] (Broadcom Corporation.)
R3 btwampfl; C:\Windows\system32\drivers\btwampfl.sys [508184 2012-12-04] (Broadcom Corporation.)
R1 ccSet_NST; C:\Windows\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [127064 2013-09-27] (Symantec Corporation)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [311696 2013-03-05] (ELAN Microelectronics Corp.)
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [524784 2013-01-31] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [26608 2013-01-31] (Intel Corporation)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16440 2012-12-04] (Intel Corporation)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [351288 2012-12-04] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [796216 2012-12-04] (Intel Corporation)
S3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [100504 2012-11-19] (Qualcomm Atheros Co., Ltd.)
R0 LHDmgr; C:\Windows\System32\DRIVERS\LhdX86.sys [32352 2010-01-15] (Lenovo.)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-02] (Intel Corporation)
S3 RSUSBVSTOR; C:\Windows\System32\Drivers\RtsUVStor.sys [242760 2013-01-15] (Realtek Semiconductor Corp.)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [6367072 2013-01-04] (Realtek Semiconductor Corp.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-12-12 15:55 - 2018-12-12 15:56 - 000017651 _____ C:\Users\Home\Desktop\FRST.txt
2018-12-12 15:55 - 2018-12-12 15:55 - 000000000 ____D C:\FRST
2018-12-12 15:54 - 2018-12-12 15:54 - 001776640 _____ (Farbar) C:\Users\Home\Desktop\FRST.exe
2018-12-08 08:57 - 2018-12-08 09:40 - 000163775 _____ C:\Users\Home\Desktop\zadost-o-ukonceni-smlouvy_form.pdf
2018-12-08 08:57 - 2018-12-08 09:38 - 000156878 _____ C:\Users\Home\Desktop\zadost-o-ukonceni-smlouvy_form_plyn.pdf
2018-12-08 08:50 - 2018-12-08 09:42 - 000101578 _____ C:\Users\Home\Desktop\ele_puvodnizakaznik_moo_plnamoc_form.pdf
2018-12-08 08:50 - 2018-12-08 09:41 - 000101329 _____ C:\Users\Home\Desktop\puvodnizakaznik_moo_plnamoc_form.pdf
2018-12-04 19:19 - 2018-12-04 19:19 - 000048066 _____ C:\Users\Home\Desktop\Oznameni_o_cerpani.pdf
2018-12-03 19:12 - 2018-12-03 19:12 - 000086706 _____ C:\Users\Home\Desktop\confirmation.pdf
2018-12-03 19:09 - 2018-12-03 19:09 - 000080846 _____ C:\Users\Home\Desktop\vypis 3-12-2018.pdf
2018-11-25 10:38 - 2018-11-25 10:38 - 000000000 ____D C:\AdwCleaner
2018-11-25 10:37 - 2018-11-25 10:37 - 007592144 _____ (Malwarebytes) C:\Users\Home\Desktop\adwcleaner_7.2.4.0.exe
2018-11-24 05:32 - 2018-11-24 05:33 - 000098406 _____ C:\Users\Home\Desktop\Navrh_na_vklad_ID_10001076_1.pdf
2018-11-23 08:26 - 2018-11-23 08:28 - 000000000 ____D C:\rsit
2018-11-23 08:26 - 2018-11-23 08:28 - 000000000 ____D C:\Program Files\trend micro
2018-11-23 08:26 - 2018-11-23 08:26 - 001107968 _____ C:\Users\Home\Desktop\RSIT.exe
2018-11-23 08:21 - 2018-11-23 08:21 - 001222144 _____ C:\Users\Home\Downloads\RSITx64(2).exe
2018-11-23 08:21 - 2018-11-23 08:21 - 001222144 _____ C:\Users\Home\Downloads\RSITx64(1).exe
2018-11-23 08:20 - 2018-11-23 08:20 - 001222144 _____ C:\Users\Home\Downloads\RSITx64.exe
2018-11-23 06:39 - 2018-11-23 06:39 - 000087115 _____ C:\Users\Home\Desktop\čsob 2018.pdf
2018-11-22 07:12 - 2018-11-22 08:52 - 000000000 ____D C:\Users\Home\Desktop\skřečoň
2018-11-21 16:47 - 2018-11-21 16:47 - 000086513 _____ C:\Users\Home\Desktop\vypis.pdf
2018-11-21 16:46 - 2018-11-21 16:46 - 000073027 _____ C:\Users\Home\Downloads\TH_20181104-20181104(1).pdf
2018-11-21 16:45 - 2018-11-21 16:45 - 000073027 _____ C:\Users\Home\Downloads\TH_20181104-20181104.pdf
2018-11-21 13:19 - 2018-11-21 13:19 - 000001212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2018-11-21 13:19 - 2018-11-21 13:19 - 000001200 _____ C:\Users\Public\Desktop\paint.net.lnk
2018-11-21 13:19 - 2018-11-21 13:19 - 000000000 ____D C:\Program Files\paint.net
2018-11-21 13:18 - 2018-11-21 13:26 - 000000000 ____D C:\Users\Home\AppData\Local\paint.net
2018-11-21 13:13 - 2018-11-21 13:13 - 007831488 _____ C:\Users\Home\Downloads\paint.net.4.1.2.install.zip
2018-11-19 12:17 - 2018-11-19 12:17 - 000000000 ___HD C:\$AV_ASW
2018-11-19 11:40 - 2018-11-11 02:14 - 004054248 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2018-11-19 11:40 - 2018-11-11 02:14 - 003960040 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-11-19 11:40 - 2018-11-11 02:14 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2018-11-19 11:40 - 2018-11-11 02:13 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2018-11-19 11:40 - 2018-11-11 02:13 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-11-19 11:40 - 2018-11-11 02:13 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-11-19 11:40 - 2018-11-11 02:13 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-11-19 11:40 - 2018-11-11 02:12 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-11-19 11:40 - 2018-11-11 02:11 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-11-19 11:40 - 2018-11-11 02:11 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-11-19 11:40 - 2018-11-11 02:11 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-11-19 11:40 - 2018-11-11 02:11 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-11-19 11:40 - 2018-11-11 02:11 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-11-19 11:40 - 2018-11-11 02:11 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-11-19 11:40 - 2018-11-11 02:11 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 001425920 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 001063424 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 01:47 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-11-19 11:40 - 2018-11-11 01:46 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-11-19 11:40 - 2018-11-11 01:46 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-11-19 11:40 - 2018-11-11 01:46 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-11-19 11:40 - 2018-11-11 01:46 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-11-19 11:40 - 2018-11-11 01:45 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-11-19 11:40 - 2018-11-11 01:43 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-11-19 11:40 - 2018-11-11 01:43 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-11-19 11:40 - 2018-11-11 01:43 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-11-19 11:40 - 2018-11-11 01:41 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-11-19 11:40 - 2018-11-11 01:41 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-11-19 11:40 - 2018-11-11 01:40 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-11-19 11:40 - 2018-11-11 01:40 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-11-19 11:40 - 2018-11-11 01:40 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-11-19 11:40 - 2018-11-11 01:40 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-11-19 11:40 - 2018-11-11 01:40 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2018-11-19 11:40 - 2018-11-11 01:40 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-11-19 11:40 - 2018-11-11 01:40 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-11-19 11:40 - 2018-11-11 01:40 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-11-19 11:40 - 2018-11-11 01:40 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-11-19 11:40 - 2018-11-11 01:40 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-11-19 11:40 - 2018-11-11 01:40 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 01:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 01:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 01:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-11-19 11:40 - 2018-10-27 04:27 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2018-11-19 11:40 - 2018-10-27 04:27 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2018-11-19 11:40 - 2018-10-27 04:27 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2018-11-19 11:40 - 2018-10-27 04:04 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2018-11-19 11:40 - 2018-10-27 04:04 - 000126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2018-11-19 11:40 - 2018-10-27 04:04 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2018-11-19 11:40 - 2018-10-27 04:04 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\dispex.dll
2018-11-19 11:40 - 2018-10-27 04:00 - 002404864 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-11-19 11:40 - 2018-10-18 19:51 - 000348760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-11-19 11:40 - 2018-10-18 03:17 - 020281344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-11-19 11:40 - 2018-10-12 21:36 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-11-19 11:40 - 2018-10-12 21:35 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-11-19 11:40 - 2018-10-12 21:26 - 000498176 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-11-19 11:40 - 2018-10-12 21:25 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-11-19 11:40 - 2018-10-12 21:25 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-11-19 11:40 - 2018-10-12 21:25 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-11-19 11:40 - 2018-10-12 21:24 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-11-19 11:40 - 2018-10-12 21:22 - 002295808 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-11-19 11:40 - 2018-10-12 21:20 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-11-19 11:40 - 2018-10-12 21:20 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-11-19 11:40 - 2018-10-12 21:18 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-11-19 11:40 - 2018-10-12 21:17 - 000662016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-11-19 11:40 - 2018-10-12 21:17 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-11-19 11:40 - 2018-10-12 21:17 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-11-19 11:40 - 2018-10-12 21:17 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-11-19 11:40 - 2018-10-12 21:13 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-11-19 11:40 - 2018-10-12 21:11 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-11-19 11:40 - 2018-10-12 21:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-11-19 11:40 - 2018-10-12 21:07 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-11-19 11:40 - 2018-10-12 21:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-11-19 11:40 - 2018-10-12 21:05 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-11-19 11:40 - 2018-10-12 21:04 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-11-19 11:40 - 2018-10-12 21:03 - 004494848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-11-19 11:40 - 2018-10-12 21:03 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-11-19 11:40 - 2018-10-12 21:02 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-11-19 11:40 - 2018-10-12 20:59 - 013680640 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-11-19 11:40 - 2018-10-12 20:57 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-11-19 11:40 - 2018-10-12 20:56 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-11-19 11:40 - 2018-10-12 20:56 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-11-19 11:40 - 2018-10-12 20:55 - 002059776 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-11-19 11:40 - 2018-10-12 20:55 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-11-19 11:40 - 2018-10-12 20:42 - 004386816 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-11-19 11:40 - 2018-10-12 20:38 - 001330176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-11-19 11:40 - 2018-10-12 20:36 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-11-19 11:40 - 2018-10-06 16:47 - 000162536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-11-19 11:40 - 2018-10-06 14:42 - 001988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2018-11-19 11:40 - 2018-09-23 03:37 - 001549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-11-19 11:40 - 2018-09-23 03:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-11-19 11:40 - 2018-09-23 03:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-11-19 11:40 - 2018-09-23 03:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2018-11-19 11:40 - 2018-09-23 03:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2018-11-19 11:40 - 2018-09-23 03:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2018-11-19 11:40 - 2018-09-23 03:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2018-11-19 11:40 - 2018-09-23 03:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2018-11-19 11:40 - 2018-09-23 03:22 - 000427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-11-19 11:40 - 2018-09-23 03:22 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-11-19 11:40 - 2018-09-23 03:21 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2018-11-19 11:40 - 2018-09-23 03:21 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2018-11-18 18:15 - 2018-11-18 18:15 - 000323288 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-12-12 15:56 - 2017-10-19 14:13 - 000000000 ____D C:\Users\Home\AppData\LocalLow\Mozilla
2018-12-12 15:53 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2018-12-12 15:50 - 2010-11-21 02:16 - 000670154 _____ C:\Windows\system32\perfh005.dat
2018-12-12 15:50 - 2010-11-21 02:16 - 000142280 _____ C:\Windows\system32\perfc005.dat
2018-12-12 15:50 - 2010-11-20 22:01 - 001587976 _____ C:\Windows\system32\PerfStringBackup.INI
2018-12-12 15:45 - 2018-09-17 06:27 - 000000000 ____D C:\Users\Home\AppData\Local\AVAST Software
2018-12-12 15:44 - 2013-11-21 15:32 - 000000266 _____ C:\Windows\Tasks\AutoKMS.job
2018-12-12 15:43 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-10 15:09 - 2009-07-14 05:34 - 000031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-12-10 15:09 - 2009-07-14 05:34 - 000031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-12-08 08:53 - 2013-11-20 17:59 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2018-12-08 08:53 - 2013-11-20 17:59 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2018-12-08 08:53 - 2013-11-20 17:59 - 000000000 ____D C:\Windows\system32\Macromed
2018-12-05 16:40 - 2017-10-19 14:16 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-05 16:40 - 2017-10-19 14:16 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-12-03 17:18 - 2018-11-04 16:07 - 000000000 ____D C:\Users\Home\Desktop\foto
2018-12-03 15:53 - 2018-09-17 06:10 - 000183176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-11-24 04:58 - 2009-07-14 05:53 - 000032622 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-11-21 11:18 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\rescache
2018-11-19 12:23 - 2017-10-19 14:16 - 000000961 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-11-19 12:17 - 2017-11-12 18:32 - 000000000 ____D C:\Users\Home\Desktop\flexi
2018-11-19 11:48 - 2009-07-14 05:33 - 000408304 _____ C:\Windows\system32\FNTCACHE.DAT
2018-11-19 11:28 - 2017-10-19 14:12 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2018-11-19 11:28 - 2017-10-19 14:12 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-11-18 18:15 - 2018-11-01 15:15 - 000040688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-11-18 18:15 - 2017-11-12 19:30 - 000167480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000784560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000397992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000310200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000284256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblogx.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000188976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000165384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidshx.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000156936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000135200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000100984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000072800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000057904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbunivx.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000042736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-11-18 16:24 - 2017-10-19 14:24 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories =======
2013-11-26 17:33 - 2013-11-11 17:30 - 000089600 _____ (USB Safeguard, Soft.) C:\Users\Public\Aaaa.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-12-04 19:59
==================== End of FRST.txt ============================
Ran by Home (administrator) on HOME-PC (12-12-2018 15:55:17)
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Lenovo (Beijing) Limited) C:\Program Files\Lenovo\Energy Management\Energy Management.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg32.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Energy Management\utility.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Advanced Audio v2\pcee4.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Symantec Corporation) C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(AVAST Software) C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291280 2012-12-21] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2248080 2013-03-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files\Lenovo\Energy Management\Energy Management.exe [8000560 2012-03-10] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files\Lenovo\Energy Management\Utility.exe [5936984 2012-03-08] (Lenovo(beijing) Limited)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [4899552 2013-01-04] (Realtek semiconductor)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe [843360 2013-02-04] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2013-03-05] (Conexant Systems, Inc.)
