Nejspíš to s viry vůbec nesouviselo, ale poslední dobou jsem měl u internetu vysoký ping (rychlost dle měření ale ok, jen ten ping.. UPC tvrdí že u modemu je vše v pořádku, takže možná je problém s novým routerem, momentálně se mi ping po resetu všeho -modem i router snížil, ale uvidíme s odstupem jestli to pomohlo).
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by aldik (administrator) on DESKTOP-GNDKI0V (Micro-Star International Co., Ltd MS-7A34) (06-02-2020 07:44:57)
Running from C:\Users\aldik\Downloads
Loaded Profiles: aldik (Available Profiles: aldik)
Platform: Windows 10 Home Version 1809 17763.973 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation ) C:\Windows\vVX6000.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\aldik\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20011.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTray.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [VX6000] => C:\WINDOWS\vVX6000.exe [764784 2017-11-25] (Microsoft Corporation -> Microsoft Corporation )
HKU\S-1-5-21-419092594-3582731984-512919202-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-419092594-3582731984-512919202-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3311568 2020-01-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-419092594-3582731984-512919202-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE [680520 2017-01-09] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-419092594-3582731984-512919202-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\aldik\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-419092594-3582731984-512919202-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\aldik\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-419092594-3582731984-512919202-1001\...\RunOnce: [Uninstall 19.222.1110.0006\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\aldik\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64"
HKU\S-1-5-21-419092594-3582731984-512919202-1001\...\RunOnce: [Uninstall 19.222.1110.0006] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\aldik\AppData\Local\Microsoft\OneDrive\19.222.1110.0006"
HKU\S-1-5-21-419092594-3582731984-512919202-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [151552 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{401C381F-E0DE-4B85-8BD8-4F3F14FBDA57}] -> C:\Program Files (x86)\Microsoft\Edge Dev\Application\81.0.410.1\Installer\setup.exe [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-23] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01B47092-44FA-4AAB-9596-1B8F8C7EEF3F} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d562eec952b3b5 => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [147152 2019-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {50C7646E-E593-4724-BECE-4F6C28C8974F} - System32\Tasks\GoogleUpdateTaskMachineCore1d57daf6a0035ac => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-11] (Google Inc -> Google Inc.)
Task: {5A69FC70-0219-46E9-BAF7-9653996A6900} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-11] (Google Inc -> Google Inc.)
Task: {70A16D5A-23F5-4ACE-985D-EC04AEDB616F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {732A3D18-F477-4CA2-BA5F-89258253FD0F} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [147152 2019-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {8F43C308-D89C-4996-8F79-699C3DF41E06} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-14] (Piriform Ltd -> Piriform Ltd)
Task: {AB189C60-5915-404C-A32C-D7A70B390743} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [147152 2019-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {AEAAF368-4A82-4F3F-8B0A-0A0983D27D1C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B5B9663B-4CE3-497A-BCF8-3035EC4BC9F4} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA1d562eec95636ee => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [147152 2019-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {CD295136-2FB9-4B99-8B38-FE6F9F1D0DAC} - System32\Tasks\GoogleUpdateTaskMachineUA1d57daf6a029810 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-11] (Google Inc -> Google Inc.)
Task: {CDEBA2CA-1AC0-45AD-8743-9D428414483A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D3AAB2C5-6C2B-4239-8B26-9C96047BFA5D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E511B24D-08F1-433A-9B73-AAE858600CE9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-11] (Google Inc -> Google Inc.)