HKLM\...\Run: [Dolby Advanced Audio v2] => C:\Program Files\Dolby Advanced Audio v2\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-18] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-903533670-810270944-866817839-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [14554696 2018-11-06] (Piriform Software Ltd)
HKU\S-1-5-21-903533670-810270944-866817839-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [293888 2010-11-20] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-11-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2015-02-11]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{61C6DA8D-F284-4B16-9E27-66303E80A7BB}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{816D727F-04B3-4527-95A3-1B1218EC167C}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Internet Explorer:
==================
HKU\S-1-5-21-903533670-810270944-866817839-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-11-04] (Oracle Corporation)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-04] (Oracle Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
FireFox:
========
FF DefaultProfile: 3y4q501s.default
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3y4q501s.default [2018-12-12]
FF Homepage: Mozilla\Firefox\Profiles\3y4q501s.default -> www.seznam.cz
FF Extension: (Avast Online Security) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3y4q501s.default\Extensions\wrc@avast.com.xpi [2018-11-21]
FF Extension: (Vývojové sestavení Adblock Plus) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3y4q501s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-12-04]
FF HKLM\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.8.23\coFFPlgn
FF Extension: (Norton Identity Safe Toolbar) - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.8.23\coFFPlgn [2018-12-12] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-08] ()
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-04] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-09-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-09-17] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-10-19] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default [2018-12-12]
CHR Extension: (Dokumenty) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-19]
CHR Extension: (Disk Google) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-19]
CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-19]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-04]
CHR Extension: (Avast Online Security) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-11-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-04]
CHR Extension: (Norton Security Toolbar) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2017-10-19]
CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-19]
CHR Extension: (Chrome Media Router) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-10]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-28]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6799632 2018-11-18] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-11-18] (AVAST Software)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [829656 2013-02-19] (Broadcom Corporation.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [277616 2012-12-14] (Intel Corporation)
R2 CxAudMsg; C:\Windows\system32\CxAudMsg32.exe [193696 2013-03-05] (Conexant Systems Inc.)
S3 GoogleChromeElevationService; C:\Program Files\Google\Chrome\Application\71.0.3578.80\elevation_service.exe [375776 2018-11-30] (Google Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [462088 2012-06-19] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 NCO; C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
R2 SAService; C:\Windows\system32\SAsrv.exe [447104 2013-03-05] (Conexant Systems, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ACPIVPC; C:\Windows\System32\DRIVERS\AcpiVpc.sys [24672 2011-12-15] (Lenovo Corporation)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167480 2018-11-18] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188976 2018-11-18] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165384 2018-11-18] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284256 2018-11-18] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57904 2018-11-18] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [183176 2018-12-03] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42736 2018-11-18] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2018-11-18] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135200 2018-11-18] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100984 2018-11-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2018-11-18] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784560 2018-11-18] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397992 2018-11-18] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [156936 2018-11-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310200 2018-11-18] (AVAST Software)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170552 2012-09-25] (Broadcom Corporation.)
R3 btwampfl; C:\Windows\system32\drivers\btwampfl.sys [508184 2012-12-04] (Broadcom Corporation.)
R1 ccSet_NST; C:\Windows\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [127064 2013-09-27] (Symantec Corporation)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [311696 2013-03-05] (ELAN Microelectronics Corp.)
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [524784 2013-01-31] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [26608 2013-01-31] (Intel Corporation)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16440 2012-12-04] (Intel Corporation)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [351288 2012-12-04] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [796216 2012-12-04] (Intel Corporation)
S3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [100504 2012-11-19] (Qualcomm Atheros Co., Ltd.)
R0 LHDmgr; C:\Windows\System32\DRIVERS\LhdX86.sys [32352 2010-01-15] (Lenovo.)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-02] (Intel Corporation)
S3 RSUSBVSTOR; C:\Windows\System32\Drivers\RtsUVStor.sys [242760 2013-01-15] (Realtek Semiconductor Corp.)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [6367072 2013-01-04] (Realtek Semiconductor Corp.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-12-12 15:55 - 2018-12-12 15:56 - 000017651 _____ C:\Users\Home\Desktop\FRST.txt
2018-12-12 15:55 - 2018-12-12 15:55 - 000000000 ____D C:\FRST
2018-12-12 15:54 - 2018-12-12 15:54 - 001776640 _____ (Farbar) C:\Users\Home\Desktop\FRST.exe
2018-12-08 08:57 - 2018-12-08 09:40 - 000163775 _____ C:\Users\Home\Desktop\zadost-o-ukonceni-smlouvy_form.pdf
2018-12-08 08:57 - 2018-12-08 09:38 - 000156878 _____ C:\Users\Home\Desktop\zadost-o-ukonceni-smlouvy_form_plyn.pdf
2018-12-08 08:50 - 2018-12-08 09:42 - 000101578 _____ C:\Users\Home\Desktop\ele_puvodnizakaznik_moo_plnamoc_form.pdf
2018-12-08 08:50 - 2018-12-08 09:41 - 000101329 _____ C:\Users\Home\Desktop\puvodnizakaznik_moo_plnamoc_form.pdf
2018-12-04 19:19 - 2018-12-04 19:19 - 000048066 _____ C:\Users\Home\Desktop\Oznameni_o_cerpani.pdf
2018-12-03 19:12 - 2018-12-03 19:12 - 000086706 _____ C:\Users\Home\Desktop\confirmation.pdf
2018-12-03 19:09 - 2018-12-03 19:09 - 000080846 _____ C:\Users\Home\Desktop\vypis 3-12-2018.pdf
2018-11-25 10:38 - 2018-11-25 10:38 - 000000000 ____D C:\AdwCleaner
2018-11-25 10:37 - 2018-11-25 10:37 - 007592144 _____ (Malwarebytes) C:\Users\Home\Desktop\adwcleaner_7.2.4.0.exe
2018-11-24 05:32 - 2018-11-24 05:33 - 000098406 _____ C:\Users\Home\Desktop\Navrh_na_vklad_ID_10001076_1.pdf
2018-11-23 08:26 - 2018-11-23 08:28 - 000000000 ____D C:\rsit
2018-11-23 08:26 - 2018-11-23 08:28 - 000000000 ____D C:\Program Files\trend micro
2018-11-23 08:26 - 2018-11-23 08:26 - 001107968 _____ C:\Users\Home\Desktop\RSIT.exe
2018-11-23 08:21 - 2018-11-23 08:21 - 001222144 _____ C:\Users\Home\Downloads\RSITx64(2).exe
2018-11-23 08:21 - 2018-11-23 08:21 - 001222144 _____ C:\Users\Home\Downloads\RSITx64(1).exe
2018-11-23 08:20 - 2018-11-23 08:20 - 001222144 _____ C:\Users\Home\Downloads\RSITx64.exe
2018-11-23 06:39 - 2018-11-23 06:39 - 000087115 _____ C:\Users\Home\Desktop\čsob 2018.pdf
2018-11-22 07:12 - 2018-11-22 08:52 - 000000000 ____D C:\Users\Home\Desktop\skřečoň
2018-11-21 16:47 - 2018-11-21 16:47 - 000086513 _____ C:\Users\Home\Desktop\vypis.pdf
2018-11-21 16:46 - 2018-11-21 16:46 - 000073027 _____ C:\Users\Home\Downloads\TH_20181104-20181104(1).pdf
2018-11-21 16:45 - 2018-11-21 16:45 - 000073027 _____ C:\Users\Home\Downloads\TH_20181104-20181104.pdf
2018-11-21 13:19 - 2018-11-21 13:19 - 000001212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2018-11-21 13:19 - 2018-11-21 13:19 - 000001200 _____ C:\Users\Public\Desktop\paint.net.lnk
2018-11-21 13:19 - 2018-11-21 13:19 - 000000000 ____D C:\Program Files\paint.net
2018-11-21 13:18 - 2018-11-21 13:26 - 000000000 ____D C:\Users\Home\AppData\Local\paint.net
2018-11-21 13:13 - 2018-11-21 13:13 - 007831488 _____ C:\Users\Home\Downloads\paint.net.4.1.2.install.zip
2018-11-19 12:17 - 2018-11-19 12:17 - 000000000 ___HD C:\$AV_ASW
2018-11-19 11:40 - 2018-11-11 02:14 - 004054248 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2018-11-19 11:40 - 2018-11-11 02:14 - 003960040 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-11-19 11:40 - 2018-11-11 02:14 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2018-11-19 11:40 - 2018-11-11 02:13 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2018-11-19 11:40 - 2018-11-11 02:13 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-11-19 11:40 - 2018-11-11 02:13 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-11-19 11:40 - 2018-11-11 02:13 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-11-19 11:40 - 2018-11-11 02:12 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-11-19 11:40 - 2018-11-11 02:11 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-11-19 11:40 - 2018-11-11 02:11 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-11-19 11:40 - 2018-11-11 02:11 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-11-19 11:40 - 2018-11-11 02:11 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-11-19 11:40 - 2018-11-11 02:11 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-11-19 11:40 - 2018-11-11 02:11 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-11-19 11:40 - 2018-11-11 02:11 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 001425920 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 001063424 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-11-19 11:40 - 2018-11-11 02:10 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 01:47 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-11-19 11:40 - 2018-11-11 01:46 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-11-19 11:40 - 2018-11-11 01:46 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-11-19 11:40 - 2018-11-11 01:46 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-11-19 11:40 - 2018-11-11 01:46 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-11-19 11:40 - 2018-11-11 01:45 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-11-19 11:40 - 2018-11-11 01:43 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-11-19 11:40 - 2018-11-11 01:43 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-11-19 11:40 - 2018-11-11 01:43 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-11-19 11:40 - 2018-11-11 01:41 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-11-19 11:40 - 2018-11-11 01:41 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-11-19 11:40 - 2018-11-11 01:40 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-11-19 11:40 - 2018-11-11 01:40 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-11-19 11:40 - 2018-11-11 01:40 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-11-19 11:40 - 2018-11-11 01:40 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-11-19 11:40 - 2018-11-11 01:40 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2018-11-19 11:40 - 2018-11-11 01:40 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-11-19 11:40 - 2018-11-11 01:40 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-11-19 11:40 - 2018-11-11 01:40 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-11-19 11:40 - 2018-11-11 01:40 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-11-19 11:40 - 2018-11-11 01:40 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-11-19 11:40 - 2018-11-11 01:40 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 01:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 01:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-11-19 11:40 - 2018-11-11 01:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-11-19 11:40 - 2018-10-27 04:27 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2018-11-19 11:40 - 2018-10-27 04:27 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2018-11-19 11:40 - 2018-10-27 04:27 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2018-11-19 11:40 - 2018-10-27 04:04 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2018-11-19 11:40 - 2018-10-27 04:04 - 000126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2018-11-19 11:40 - 2018-10-27 04:04 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2018-11-19 11:40 - 2018-10-27 04:04 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\dispex.dll
2018-11-19 11:40 - 2018-10-27 04:00 - 002404864 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-11-19 11:40 - 2018-10-18 19:51 - 000348760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-11-19 11:40 - 2018-10-18 03:17 - 020281344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-11-19 11:40 - 2018-10-12 21:36 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-11-19 11:40 - 2018-10-12 21:35 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-11-19 11:40 - 2018-10-12 21:26 - 000498176 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-11-19 11:40 - 2018-10-12 21:25 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-11-19 11:40 - 2018-10-12 21:25 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-11-19 11:40 - 2018-10-12 21:25 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-11-19 11:40 - 2018-10-12 21:24 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-11-19 11:40 - 2018-10-12 21:22 - 002295808 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-11-19 11:40 - 2018-10-12 21:20 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-11-19 11:40 - 2018-10-12 21:20 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-11-19 11:40 - 2018-10-12 21:18 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-11-19 11:40 - 2018-10-12 21:17 - 000662016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-11-19 11:40 - 2018-10-12 21:17 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-11-19 11:40 - 2018-10-12 21:17 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-11-19 11:40 - 2018-10-12 21:17 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-11-19 11:40 - 2018-10-12 21:13 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-11-19 11:40 - 2018-10-12 21:11 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-11-19 11:40 - 2018-10-12 21:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-11-19 11:40 - 2018-10-12 21:07 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-11-19 11:40 - 2018-10-12 21:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-11-19 11:40 - 2018-10-12 21:05 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-11-19 11:40 - 2018-10-12 21:04 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-11-19 11:40 - 2018-10-12 21:03 - 004494848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-11-19 11:40 - 2018-10-12 21:03 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-11-19 11:40 - 2018-10-12 21:02 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-11-19 11:40 - 2018-10-12 20:59 - 013680640 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-11-19 11:40 - 2018-10-12 20:57 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-11-19 11:40 - 2018-10-12 20:56 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-11-19 11:40 - 2018-10-12 20:56 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-11-19 11:40 - 2018-10-12 20:55 - 002059776 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-11-19 11:40 - 2018-10-12 20:55 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-11-19 11:40 - 2018-10-12 20:42 - 004386816 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-11-19 11:40 - 2018-10-12 20:38 - 001330176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-11-19 11:40 - 2018-10-12 20:36 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-11-19 11:40 - 2018-10-06 16:47 - 000162536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-11-19 11:40 - 2018-10-06 14:42 - 001988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2018-11-19 11:40 - 2018-09-23 03:37 - 001549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-11-19 11:40 - 2018-09-23 03:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-11-19 11:40 - 2018-09-23 03:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-11-19 11:40 - 2018-09-23 03:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2018-11-19 11:40 - 2018-09-23 03:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2018-11-19 11:40 - 2018-09-23 03:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2018-11-19 11:40 - 2018-09-23 03:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2018-11-19 11:40 - 2018-09-23 03:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2018-11-19 11:40 - 2018-09-23 03:22 - 000427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-11-19 11:40 - 2018-09-23 03:22 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-11-19 11:40 - 2018-09-23 03:21 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2018-11-19 11:40 - 2018-09-23 03:21 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2018-11-18 18:15 - 2018-11-18 18:15 - 000323288 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-12-12 15:56 - 2017-10-19 14:13 - 000000000 ____D C:\Users\Home\AppData\LocalLow\Mozilla
2018-12-12 15:53 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2018-12-12 15:50 - 2010-11-21 02:16 - 000670154 _____ C:\Windows\system32\perfh005.dat
2018-12-12 15:50 - 2010-11-21 02:16 - 000142280 _____ C:\Windows\system32\perfc005.dat
2018-12-12 15:50 - 2010-11-20 22:01 - 001587976 _____ C:\Windows\system32\PerfStringBackup.INI
2018-12-12 15:45 - 2018-09-17 06:27 - 000000000 ____D C:\Users\Home\AppData\Local\AVAST Software
2018-12-12 15:44 - 2013-11-21 15:32 - 000000266 _____ C:\Windows\Tasks\AutoKMS.job
2018-12-12 15:43 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-10 15:09 - 2009-07-14 05:34 - 000031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-12-10 15:09 - 2009-07-14 05:34 - 000031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-12-08 08:53 - 2013-11-20 17:59 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2018-12-08 08:53 - 2013-11-20 17:59 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2018-12-08 08:53 - 2013-11-20 17:59 - 000000000 ____D C:\Windows\system32\Macromed
2018-12-05 16:40 - 2017-10-19 14:16 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-05 16:40 - 2017-10-19 14:16 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-12-03 17:18 - 2018-11-04 16:07 - 000000000 ____D C:\Users\Home\Desktop\foto
2018-12-03 15:53 - 2018-09-17 06:10 - 000183176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-11-24 04:58 - 2009-07-14 05:53 - 000032622 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-11-21 11:18 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\rescache
2018-11-19 12:23 - 2017-10-19 14:16 - 000000961 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-11-19 12:17 - 2017-11-12 18:32 - 000000000 ____D C:\Users\Home\Desktop\flexi
2018-11-19 11:48 - 2009-07-14 05:33 - 000408304 _____ C:\Windows\system32\FNTCACHE.DAT
2018-11-19 11:28 - 2017-10-19 14:12 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2018-11-19 11:28 - 2017-10-19 14:12 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-11-18 18:15 - 2018-11-01 15:15 - 000040688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-11-18 18:15 - 2017-11-12 19:30 - 000167480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000784560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000397992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000310200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000284256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblogx.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000188976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000165384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidshx.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000156936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000135200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000100984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000072800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000057904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbunivx.sys
2018-11-18 18:15 - 2017-10-19 14:30 - 000042736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-11-18 16:24 - 2017-10-19 14:24 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories =======
2013-11-26 17:33 - 2013-11-11 17:30 - 000089600 _____ (USB Safeguard, Soft.) C:\Users\Public\Aaaa.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-12-04 19:59
==================== End of FRST.txt ============================
Re: prosím prev.
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09.12.2018
Ran by Home (12-12-2018 15:56:49)
Running from C:\Users\Home\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2013-11-20 02:21:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-903533670-810270944-866817839-500 - Administrator - Disabled)
Guest (S-1-5-21-903533670-810270944-866817839-501 - Limited - Disabled)
Home (S-1-5-21-903533670-810270944-866817839-1000 - Administrator - Enabled) => C:\Users\Home
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{A878C2B1-7B07-EDF9-30F4-D03BE6F08D30}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 12 v.12.0.5 (HKLM\...\{91B33C97-93EB-244C-F687-71D85E45A206}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.49 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.49.0 - Conexant)
Dolby Advanced Audio v2 (HKLM\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Energy Management (HKLM\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.4 - Lenovo) Hidden
Energy Management (HKLM\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.4 - Lenovo)
Google Chrome (HKLM\...\Google Chrome) (Version: 71.0.3578.80 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.7.248 - Intel Corporation)
Java 8 Update 181 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 191 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4000 - Broadcom Corporation)
Lenovo EasyCamera (HKLM\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10206 - Realtek Semiconductor Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.14.1 - ELAN Microelectronic Corp.)
Lenovo_Wireless_Driver (HKLM\...\{36CE10BD-A076-4DE3-A8A7-2F61E3FB2E6A}) (Version: 6.20.55.14 - Lenovo)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 63.0.3 (x86 cs) (HKLM\...\Mozilla Firefox 63.0.3 (x86 cs)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3.6892 - Mozilla)
Norton Identity Safe (HKLM\...\NST) (Version: 2014.7.11.42 - Symantec Corporation)
OEM Application Profile (HKLM\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Název společnosti:)
paint.net (HKLM\...\{FC1BF7F0-A83E-464A-8D59-FCEB5FA582AA}) (Version: 4.1.2 - dotPDN LLC)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Qualcomm Atheros Communications Inc.)
Realtek USB Card Reader (HKLM\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39041 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
WinRAR 5.60 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-18] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-18] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-18] (AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-12-14] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-18] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {061A8EBC-C68C-4682-9328-B25AAC28A6AF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {4AFFF684-7205-4975-8EA2-D3618EBAD7A6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-06] (Piriform Ltd)
Task: {4E68FCC0-BB4E-47CF-BD78-CD48ED9E1459} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-11-01] (AVAST Software)
Task: {7CEC78DE-4528-4E48-92EC-0E1E0615F505} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-10-19] (Google Inc.)
Task: {8F208019-D04D-433B-8942-612E59F0254B} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {9BD1CDA7-6466-4CF7-8D09-03D0ED7AF8A2} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {A33B3825-408C-42C6-A419-577B4E93863A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-08] (Adobe Systems Incorporated)
Task: {B28B8DA7-B07A-4F64-A2CF-64458E2B91E2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-18] (AVAST Software)
Task: {B59EA57C-F83A-46BD-A0E9-0FFC9C6A1E6D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-08] (Adobe Systems Incorporated)
Task: {B798F1D2-A02E-444A-B481-32E30CE006C2} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-11-21] ()
Task: {CEE31325-6226-4E79-ABB2-E5B17C423CFA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-06] (Piriform Software Ltd)
Task: {E0FEF0F8-17EF-4BD0-8FFC-B02DFC6D6F0C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-10-19] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-11-18 18:15 - 2018-11-18 18:15 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-11-18 18:15 - 2018-11-18 18:15 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-11-18 18:15 - 2018-11-18 18:15 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-11-18 18:15 - 2018-11-18 18:15 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-11-18 18:15 - 2018-11-18 18:15 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-12-12 15:45 - 2018-12-12 15:45 - 005786256 _____ () C:\Program Files\AVAST Software\Avast\defs\18121202\algo.dll
2013-04-04 01:09 - 2013-04-04 01:09 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2008-12-20 03:20 - 2008-12-20 03:20 - 000051016 _____ () C:\Program Files\Lenovo\Energy Management\HookLib.dll
2012-03-10 16:30 - 2012-03-10 16:30 - 001509424 _____ () C:\Program Files\Lenovo\Energy Management\EMWpfUI.dll
2012-03-08 15:36 - 2012-03-08 15:36 - 000011096 _____ () C:\Program Files\Lenovo\Energy Management\cs-CZ\EMWpfUI.resources.dll
2008-12-20 03:20 - 2008-12-20 03:20 - 000063304 _____ () C:\Program Files\Lenovo\Energy Management\kbdhook.dll
2013-11-20 04:13 - 2012-06-07 09:51 - 000094208 _____ () C:\Windows\System32\IccLibDll.dll
2018-09-17 06:09 - 2018-09-17 06:09 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-11-06 17:14 - 2018-11-06 17:14 - 000090576 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2013-11-20 04:13 - 2012-07-18 06:55 - 001198912 _____ () C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2018-11-18 16:11 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-903533670-810270944-866817839-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A36BAA2E-7945-46F8-A9C8-D99AC0F31DDD}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{F1DF2F0A-85AE-44E1-85ED-E1BD1230152D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{BEE17779-A3C8-4F38-AB66-9BE9F666CAB4}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{B77AA32A-A584-44A0-B228-E05B095BDD00}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B4083CE2-857A-458A-81C2-1540EABC0609}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F3AF6603-F79B-4ED9-8B10-2AAA6F835F4A}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{4AE7EC3C-1A70-49B0-BDA3-4FECD6871E94}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{10D7D217-F99B-40DA-8EE2-A4AB84251B34}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{83BC0976-C856-4078-A82A-5D7A128BE334}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{FC34D9E1-A3DC-459A-8C9C-50363660696C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
01-11-2018 15:42:52 Windows Update
01-11-2018 17:12:57 Windows Update
09-11-2018 16:39:36 Naplánovaný kontrolní bod
19-11-2018 11:41:22 Windows Update
21-11-2018 13:18:40 paint.net 4.1.2
08-12-2018 10:07:23 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
Name: Qualcomm Atheros AR8172/8176/8178 PCI-E Fast Ethernet Controller (NDIS 6.20)
Description: Qualcomm Atheros AR8172/8176/8178 PCI-E Fast Ethernet Controller (NDIS 6.20)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros
Service: L1C
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/12/2018 03:44:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/10/2018 03:43:57 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).
Error: (12/10/2018 03:00:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/09/2018 10:16:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/08/2018 09:29:04 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).
Error: (12/08/2018 08:43:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/07/2018 04:43:50 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).
Error: (12/07/2018 04:28:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (12/08/2018 11:02:20 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/04/2018 08:13:49 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/25/2018 10:40:38 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\bcmihvsrv.dll
Error: (11/25/2018 10:40:38 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\bcmihvsrv.dll
Error: (11/25/2018 10:40:30 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\bcmihvsrv.dll
Error: (11/25/2018 10:40:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Norton Identity Safe byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (11/25/2018 10:40:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/25/2018 10:40:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Bluetooth Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Percentage of memory in use: 40%
Total physical RAM: 3206.85 MB
Available physical RAM: 1895.56 MB
Total Virtual: 6412.07 MB
Available Virtual: 5058.34 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:282.57 GB) NTFS
\\?\Volume{bed13d43-5189-11e3-8f24-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by Home (12-12-2018 15:56:49)
Running from C:\Users\Home\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2013-11-20 02:21:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-903533670-810270944-866817839-500 - Administrator - Disabled)
Guest (S-1-5-21-903533670-810270944-866817839-501 - Limited - Disabled)
Home (S-1-5-21-903533670-810270944-866817839-1000 - Administrator - Enabled) => C:\Users\Home
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{A878C2B1-7B07-EDF9-30F4-D03BE6F08D30}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 12 v.12.0.5 (HKLM\...\{91B33C97-93EB-244C-F687-71D85E45A206}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.49 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.49.0 - Conexant)
Dolby Advanced Audio v2 (HKLM\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Energy Management (HKLM\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.4 - Lenovo) Hidden
Energy Management (HKLM\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.4 - Lenovo)
Google Chrome (HKLM\...\Google Chrome) (Version: 71.0.3578.80 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.7.248 - Intel Corporation)
Java 8 Update 181 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 191 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4000 - Broadcom Corporation)
Lenovo EasyCamera (HKLM\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10206 - Realtek Semiconductor Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.14.1 - ELAN Microelectronic Corp.)
Lenovo_Wireless_Driver (HKLM\...\{36CE10BD-A076-4DE3-A8A7-2F61E3FB2E6A}) (Version: 6.20.55.14 - Lenovo)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 63.0.3 (x86 cs) (HKLM\...\Mozilla Firefox 63.0.3 (x86 cs)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3.6892 - Mozilla)
Norton Identity Safe (HKLM\...\NST) (Version: 2014.7.11.42 - Symantec Corporation)
OEM Application Profile (HKLM\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Název společnosti:)
paint.net (HKLM\...\{FC1BF7F0-A83E-464A-8D59-FCEB5FA582AA}) (Version: 4.1.2 - dotPDN LLC)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Qualcomm Atheros Communications Inc.)
Realtek USB Card Reader (HKLM\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39041 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
WinRAR 5.60 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-18] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-18] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-18] (AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-12-14] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-18] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {061A8EBC-C68C-4682-9328-B25AAC28A6AF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {4AFFF684-7205-4975-8EA2-D3618EBAD7A6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-06] (Piriform Ltd)
Task: {4E68FCC0-BB4E-47CF-BD78-CD48ED9E1459} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-11-01] (AVAST Software)
Task: {7CEC78DE-4528-4E48-92EC-0E1E0615F505} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-10-19] (Google Inc.)
Task: {8F208019-D04D-433B-8942-612E59F0254B} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {9BD1CDA7-6466-4CF7-8D09-03D0ED7AF8A2} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {A33B3825-408C-42C6-A419-577B4E93863A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-08] (Adobe Systems Incorporated)
Task: {B28B8DA7-B07A-4F64-A2CF-64458E2B91E2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-18] (AVAST Software)
Task: {B59EA57C-F83A-46BD-A0E9-0FFC9C6A1E6D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-08] (Adobe Systems Incorporated)
Task: {B798F1D2-A02E-444A-B481-32E30CE006C2} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-11-21] ()
Task: {CEE31325-6226-4E79-ABB2-E5B17C423CFA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-06] (Piriform Software Ltd)
Task: {E0FEF0F8-17EF-4BD0-8FFC-B02DFC6D6F0C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-10-19] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-11-18 18:15 - 2018-11-18 18:15 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-11-18 18:15 - 2018-11-18 18:15 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-11-18 18:15 - 2018-11-18 18:15 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-11-18 18:15 - 2018-11-18 18:15 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-11-18 18:15 - 2018-11-18 18:15 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-12-12 15:45 - 2018-12-12 15:45 - 005786256 _____ () C:\Program Files\AVAST Software\Avast\defs\18121202\algo.dll
2013-04-04 01:09 - 2013-04-04 01:09 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2008-12-20 03:20 - 2008-12-20 03:20 - 000051016 _____ () C:\Program Files\Lenovo\Energy Management\HookLib.dll
2012-03-10 16:30 - 2012-03-10 16:30 - 001509424 _____ () C:\Program Files\Lenovo\Energy Management\EMWpfUI.dll
2012-03-08 15:36 - 2012-03-08 15:36 - 000011096 _____ () C:\Program Files\Lenovo\Energy Management\cs-CZ\EMWpfUI.resources.dll
2008-12-20 03:20 - 2008-12-20 03:20 - 000063304 _____ () C:\Program Files\Lenovo\Energy Management\kbdhook.dll
2013-11-20 04:13 - 2012-06-07 09:51 - 000094208 _____ () C:\Windows\System32\IccLibDll.dll
2018-09-17 06:09 - 2018-09-17 06:09 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-11-06 17:14 - 2018-11-06 17:14 - 000090576 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2013-11-20 04:13 - 2012-07-18 06:55 - 001198912 _____ () C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2018-11-18 16:11 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-903533670-810270944-866817839-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A36BAA2E-7945-46F8-A9C8-D99AC0F31DDD}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{F1DF2F0A-85AE-44E1-85ED-E1BD1230152D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{BEE17779-A3C8-4F38-AB66-9BE9F666CAB4}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{B77AA32A-A584-44A0-B228-E05B095BDD00}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B4083CE2-857A-458A-81C2-1540EABC0609}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F3AF6603-F79B-4ED9-8B10-2AAA6F835F4A}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{4AE7EC3C-1A70-49B0-BDA3-4FECD6871E94}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{10D7D217-F99B-40DA-8EE2-A4AB84251B34}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{83BC0976-C856-4078-A82A-5D7A128BE334}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{FC34D9E1-A3DC-459A-8C9C-50363660696C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
01-11-2018 15:42:52 Windows Update
01-11-2018 17:12:57 Windows Update
09-11-2018 16:39:36 Naplánovaný kontrolní bod
19-11-2018 11:41:22 Windows Update
21-11-2018 13:18:40 paint.net 4.1.2
08-12-2018 10:07:23 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
Name: Qualcomm Atheros AR8172/8176/8178 PCI-E Fast Ethernet Controller (NDIS 6.20)
Description: Qualcomm Atheros AR8172/8176/8178 PCI-E Fast Ethernet Controller (NDIS 6.20)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros
Service: L1C
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/12/2018 03:44:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/10/2018 03:43:57 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).
Error: (12/10/2018 03:00:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/09/2018 10:16:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/08/2018 09:29:04 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).
Error: (12/08/2018 08:43:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/07/2018 04:43:50 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).
Error: (12/07/2018 04:28:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (12/08/2018 11:02:20 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/04/2018 08:13:49 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/25/2018 10:40:38 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\bcmihvsrv.dll
Error: (11/25/2018 10:40:38 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\bcmihvsrv.dll
Error: (11/25/2018 10:40:30 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\bcmihvsrv.dll
Error: (11/25/2018 10:40:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Norton Identity Safe byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (11/25/2018 10:40:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/25/2018 10:40:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Bluetooth Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Percentage of memory in use: 40%
Total physical RAM: 3206.85 MB
Available physical RAM: 1895.56 MB
Total Virtual: 6412.07 MB
Available Virtual: 5058.34 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:282.57 GB) NTFS
\\?\Volume{bed13d43-5189-11e3-8f24-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Re: prosím prev.
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum File: C:\Users\Public\Aaaa.exe HKU\S-1-5-21-903533670-810270944-866817839-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/ FF Plugin: @microsoft.com/GENUINE -> disabled [No File] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-28] 2018-12-12 15:44 - 2013-11-21 15:32 - 000000266 _____ C:\Windows\Tasks\AutoKMS.job 2013-11-26 17:33 - 2013-11-11 17:30 - 000089600 _____ (USB Safeguard, Soft.) C:\Users\Public\Aaaa.exe Task: {B798F1D2-A02E-444A-B481-32E30CE006C2} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-11-21] () Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe C:\Windows\AutoKMS Hosts: EmptyTemp: End - Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: prosím prev.
Fix result of Farbar Recovery Scan Tool (x86) Version: 09.12.2018
Ran by Home (14-12-2018 14:33:24) Run:2
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Users\Public\Aaaa.exe
HKU\S-1-5-21-903533670-810270944-866817839-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-28]
2018-12-12 15:44 - 2013-11-21 15:32 - 000000266 _____ C:\Windows\Tasks\AutoKMS.job
2013-11-26 17:33 - 2013-11-11 17:30 - 000089600 _____ (USB Safeguard, Soft.) C:\Users\Public\Aaaa.exe
Task: {B798F1D2-A02E-444A-B481-32E30CE006C2} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-11-21] ()
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\AutoKMS
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 372
Average :
Sum : 487883944
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
========================= File: C:\Users\Public\Aaaa.exe ========================
"C:\Users\Public\Aaaa.exe" => not found
====== End of File: ======
HKU\S-1-5-21-903533670-810270944-866817839-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => not found
HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\nppllibpnmahfaklnpggkibhkapjkeob => not found
"C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx" => not found
"C:\Windows\Tasks\AutoKMS.job" => not found
"C:\Users\Public\Aaaa.exe" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B798F1D2-A02E-444A-B481-32E30CE006C2} => not found
"C:\Windows\System32\Tasks\AutoKMS" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS => not found
"C:\Windows\Tasks\AutoKMS.job" => not found
"C:\Windows\AutoKMS" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12474588 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 0 B
Firefox => 18218083 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
LocalService => 0 B
NetworkService => 0 B
Home => 107217 B
RecycleBin => 0 B
EmptyTemp: => 29.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 14:34:18 ====
Ran by Home (14-12-2018 14:33:24) Run:2
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Users\Public\Aaaa.exe
HKU\S-1-5-21-903533670-810270944-866817839-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-28]
2018-12-12 15:44 - 2013-11-21 15:32 - 000000266 _____ C:\Windows\Tasks\AutoKMS.job
2013-11-26 17:33 - 2013-11-11 17:30 - 000089600 _____ (USB Safeguard, Soft.) C:\Users\Public\Aaaa.exe
Task: {B798F1D2-A02E-444A-B481-32E30CE006C2} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-11-21] ()
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\AutoKMS
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 372
Average :
Sum : 487883944
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
========================= File: C:\Users\Public\Aaaa.exe ========================
"C:\Users\Public\Aaaa.exe" => not found
====== End of File: ======
HKU\S-1-5-21-903533670-810270944-866817839-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => not found
HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\nppllibpnmahfaklnpggkibhkapjkeob => not found
"C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx" => not found
"C:\Windows\Tasks\AutoKMS.job" => not found
"C:\Users\Public\Aaaa.exe" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B798F1D2-A02E-444A-B481-32E30CE006C2} => not found
"C:\Windows\System32\Tasks\AutoKMS" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS => not found
"C:\Windows\Tasks\AutoKMS.job" => not found
"C:\Windows\AutoKMS" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12474588 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 0 B
Firefox => 18218083 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
LocalService => 0 B
NetworkService => 0 B
Home => 107217 B
RecycleBin => 0 B
EmptyTemp: => 29.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 14:34:18 ====
Re: prosím prev.
Fix zrejme prebehol 2x, posli este log z prveho fixu, mal by byt ulozeny ako "C:\FRST\Logs\Fixlog_xx-xx-xx xx.xx.xx.txt" (namiesto x bude datum a cas, posli ten fixlog so skorsim datumom a casom). Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy?Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: prosím prev.
vše je v pořádku, jedná se čiště o prevenci
Fix result of Farbar Recovery Scan Tool (x86) Version: 09.12.2018
Ran by Home (13-12-2018 16:45:10) Run:1
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Users\Public\Aaaa.exe
HKU\S-1-5-21-903533670-810270944-866817839-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-28]
2018-12-12 15:44 - 2013-11-21 15:32 - 000000266 _____ C:\Windows\Tasks\AutoKMS.job
2013-11-26 17:33 - 2013-11-11 17:30 - 000089600 _____ (USB Safeguard, Soft.) C:\Users\Public\Aaaa.exe
Task: {B798F1D2-A02E-444A-B481-32E30CE006C2} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-11-21] ()
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\AutoKMS
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 372
Average :
Sum : 487883944
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
========================= File: C:\Users\Public\Aaaa.exe ========================
C:\Users\Public\Aaaa.exe
File not signed
MD5: 7F0157CB8D4DB24D7A809B4EA1968FC9
Creation and modification date: 2013-11-26 17:33 - 2013-11-11 17:30
Size: 000089600
Attributes: ----A
Company Name: USB Safeguard, Soft.
Internal Name: USB Safeguard
Original Name: USB Safeguard.exe
Product: USB Safeguard
Description: Safely portable pen drive
File Version: 4, 0, 0, 0
Product Version: 4, 0, 0, 0
Copyright: Copyright © 2011 USB Safeguard, Soft.
VirusTotal: https://www.virustotal.com/file/a1d0542 ... 493004237/
====== End of File: ======
HKU\S-1-5-21-903533670-810270944-866817839-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\nppllibpnmahfaklnpggkibhkapjkeob => removed successfully.
C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx => moved successfully
C:\Windows\Tasks\AutoKMS.job => moved successfully
C:\Users\Public\Aaaa.exe => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B798F1D2-A02E-444A-B481-32E30CE006C2} => not found
C:\Windows\System32\Tasks\AutoKMS => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully.
"C:\Windows\Tasks\AutoKMS.job" => not found
C:\Windows\AutoKMS => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8364920 B
Java, Flash, Steam htmlcache => 595 B
Windows/system/drivers => 262260 B
Edge => 0 B
Chrome => 1490882 B
Firefox => 16286651 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66228 B
LocalService => 0 B
NetworkService => 66228 B
Home => 1030763 B
RecycleBin => 0 B
EmptyTemp: => 34.3 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:48:30 ====
Fix result of Farbar Recovery Scan Tool (x86) Version: 09.12.2018
Ran by Home (13-12-2018 16:45:10) Run:1
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Users\Public\Aaaa.exe
HKU\S-1-5-21-903533670-810270944-866817839-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-28]
2018-12-12 15:44 - 2013-11-21 15:32 - 000000266 _____ C:\Windows\Tasks\AutoKMS.job
2013-11-26 17:33 - 2013-11-11 17:30 - 000089600 _____ (USB Safeguard, Soft.) C:\Users\Public\Aaaa.exe
Task: {B798F1D2-A02E-444A-B481-32E30CE006C2} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-11-21] ()
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\AutoKMS
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 372
Average :
Sum : 487883944
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
========================= File: C:\Users\Public\Aaaa.exe ========================
C:\Users\Public\Aaaa.exe
File not signed
MD5: 7F0157CB8D4DB24D7A809B4EA1968FC9
Creation and modification date: 2013-11-26 17:33 - 2013-11-11 17:30
Size: 000089600
Attributes: ----A
Company Name: USB Safeguard, Soft.
Internal Name: USB Safeguard
Original Name: USB Safeguard.exe
Product: USB Safeguard
Description: Safely portable pen drive
File Version: 4, 0, 0, 0
Product Version: 4, 0, 0, 0
Copyright: Copyright © 2011 USB Safeguard, Soft.
VirusTotal: https://www.virustotal.com/file/a1d0542 ... 493004237/
====== End of File: ======
HKU\S-1-5-21-903533670-810270944-866817839-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\nppllibpnmahfaklnpggkibhkapjkeob => removed successfully.
C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx => moved successfully
C:\Windows\Tasks\AutoKMS.job => moved successfully
C:\Users\Public\Aaaa.exe => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B798F1D2-A02E-444A-B481-32E30CE006C2} => not found
C:\Windows\System32\Tasks\AutoKMS => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully.
"C:\Windows\Tasks\AutoKMS.job" => not found
C:\Windows\AutoKMS => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8364920 B
Java, Flash, Steam htmlcache => 595 B
Windows/system/drivers => 262260 B
Edge => 0 B
Chrome => 1490882 B
Firefox => 16286651 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66228 B
LocalService => 0 B
NetworkService => 66228 B
Home => 1030763 B
RecycleBin => 0 B
EmptyTemp: => 34.3 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:48:30 ====
Re: prosím prev.
Vyzera to OK, ale kedze uz ubehli cca 2 tyzdne odvtedy, tak posli este aj nove logy z FRST.Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: prosím prev.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-01-2019
Ran by Home (administrator) on HOME-PC (14-01-2019 10:25:19)
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg32.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Lenovo (Beijing) Limited) C:\Program Files\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Energy Management\utility.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Advanced Audio v2\pcee4.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Symantec Corporation) C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291280 2012-12-21] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2248080 2013-03-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files\Lenovo\Energy Management\Energy Management.exe [8000560 2012-03-10] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files\Lenovo\Energy Management\Utility.exe [5936984 2012-03-08] (Lenovo(beijing) Limited)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [4899552 2013-01-04] (Realtek semiconductor)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe [843360 2013-02-04] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2013-03-05] (Conexant Systems, Inc.)
HKLM\...\Run: [Dolby Advanced Audio v2] => C:\Program Files\Dolby Advanced Audio v2\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-18] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-903533670-810270944-866817839-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [14554696 2018-11-06] (Piriform Software Ltd)
HKU\S-1-5-21-903533670-810270944-866817839-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [293888 2010-11-20] (Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-17] (Google Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-10-19] (Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\\BtwCP.dll [2013-02-19] (Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll [2013-02-19] (Broadcom Corporation.)
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-11-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2015-02-11]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{61C6DA8D-F284-4B16-9E27-66303E80A7BB}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{816D727F-04B3-4527-95A3-1B1218EC167C}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-11-04] (Oracle Corporation)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-04] (Oracle Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
FireFox:
========
FF DefaultProfile: 3y4q501s.default
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3y4q501s.default [2019-01-14]
FF Homepage: Mozilla\Firefox\Profiles\3y4q501s.default -> www.seznam.cz
FF Extension: (Avast Online Security) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3y4q501s.default\Extensions\wrc@avast.com.xpi [2019-01-10]
FF Extension: (Vývojové sestavení Adblock Plus) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3y4q501s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-12-04]
FF HKLM\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.8.23\coFFPlgn
FF Extension: (Norton Identity Safe Toolbar) - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.8.23\coFFPlgn [2019-01-14] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-14] ()
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-04] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default [2018-12-17]
CHR Extension: (Dokumenty) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-19]
CHR Extension: (Disk Google) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-19]
CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-19]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-04]
CHR Extension: (Avast Online Security) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-11-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-04]
CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-19]
CHR Extension: (Chrome Media Router) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-17]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6799632 2018-11-18] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-11-18] (AVAST Software)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [829656 2013-02-19] (Broadcom Corporation.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [277616 2012-12-14] (Intel Corporation)
R2 CxAudMsg; C:\Windows\system32\CxAudMsg32.exe [193696 2013-03-05] (Conexant Systems Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [462088 2012-06-19] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 NCO; C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
R2 SAService; C:\Windows\system32\SAsrv.exe [447104 2013-03-05] (Conexant Systems, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ACPIVPC; C:\Windows\System32\DRIVERS\AcpiVpc.sys [24672 2011-12-15] (Lenovo Corporation)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167480 2018-11-18] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188976 2018-11-18] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165384 2018-11-18] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284256 2018-11-18] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57904 2018-11-18] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [183176 2018-12-03] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42736 2018-11-18] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2018-11-18] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135200 2018-11-18] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100984 2018-11-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2018-11-18] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784560 2018-11-18] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397992 2018-11-18] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [156936 2018-11-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310200 2018-11-18] (AVAST Software)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170552 2012-09-25] (Broadcom Corporation.)
R3 btwampfl; C:\Windows\system32\drivers\btwampfl.sys [508184 2012-12-04] (Broadcom Corporation.)
R1 ccSet_NST; C:\Windows\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [127064 2013-09-27] (Symantec Corporation)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [311696 2013-03-05] (ELAN Microelectronics Corp.)
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [524784 2013-01-31] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [26608 2013-01-31] (Intel Corporation)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16440 2012-12-04] (Intel Corporation)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [351288 2012-12-04] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [796216 2012-12-04] (Intel Corporation)
S3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [100504 2012-11-19] (Qualcomm Atheros Co., Ltd.)
R0 LHDmgr; C:\Windows\System32\DRIVERS\LhdX86.sys [32352 2010-01-15] (Lenovo.)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-02] (Intel Corporation)
S3 RSUSBVSTOR; C:\Windows\System32\Drivers\RtsUVStor.sys [242760 2013-01-15] (Realtek Semiconductor Corp.)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [6367072 2013-01-04] (Realtek Semiconductor Corp.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (Created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-14 10:25 - 2019-01-14 10:25 - 000000000 ____D C:\Users\Home\Desktop\FRST-OlderVersion
2019-01-02 13:12 - 2018-12-15 00:14 - 000348760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-01-02 13:12 - 2018-12-14 07:58 - 020280832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-01-02 13:12 - 2018-12-14 07:51 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-01-02 13:12 - 2018-12-14 07:51 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-01-02 13:12 - 2018-12-14 07:41 - 000498176 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-01-02 13:12 - 2018-12-14 07:41 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-01-02 13:12 - 2018-12-14 07:40 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-01-02 13:12 - 2018-12-14 07:40 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-01-02 13:12 - 2018-12-14 07:39 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-01-02 13:12 - 2018-12-14 07:38 - 002295808 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-01-02 13:12 - 2018-12-14 07:35 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-01-02 13:12 - 2018-12-14 07:35 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-01-02 13:12 - 2018-12-14 07:34 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-01-02 13:12 - 2018-12-14 07:33 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-01-02 13:12 - 2018-12-14 07:33 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-01-02 13:12 - 2018-12-14 07:33 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-01-02 13:12 - 2018-12-14 07:32 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-01-02 13:12 - 2018-12-14 07:29 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-01-02 13:12 - 2018-12-14 07:26 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-01-02 13:12 - 2018-12-14 07:23 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-01-02 13:12 - 2018-12-14 07:22 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-01-02 13:12 - 2018-12-14 07:22 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-01-02 13:12 - 2018-12-14 07:20 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-01-02 13:12 - 2018-12-14 07:19 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-01-02 13:12 - 2018-12-14 07:19 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-01-02 13:12 - 2018-12-14 07:18 - 004494848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-01-02 13:12 - 2018-12-14 07:18 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-01-02 13:12 - 2018-12-14 07:14 - 013681152 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-01-02 13:12 - 2018-12-14 07:13 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-01-02 13:12 - 2018-12-14 07:11 - 002059776 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-01-02 13:12 - 2018-12-14 07:11 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-01-02 13:12 - 2018-12-14 07:11 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-01-02 13:12 - 2018-12-14 07:10 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-01-02 13:12 - 2018-12-14 06:58 - 004386816 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-01-02 13:12 - 2018-12-14 06:54 - 001330176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-01-02 13:12 - 2018-12-14 06:52 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-01-02 13:11 - 2018-12-06 03:35 - 002405376 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-01-02 13:11 - 2018-11-28 22:50 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-01-02 13:11 - 2018-11-28 22:50 - 011411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-01-02 13:11 - 2018-11-28 22:38 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-01-02 13:11 - 2018-11-28 22:38 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-01-02 13:11 - 2018-11-28 22:38 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-01-02 13:11 - 2018-11-11 17:50 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2019-01-02 13:11 - 2018-11-11 17:50 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-01-02 13:11 - 2018-11-11 17:49 - 004054760 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2019-01-02 13:11 - 2018-11-11 17:49 - 003960040 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-01-02 13:11 - 2018-11-11 17:49 - 000162536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-01-02 13:11 - 2018-11-11 17:49 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-01-02 13:11 - 2018-11-11 17:49 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2019-01-02 13:11 - 2018-11-11 17:49 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-01-02 13:11 - 2018-11-11 17:47 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 001063424 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-01-02 13:11 - 2018-11-11 17:44 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-01-02 13:11 - 2018-11-11 17:44 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-01-02 13:11 - 2018-11-11 17:44 - 000307200 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-01-02 13:11 - 2018-11-11 17:44 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-01-02 13:11 - 2018-11-11 17:44 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-01-02 13:11 - 2018-11-11 17:44 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-01-02 13:11 - 2018-11-11 17:44 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-01-02 13:11 - 2018-11-11 17:44 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-01-02 13:11 - 2018-11-11 17:20 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-01-02 13:11 - 2018-11-11 17:20 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-01-02 13:11 - 2018-11-11 17:20 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-01-02 13:11 - 2018-11-11 17:20 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-01-02 13:11 - 2018-11-11 17:19 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-01-02 13:11 - 2018-11-11 17:17 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-01-02 13:11 - 2018-11-11 17:17 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-01-02 13:11 - 2018-11-11 17:15 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-01-02 13:11 - 2018-11-11 17:14 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-01-02 13:11 - 2018-11-11 17:14 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-01-02 13:11 - 2018-11-11 17:14 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-01-02 13:11 - 2018-11-11 17:14 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-01-02 13:11 - 2018-11-11 17:14 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-01-02 13:11 - 2018-11-11 17:14 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-01-02 13:11 - 2018-11-11 17:13 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-01-02 13:11 - 2018-11-11 17:13 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-01-02 13:11 - 2018-11-11 17:13 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2019-01-02 13:11 - 2018-11-11 17:13 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-01-02 13:11 - 2018-11-11 17:13 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-01-02 13:11 - 2018-11-08 17:43 - 001391104 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-01-02 13:11 - 2018-11-08 17:43 - 001241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-01-02 13:11 - 2018-11-08 17:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-01-02 13:11 - 2018-11-08 17:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2019-01-02 13:11 - 2018-11-06 05:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-01-02 13:11 - 2018-10-06 16:50 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-01-02 13:11 - 2018-10-06 16:44 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-01-02 13:11 - 2018-10-06 16:43 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-01-02 13:11 - 2018-10-06 16:43 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-01-02 13:11 - 2018-10-06 16:43 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-01-02 13:11 - 2018-10-06 16:16 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-12-25 11:08 - 2018-12-25 11:17 - 000000000 ____D C:\Users\Home\Desktop\karta
2018-12-19 08:53 - 2018-12-19 08:53 - 000177827 _____ C:\Users\Home\Desktop\12-2018.pdf
2018-12-17 16:16 - 2018-12-17 16:16 - 000172734 _____ C:\Users\Home\Desktop\pujcka.pdf
2018-12-17 16:15 - 2018-12-17 16:15 - 000177814 _____ C:\Users\Home\Desktop\2.pdf
2018-12-17 16:15 - 2018-12-17 16:15 - 000174604 _____ C:\Users\Home\Desktop\1.pdf
==================== One month (Modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-14 10:27 - 2018-12-12 15:55 - 000017520 _____ C:\Users\Home\Desktop\FRST.txt
2019-01-14 10:25 - 2018-12-12 15:55 - 000000000 ____D C:\FRST
2019-01-14 10:25 - 2018-12-12 15:54 - 001786368 _____ (Farbar) C:\Users\Home\Desktop\FRST.exe
2019-01-14 10:25 - 2017-10-19 14:13 - 000000000 ____D C:\Users\Home\AppData\LocalLow\Mozilla
2019-01-14 10:22 - 2013-11-20 17:59 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2019-01-14 10:22 - 2013-11-20 17:59 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-01-14 10:22 - 2013-11-20 17:59 - 000000000 ____D C:\Windows\system32\Macromed
2019-01-14 10:22 - 2013-11-20 17:58 - 000000000 ___HD C:\Users\Home\AppData\Local\Adobe
2019-01-14 10:21 - 2018-09-17 06:27 - 000000000 ____D C:\Users\Home\AppData\Local\AVAST Software
2019-01-14 10:18 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-10 14:43 - 2017-10-19 14:24 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-01-10 14:42 - 2009-07-14 05:34 - 000031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-10 14:42 - 2009-07-14 05:34 - 000031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-01-02 14:11 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\rescache
2019-01-02 13:38 - 2010-11-21 02:16 - 000670154 _____ C:\Windows\system32\perfh005.dat
2019-01-02 13:38 - 2010-11-21 02:16 - 000142280 _____ C:\Windows\system32\perfc005.dat
2019-01-02 13:38 - 2010-11-20 22:01 - 001587976 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-02 13:33 - 2009-07-14 05:33 - 000408304 _____ C:\Windows\system32\FNTCACHE.DAT
2019-01-02 13:24 - 2013-11-19 21:39 - 000000000 ____D C:\Windows\system32\MRT
2019-01-02 13:19 - 2013-11-19 21:39 - 134209608 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-01-02 13:15 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2018-12-20 17:25 - 2017-10-19 14:12 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2018-12-20 17:25 - 2017-10-19 14:12 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-12-17 16:17 - 2017-10-19 14:16 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-17 16:17 - 2017-10-19 14:16 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2019-01-02 14:04
==================== End of FRST.txt ============================
Ran by Home (administrator) on HOME-PC (14-01-2019 10:25:19)
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg32.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Lenovo (Beijing) Limited) C:\Program Files\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Energy Management\utility.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Advanced Audio v2\pcee4.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Symantec Corporation) C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291280 2012-12-21] (Intel Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2248080 2013-03-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files\Lenovo\Energy Management\Energy Management.exe [8000560 2012-03-10] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files\Lenovo\Energy Management\Utility.exe [5936984 2012-03-08] (Lenovo(beijing) Limited)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [4899552 2013-01-04] (Realtek semiconductor)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe [843360 2013-02-04] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2013-03-05] (Conexant Systems, Inc.)
HKLM\...\Run: [Dolby Advanced Audio v2] => C:\Program Files\Dolby Advanced Audio v2\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-18] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-903533670-810270944-866817839-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [14554696 2018-11-06] (Piriform Software Ltd)
HKU\S-1-5-21-903533670-810270944-866817839-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [293888 2010-11-20] (Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-17] (Google Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-10-19] (Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\\BtwCP.dll [2013-02-19] (Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll [2013-02-19] (Broadcom Corporation.)
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-11-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2015-02-11]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{61C6DA8D-F284-4B16-9E27-66303E80A7BB}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{816D727F-04B3-4527-95A3-1B1218EC167C}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-11-04] (Oracle Corporation)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-04] (Oracle Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
FireFox:
========
FF DefaultProfile: 3y4q501s.default
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3y4q501s.default [2019-01-14]
FF Homepage: Mozilla\Firefox\Profiles\3y4q501s.default -> www.seznam.cz
FF Extension: (Avast Online Security) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3y4q501s.default\Extensions\wrc@avast.com.xpi [2019-01-10]
FF Extension: (Vývojové sestavení Adblock Plus) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3y4q501s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-12-04]
FF HKLM\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.8.23\coFFPlgn
FF Extension: (Norton Identity Safe Toolbar) - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.8.23\coFFPlgn [2019-01-14] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-14] ()
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-04] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default [2018-12-17]
CHR Extension: (Dokumenty) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-19]
CHR Extension: (Disk Google) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-19]
CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-19]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-04]
CHR Extension: (Avast Online Security) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-11-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-04]
CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-19]
CHR Extension: (Chrome Media Router) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-17]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6799632 2018-11-18] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-11-18] (AVAST Software)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [829656 2013-02-19] (Broadcom Corporation.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [277616 2012-12-14] (Intel Corporation)
R2 CxAudMsg; C:\Windows\system32\CxAudMsg32.exe [193696 2013-03-05] (Conexant Systems Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [462088 2012-06-19] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 NCO; C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
R2 SAService; C:\Windows\system32\SAsrv.exe [447104 2013-03-05] (Conexant Systems, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ACPIVPC; C:\Windows\System32\DRIVERS\AcpiVpc.sys [24672 2011-12-15] (Lenovo Corporation)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167480 2018-11-18] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188976 2018-11-18] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165384 2018-11-18] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284256 2018-11-18] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57904 2018-11-18] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [183176 2018-12-03] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42736 2018-11-18] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2018-11-18] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135200 2018-11-18] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100984 2018-11-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2018-11-18] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784560 2018-11-18] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397992 2018-11-18] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [156936 2018-11-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310200 2018-11-18] (AVAST Software)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170552 2012-09-25] (Broadcom Corporation.)
R3 btwampfl; C:\Windows\system32\drivers\btwampfl.sys [508184 2012-12-04] (Broadcom Corporation.)
R1 ccSet_NST; C:\Windows\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [127064 2013-09-27] (Symantec Corporation)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [311696 2013-03-05] (ELAN Microelectronics Corp.)
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [524784 2013-01-31] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [26608 2013-01-31] (Intel Corporation)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16440 2012-12-04] (Intel Corporation)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [351288 2012-12-04] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [796216 2012-12-04] (Intel Corporation)
S3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [100504 2012-11-19] (Qualcomm Atheros Co., Ltd.)
R0 LHDmgr; C:\Windows\System32\DRIVERS\LhdX86.sys [32352 2010-01-15] (Lenovo.)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-02] (Intel Corporation)
S3 RSUSBVSTOR; C:\Windows\System32\Drivers\RtsUVStor.sys [242760 2013-01-15] (Realtek Semiconductor Corp.)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [6367072 2013-01-04] (Realtek Semiconductor Corp.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (Created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-14 10:25 - 2019-01-14 10:25 - 000000000 ____D C:\Users\Home\Desktop\FRST-OlderVersion
2019-01-02 13:12 - 2018-12-15 00:14 - 000348760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-01-02 13:12 - 2018-12-14 07:58 - 020280832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-01-02 13:12 - 2018-12-14 07:51 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-01-02 13:12 - 2018-12-14 07:51 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-01-02 13:12 - 2018-12-14 07:41 - 000498176 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-01-02 13:12 - 2018-12-14 07:41 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-01-02 13:12 - 2018-12-14 07:40 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-01-02 13:12 - 2018-12-14 07:40 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-01-02 13:12 - 2018-12-14 07:39 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-01-02 13:12 - 2018-12-14 07:38 - 002295808 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-01-02 13:12 - 2018-12-14 07:35 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-01-02 13:12 - 2018-12-14 07:35 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-01-02 13:12 - 2018-12-14 07:34 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-01-02 13:12 - 2018-12-14 07:33 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-01-02 13:12 - 2018-12-14 07:33 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-01-02 13:12 - 2018-12-14 07:33 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-01-02 13:12 - 2018-12-14 07:32 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-01-02 13:12 - 2018-12-14 07:29 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-01-02 13:12 - 2018-12-14 07:26 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-01-02 13:12 - 2018-12-14 07:23 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-01-02 13:12 - 2018-12-14 07:22 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-01-02 13:12 - 2018-12-14 07:22 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-01-02 13:12 - 2018-12-14 07:20 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-01-02 13:12 - 2018-12-14 07:19 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-01-02 13:12 - 2018-12-14 07:19 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-01-02 13:12 - 2018-12-14 07:18 - 004494848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-01-02 13:12 - 2018-12-14 07:18 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-01-02 13:12 - 2018-12-14 07:14 - 013681152 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-01-02 13:12 - 2018-12-14 07:13 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-01-02 13:12 - 2018-12-14 07:11 - 002059776 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-01-02 13:12 - 2018-12-14 07:11 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-01-02 13:12 - 2018-12-14 07:11 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-01-02 13:12 - 2018-12-14 07:10 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-01-02 13:12 - 2018-12-14 06:58 - 004386816 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-01-02 13:12 - 2018-12-14 06:54 - 001330176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-01-02 13:12 - 2018-12-14 06:52 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-01-02 13:11 - 2018-12-06 03:35 - 002405376 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-01-02 13:11 - 2018-11-28 22:50 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-01-02 13:11 - 2018-11-28 22:50 - 011411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-01-02 13:11 - 2018-11-28 22:38 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-01-02 13:11 - 2018-11-28 22:38 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-01-02 13:11 - 2018-11-28 22:38 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-01-02 13:11 - 2018-11-11 17:50 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2019-01-02 13:11 - 2018-11-11 17:50 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-01-02 13:11 - 2018-11-11 17:49 - 004054760 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2019-01-02 13:11 - 2018-11-11 17:49 - 003960040 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-01-02 13:11 - 2018-11-11 17:49 - 000162536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-01-02 13:11 - 2018-11-11 17:49 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-01-02 13:11 - 2018-11-11 17:49 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2019-01-02 13:11 - 2018-11-11 17:49 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-01-02 13:11 - 2018-11-11 17:47 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 001063424 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-01-02 13:11 - 2018-11-11 17:45 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-01-02 13:11 - 2018-11-11 17:44 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-01-02 13:11 - 2018-11-11 17:44 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-01-02 13:11 - 2018-11-11 17:44 - 000307200 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-01-02 13:11 - 2018-11-11 17:44 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-01-02 13:11 - 2018-11-11 17:44 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-01-02 13:11 - 2018-11-11 17:44 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-01-02 13:11 - 2018-11-11 17:44 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-01-02 13:11 - 2018-11-11 17:44 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-01-02 13:11 - 2018-11-11 17:20 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-01-02 13:11 - 2018-11-11 17:20 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-01-02 13:11 - 2018-11-11 17:20 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-01-02 13:11 - 2018-11-11 17:20 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-01-02 13:11 - 2018-11-11 17:19 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-01-02 13:11 - 2018-11-11 17:17 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-01-02 13:11 - 2018-11-11 17:17 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-01-02 13:11 - 2018-11-11 17:15 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-01-02 13:11 - 2018-11-11 17:14 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-01-02 13:11 - 2018-11-11 17:14 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-01-02 13:11 - 2018-11-11 17:14 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-01-02 13:11 - 2018-11-11 17:14 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-01-02 13:11 - 2018-11-11 17:14 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-01-02 13:11 - 2018-11-11 17:14 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-01-02 13:11 - 2018-11-11 17:13 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-01-02 13:11 - 2018-11-11 17:13 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-01-02 13:11 - 2018-11-11 17:13 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2019-01-02 13:11 - 2018-11-11 17:13 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-01-02 13:11 - 2018-11-11 17:13 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-01-02 13:11 - 2018-11-08 17:43 - 001391104 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-01-02 13:11 - 2018-11-08 17:43 - 001241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-01-02 13:11 - 2018-11-08 17:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-01-02 13:11 - 2018-11-08 17:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2019-01-02 13:11 - 2018-11-06 05:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-01-02 13:11 - 2018-10-06 16:50 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-01-02 13:11 - 2018-10-06 16:44 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-01-02 13:11 - 2018-10-06 16:43 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-01-02 13:11 - 2018-10-06 16:43 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-01-02 13:11 - 2018-10-06 16:43 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-01-02 13:11 - 2018-10-06 16:16 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-12-25 11:08 - 2018-12-25 11:17 - 000000000 ____D C:\Users\Home\Desktop\karta
2018-12-19 08:53 - 2018-12-19 08:53 - 000177827 _____ C:\Users\Home\Desktop\12-2018.pdf
2018-12-17 16:16 - 2018-12-17 16:16 - 000172734 _____ C:\Users\Home\Desktop\pujcka.pdf
2018-12-17 16:15 - 2018-12-17 16:15 - 000177814 _____ C:\Users\Home\Desktop\2.pdf
2018-12-17 16:15 - 2018-12-17 16:15 - 000174604 _____ C:\Users\Home\Desktop\1.pdf
==================== One month (Modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-14 10:27 - 2018-12-12 15:55 - 000017520 _____ C:\Users\Home\Desktop\FRST.txt
2019-01-14 10:25 - 2018-12-12 15:55 - 000000000 ____D C:\FRST
2019-01-14 10:25 - 2018-12-12 15:54 - 001786368 _____ (Farbar) C:\Users\Home\Desktop\FRST.exe
2019-01-14 10:25 - 2017-10-19 14:13 - 000000000 ____D C:\Users\Home\AppData\LocalLow\Mozilla
2019-01-14 10:22 - 2013-11-20 17:59 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2019-01-14 10:22 - 2013-11-20 17:59 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-01-14 10:22 - 2013-11-20 17:59 - 000000000 ____D C:\Windows\system32\Macromed
2019-01-14 10:22 - 2013-11-20 17:58 - 000000000 ___HD C:\Users\Home\AppData\Local\Adobe
2019-01-14 10:21 - 2018-09-17 06:27 - 000000000 ____D C:\Users\Home\AppData\Local\AVAST Software
2019-01-14 10:18 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-10 14:43 - 2017-10-19 14:24 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-01-10 14:42 - 2009-07-14 05:34 - 000031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-10 14:42 - 2009-07-14 05:34 - 000031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-01-02 14:11 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\rescache
2019-01-02 13:38 - 2010-11-21 02:16 - 000670154 _____ C:\Windows\system32\perfh005.dat
2019-01-02 13:38 - 2010-11-21 02:16 - 000142280 _____ C:\Windows\system32\perfc005.dat
2019-01-02 13:38 - 2010-11-20 22:01 - 001587976 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-02 13:33 - 2009-07-14 05:33 - 000408304 _____ C:\Windows\system32\FNTCACHE.DAT
2019-01-02 13:24 - 2013-11-19 21:39 - 000000000 ____D C:\Windows\system32\MRT
2019-01-02 13:19 - 2013-11-19 21:39 - 134209608 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-01-02 13:15 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2018-12-20 17:25 - 2017-10-19 14:12 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2018-12-20 17:25 - 2017-10-19 14:12 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-12-17 16:17 - 2017-10-19 14:16 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-17 16:17 - 2017-10-19 14:16 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2019-01-02 14:04
==================== End of FRST.txt ============================
Re: prosím prev.
omlouvám se za nemoc, proto pozdě
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-01-2019
Ran by Home (14-01-2019 10:27:58)
Running from C:\Users\Home\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2013-11-20 02:21:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-903533670-810270944-866817839-500 - Administrator - Disabled)
Guest (S-1-5-21-903533670-810270944-866817839-501 - Limited - Disabled)
Home (S-1-5-21-903533670-810270944-866817839-1000 - Administrator - Enabled) => C:\Users\Home
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{A878C2B1-7B07-EDF9-30F4-D03BE6F08D30}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 12 v.12.0.5 (HKLM\...\{91B33C97-93EB-244C-F687-71D85E45A206}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.49 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.49.0 - Conexant)
Dolby Advanced Audio v2 (HKLM\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Energy Management (HKLM\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.4 - Lenovo) Hidden
Energy Management (HKLM\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.4 - Lenovo)
Google Chrome (HKLM\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.7.248 - Intel Corporation)
Java 8 Update 181 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 191 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4000 - Broadcom Corporation)
Lenovo EasyCamera (HKLM\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10206 - Realtek Semiconductor Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.14.1 - ELAN Microelectronic Corp.)
Lenovo_Wireless_Driver (HKLM\...\{36CE10BD-A076-4DE3-A8A7-2F61E3FB2E6A}) (Version: 6.20.55.14 - Lenovo)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 64.0 (x86 cs) (HKLM\...\Mozilla Firefox 64.0 (x86 cs)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0.0.6914 - Mozilla)
Norton Identity Safe (HKLM\...\NST) (Version: 2014.7.11.42 - Symantec Corporation)
OEM Application Profile (HKLM\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Název společnosti:)
paint.net (HKLM\...\{FC1BF7F0-A83E-464A-8D59-FCEB5FA582AA}) (Version: 4.1.2 - dotPDN LLC)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Qualcomm Atheros Communications Inc.)
Realtek USB Card Reader (HKLM\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39041 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
WinRAR 5.60 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-18] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-18] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-18] (AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-12-14] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-18] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {061A8EBC-C68C-4682-9328-B25AAC28A6AF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {4AFFF684-7205-4975-8EA2-D3618EBAD7A6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-06] (Piriform Ltd)
Task: {4E68FCC0-BB4E-47CF-BD78-CD48ED9E1459} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-10] (AVAST Software)
Task: {7CEC78DE-4528-4E48-92EC-0E1E0615F505} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-10-19] (Google Inc.)
Task: {8F208019-D04D-433B-8942-612E59F0254B} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {9BD1CDA7-6466-4CF7-8D09-03D0ED7AF8A2} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {9F6D5EFA-02A8-40E6-ADB4-1AD25B38A981} - \AutoKMS -> No File <==== ATTENTION
Task: {A33B3825-408C-42C6-A419-577B4E93863A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-14] (Adobe Systems Incorporated)
Task: {B28B8DA7-B07A-4F64-A2CF-64458E2B91E2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-18] (AVAST Software)
Task: {B59EA57C-F83A-46BD-A0E9-0FFC9C6A1E6D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-14] (Adobe Systems Incorporated)
Task: {CEE31325-6226-4E79-ABB2-E5B17C423CFA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-06] (Piriform Software Ltd)
Task: {E0FEF0F8-17EF-4BD0-8FFC-B02DFC6D6F0C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-10-19] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":
WMI:subscription\__EventFilter->BVTFilter:
WMI:subscription\CommandLineEventConsumer->BVTConsumer:
==================== Loaded Modules (Whitelisted) ==============
2018-11-18 18:15 - 2018-11-18 18:15 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-11-18 18:15 - 2018-11-18 18:15 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-01-10 14:31 - 2019-01-10 14:31 - 005735056 _____ () C:\Program Files\AVAST Software\Avast\defs\19011000\algo.dll
2018-11-18 18:15 - 2018-11-18 18:15 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-11-18 18:15 - 2018-11-18 18:15 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-11-18 18:15 - 2018-11-18 18:15 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2019-01-14 10:20 - 2019-01-14 10:20 - 005740176 _____ () C:\Program Files\AVAST Software\Avast\defs\19011400\algo.dll
2013-04-04 01:09 - 2013-04-04 01:09 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2008-12-20 03:20 - 2008-12-20 03:20 - 000051016 _____ () C:\Program Files\Lenovo\Energy Management\HookLib.dll
2012-03-10 16:30 - 2012-03-10 16:30 - 001509424 _____ () C:\Program Files\Lenovo\Energy Management\EMWpfUI.dll
2012-03-08 15:36 - 2012-03-08 15:36 - 000011096 _____ () C:\Program Files\Lenovo\Energy Management\cs-CZ\EMWpfUI.resources.dll
2008-12-20 03:20 - 2008-12-20 03:20 - 000063304 _____ () C:\Program Files\Lenovo\Energy Management\kbdhook.dll
2013-11-20 04:13 - 2012-06-07 09:51 - 000094208 _____ () C:\Windows\System32\IccLibDll.dll
2018-09-17 06:09 - 2018-09-17 06:09 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-11-06 17:14 - 2018-11-06 17:14 - 000090576 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2013-11-20 04:13 - 2012-07-18 06:55 - 001198912 _____ () C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2019-01-10 14:30 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\Intel\iCLS Client\;C:\Program Files\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Lenovo\Bluetooth Software\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\OpenCL SDK\2.0\bin\x86
HKU\S-1-5-21-903533670-810270944-866817839-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Corporation)
FirewallRules: [{A36BAA2E-7945-46F8-A9C8-D99AC0F31DDD}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
FirewallRules: [TCP Query User{F1DF2F0A-85AE-44E1-85ED-E1BD1230152D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation)
FirewallRules: [UDP Query User{BEE17779-A3C8-4F38-AB66-9BE9F666CAB4}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation)
FirewallRules: [{B77AA32A-A584-44A0-B228-E05B095BDD00}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{B4083CE2-857A-458A-81C2-1540EABC0609}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{F3AF6603-F79B-4ED9-8B10-2AAA6F835F4A}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{4AE7EC3C-1A70-49B0-BDA3-4FECD6871E94}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{10D7D217-F99B-40DA-8EE2-A4AB84251B34}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{83BC0976-C856-4078-A82A-5D7A128BE334}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{AF421272-B6CB-4376-8621-2E1D1FA25D07}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
==================== Restore Points =========================
09-11-2018 16:39:36 Naplánovaný kontrolní bod
19-11-2018 11:41:22 Windows Update
21-11-2018 13:18:40 paint.net 4.1.2
08-12-2018 10:07:23 Naplánovaný kontrolní bod
13-12-2018 16:45:22 Restore Point Created by FRST
14-12-2018 14:33:31 Restore Point Created by FRST
02-01-2019 13:13:43 Windows Update
==================== Faulty Device Manager Devices =============
Name: Qualcomm Atheros AR8172/8176/8178 PCI-E Fast Ethernet Controller (NDIS 6.20)
Description: Qualcomm Atheros AR8172/8176/8178 PCI-E Fast Ethernet Controller (NDIS 6.20)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros
Service: L1C
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/14/2019 10:19:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/10/2019 02:53:25 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).
Error: (01/10/2019 02:30:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/02/2019 01:33:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/02/2019 01:02:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/25/2018 11:06:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/20/2018 05:26:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/19/2018 08:44:18 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).
System errors:
=============
Error: (01/02/2019 04:29:19 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/25/2018 11:07:41 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/19/2018 09:40:39 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/14/2018 02:36:25 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\bcmihvsrv.dll
Error: (12/14/2018 02:36:25 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\bcmihvsrv.dll
Error: (12/14/2018 02:35:57 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\bcmihvsrv.dll
Error: (12/14/2018 02:34:05 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/14/2018 02:33:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Percentage of memory in use: 45%
Total physical RAM: 3206.85 MB
Available physical RAM: 1741.13 MB
Total Virtual: 6412.07 MB
Available Virtual: 4810.56 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:274.97 GB) NTFS
\\?\Volume{bed13d43-5189-11e3-8f24-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-01-2019
Ran by Home (14-01-2019 10:27:58)
Running from C:\Users\Home\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2013-11-20 02:21:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-903533670-810270944-866817839-500 - Administrator - Disabled)
Guest (S-1-5-21-903533670-810270944-866817839-501 - Limited - Disabled)
Home (S-1-5-21-903533670-810270944-866817839-1000 - Administrator - Enabled) => C:\Users\Home
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{A878C2B1-7B07-EDF9-30F4-D03BE6F08D30}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 12 v.12.0.5 (HKLM\...\{91B33C97-93EB-244C-F687-71D85E45A206}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.49 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.49.0 - Conexant)
Dolby Advanced Audio v2 (HKLM\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Energy Management (HKLM\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.4 - Lenovo) Hidden
Energy Management (HKLM\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.4 - Lenovo)
Google Chrome (HKLM\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.7.248 - Intel Corporation)
Java 8 Update 181 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 191 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4000 - Broadcom Corporation)
Lenovo EasyCamera (HKLM\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10206 - Realtek Semiconductor Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.14.1 - ELAN Microelectronic Corp.)
Lenovo_Wireless_Driver (HKLM\...\{36CE10BD-A076-4DE3-A8A7-2F61E3FB2E6A}) (Version: 6.20.55.14 - Lenovo)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 64.0 (x86 cs) (HKLM\...\Mozilla Firefox 64.0 (x86 cs)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0.0.6914 - Mozilla)
Norton Identity Safe (HKLM\...\NST) (Version: 2014.7.11.42 - Symantec Corporation)
OEM Application Profile (HKLM\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Název společnosti:)
paint.net (HKLM\...\{FC1BF7F0-A83E-464A-8D59-FCEB5FA582AA}) (Version: 4.1.2 - dotPDN LLC)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Qualcomm Atheros Communications Inc.)
Realtek USB Card Reader (HKLM\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39041 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
WinRAR 5.60 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-18] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-18] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-18] (AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-12-14] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-18] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {061A8EBC-C68C-4682-9328-B25AAC28A6AF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {4AFFF684-7205-4975-8EA2-D3618EBAD7A6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-06] (Piriform Ltd)
Task: {4E68FCC0-BB4E-47CF-BD78-CD48ED9E1459} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-10] (AVAST Software)
Task: {7CEC78DE-4528-4E48-92EC-0E1E0615F505} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-10-19] (Google Inc.)
Task: {8F208019-D04D-433B-8942-612E59F0254B} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {9BD1CDA7-6466-4CF7-8D09-03D0ED7AF8A2} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {9F6D5EFA-02A8-40E6-ADB4-1AD25B38A981} - \AutoKMS -> No File <==== ATTENTION
Task: {A33B3825-408C-42C6-A419-577B4E93863A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-14] (Adobe Systems Incorporated)
Task: {B28B8DA7-B07A-4F64-A2CF-64458E2B91E2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-18] (AVAST Software)
Task: {B59EA57C-F83A-46BD-A0E9-0FFC9C6A1E6D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-14] (Adobe Systems Incorporated)
Task: {CEE31325-6226-4E79-ABB2-E5B17C423CFA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-06] (Piriform Software Ltd)
Task: {E0FEF0F8-17EF-4BD0-8FFC-B02DFC6D6F0C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-10-19] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":
WMI:subscription\__EventFilter->BVTFilter:
WMI:subscription\CommandLineEventConsumer->BVTConsumer:
==================== Loaded Modules (Whitelisted) ==============
2018-11-18 18:15 - 2018-11-18 18:15 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-11-18 18:15 - 2018-11-18 18:15 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-01-10 14:31 - 2019-01-10 14:31 - 005735056 _____ () C:\Program Files\AVAST Software\Avast\defs\19011000\algo.dll
2018-11-18 18:15 - 2018-11-18 18:15 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-11-18 18:15 - 2018-11-18 18:15 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-11-18 18:15 - 2018-11-18 18:15 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2019-01-14 10:20 - 2019-01-14 10:20 - 005740176 _____ () C:\Program Files\AVAST Software\Avast\defs\19011400\algo.dll
2013-04-04 01:09 - 2013-04-04 01:09 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2008-12-20 03:20 - 2008-12-20 03:20 - 000051016 _____ () C:\Program Files\Lenovo\Energy Management\HookLib.dll
2012-03-10 16:30 - 2012-03-10 16:30 - 001509424 _____ () C:\Program Files\Lenovo\Energy Management\EMWpfUI.dll
2012-03-08 15:36 - 2012-03-08 15:36 - 000011096 _____ () C:\Program Files\Lenovo\Energy Management\cs-CZ\EMWpfUI.resources.dll
2008-12-20 03:20 - 2008-12-20 03:20 - 000063304 _____ () C:\Program Files\Lenovo\Energy Management\kbdhook.dll
2013-11-20 04:13 - 2012-06-07 09:51 - 000094208 _____ () C:\Windows\System32\IccLibDll.dll
2018-09-17 06:09 - 2018-09-17 06:09 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-11-06 17:14 - 2018-11-06 17:14 - 000090576 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2013-11-20 04:13 - 2012-07-18 06:55 - 001198912 _____ () C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2019-01-10 14:30 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files\Intel\iCLS Client\;C:\Program Files\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Lenovo\Bluetooth Software\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\OpenCL SDK\2.0\bin\x86
HKU\S-1-5-21-903533670-810270944-866817839-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Corporation)
FirewallRules: [{A36BAA2E-7945-46F8-A9C8-D99AC0F31DDD}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
FirewallRules: [TCP Query User{F1DF2F0A-85AE-44E1-85ED-E1BD1230152D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation)
FirewallRules: [UDP Query User{BEE17779-A3C8-4F38-AB66-9BE9F666CAB4}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation)
FirewallRules: [{B77AA32A-A584-44A0-B228-E05B095BDD00}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{B4083CE2-857A-458A-81C2-1540EABC0609}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{F3AF6603-F79B-4ED9-8B10-2AAA6F835F4A}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{4AE7EC3C-1A70-49B0-BDA3-4FECD6871E94}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{10D7D217-F99B-40DA-8EE2-A4AB84251B34}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{83BC0976-C856-4078-A82A-5D7A128BE334}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{AF421272-B6CB-4376-8621-2E1D1FA25D07}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
==================== Restore Points =========================
09-11-2018 16:39:36 Naplánovaný kontrolní bod
19-11-2018 11:41:22 Windows Update
21-11-2018 13:18:40 paint.net 4.1.2
08-12-2018 10:07:23 Naplánovaný kontrolní bod
13-12-2018 16:45:22 Restore Point Created by FRST
14-12-2018 14:33:31 Restore Point Created by FRST
02-01-2019 13:13:43 Windows Update
==================== Faulty Device Manager Devices =============
Name: Qualcomm Atheros AR8172/8176/8178 PCI-E Fast Ethernet Controller (NDIS 6.20)
Description: Qualcomm Atheros AR8172/8176/8178 PCI-E Fast Ethernet Controller (NDIS 6.20)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros
Service: L1C
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/14/2019 10:19:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/10/2019 02:53:25 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).
Error: (01/10/2019 02:30:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/02/2019 01:33:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/02/2019 01:02:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/25/2018 11:06:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/20/2018 05:26:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/19/2018 08:44:18 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80004005).
System errors:
=============
Error: (01/02/2019 04:29:19 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/25/2018 11:07:41 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/19/2018 09:40:39 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/14/2018 02:36:25 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\bcmihvsrv.dll
Error: (12/14/2018 02:36:25 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\bcmihvsrv.dll
Error: (12/14/2018 02:35:57 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\Windows\System32\bcmihvsrv.dll
Error: (12/14/2018 02:34:05 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/14/2018 02:33:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Percentage of memory in use: 45%
Total physical RAM: 3206.85 MB
Available physical RAM: 1741.13 MB
Total Virtual: 6412.07 MB
Available Virtual: 4810.56 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:274.97 GB) NTFS
\\?\Volume{bed13d43-5189-11e3-8f24-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Re: prosím prev.
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx Task: {9F6D5EFA-02A8-40E6-ADB4-1AD25B38A981} - \AutoKMS -> No File <==== ATTENTION Hosts: EmptyTemp: End - Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: prosím prev.
Fix result of Farbar Recovery Scan Tool (x86) Version: 16-01-2019 01
Ran by Home (18-01-2019 11:17:41) Run:3
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
Task: {9F6D5EFA-02A8-40E6-ADB4-1AD25B38A981} - \AutoKMS -> No File <==== ATTENTION
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 890
Average :
Sum : 7017416855
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{9F6D5EFA-02A8-40E6-ADB4-1AD25B38A981}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F6D5EFA-02A8-40E6-ADB4-1AD25B38A981}" => removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4435092 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 11601366 B
Edge => 0 B
Chrome => 999766 B
Firefox => 14602523 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
LocalService => 0 B
NetworkService => 0 B
Home => 2029784 B
RecycleBin => 0 B
EmptyTemp: => 40.1 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 11:18:32 ====
Ran by Home (18-01-2019 11:17:41) Run:3
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
Task: {9F6D5EFA-02A8-40E6-ADB4-1AD25B38A981} - \AutoKMS -> No File <==== ATTENTION
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 890
Average :
Sum : 7017416855
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{9F6D5EFA-02A8-40E6-ADB4-1AD25B38A981}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F6D5EFA-02A8-40E6-ADB4-1AD25B38A981}" => removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4435092 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 11601366 B
Edge => 0 B
Chrome => 999766 B
Firefox => 14602523 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
LocalService => 0 B
NetworkService => 0 B
Home => 2029784 B
RecycleBin => 0 B
EmptyTemp: => 40.1 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 11:18:32 ====
Přispějete na provoz fóra?