Task: {E64C0262-DC91-4958-8AD6-CF77E296D76B} - System32\Tasks\Microsoft_Hardware_Launch_vVX6000_exe => C:\WINDOWS\vVX6000.exe [764784 2017-11-25] (Microsoft Corporation -> Microsoft Corporation )
Task: {F84B04D9-63B3-4F2A-AD4E-4C6BA553B407} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-01] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{101ad1da-f66e-49b7-9c4d-85865cf8ef4b}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{368d65ae-a51e-4eee-9490-86a7b69b691a}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{39761b61-8e2f-450d-b9fc-5471b73f114f}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{b513d7e1-6d04-43b6-8773-d59c40ea7003}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{d45ea082-dfdd-4e43-bc0d-4f3f7d484d51}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-419092594-3582731984-512919202-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://oem17win10.msn.com/?pc=NMTE
HKU\S-1-5-21-419092594-3582731984-512919202-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.umax.cz
Edge:
======
DownloadDir: C:\Users\aldik\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-419092594-3582731984-512919202-1001 -> hxxp://www.seznam.cz/
FireFox:
========
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default [2020-02-06]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://kfc.cz; hxxps://messages.android.com; hxxps://web.icq.com; hxxps://web.skype.com; hxxps://web.whatsapp.com; hxxps://www.damejidlo.cz; hxxps://www.instagram.com; hxxps://www.kupi.cz; hxxps://www.msstavby.cz; hxxps://www.seznamka.cz; hxxps://www.slevomat.cz
CHR HomePage: Default -> hxxp://www.google.cz/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-11]
CHR Extension: (Dokumenty) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-11]
CHR Extension: (Disk Google) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-25]
CHR Extension: (Seznam doplněk - Email) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-02-02]
CHR Extension: (YouTube) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-11]
CHR Extension: (Set Character Encoding) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpojelgakakmcfmjfilgdlmhefphglae [2019-02-24]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-23]
CHR Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2019-11-22]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2019-12-20]
CHR Extension: (Tabulky) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-16]
CHR Extension: (Tlačítko „Uložit“ pro Pinterest) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-01-14]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-01-29]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2020-02-02]
CHR Extension: (Udělej printscreen celé webové stránky - FireShot) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2019-12-13]
CHR Extension: (Desktop, formerly Drive) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfakdllpdfjjbfommlcnfkedmbigkfdo [2018-05-14]
CHR Extension: (Save to Pocket) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2019-07-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Prohlížeč dokumentů ve formátu PDF/PowerPoint (od společnosti Google)) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2017-11-11]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2020-02-05]
CHR Extension: (Outlook.com) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2017-11-11]
CHR Extension: (Gmail) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-13]
CHR Profile: C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-08-15]
CHR Profile: C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-02-05]
CHR Notifications: Profile 1 -> hxxps://web.whatsapp.com; hxxps://www.amateri.com; hxxps://www.xvideos.com; hxxps://www.youtube.com
CHR Extension: (Prezentace) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-11]
CHR Extension: (Dokumenty) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-11]
CHR Extension: (Disk Google) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-25]
CHR Extension: (YouTube) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-11]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-23]
CHR Extension: (Tabulky) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-13]
CHR Profile: C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 2 [2019-12-12]
CHR HomePage: Profile 2 -> hxxp://www.google.cz/
CHR Extension: (Prezentace) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-11]
CHR Extension: (Dokumenty) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-11]
CHR Extension: (Disk Google) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-11]
CHR Extension: (YouTube) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-11]
CHR Extension: (Tabulky) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-21]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2019-11-28]
CHR Extension: (Desktop, formerly Drive) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nfakdllpdfjjbfommlcnfkedmbigkfdo [2018-05-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-19]
CHR Extension: (Gmail) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-12]
CHR Extension: (Chrome Media Router) - C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-19]
CHR Profile: C:\Users\aldik\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-11]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [147152 2019-05-21] (Microsoft Corporation -> Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [147152 2019-05-21] (Microsoft Corporation -> Microsoft Corporation)
S3 MicrosoftEdgeDevElevationService; C:\Program Files (x86)\Microsoft\Edge Dev\Application\81.0.410.1\elevation_service.exe [1140096 2020-02-05] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [33144 2017-08-29] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [137496 2018-09-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
S3 athrusb; C:\WINDOWS\System32\drivers\athrxusb.sys [1075712 2008-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 clwvd8; C:\WINDOWS\system32\DRIVERS\clwvd8.sys [61056 2018-08-23] (CyberLink Corp. -> CyberLink Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-11-21] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-11-21] (Disc Soft Ltd -> Disc Soft Ltd)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_db678424d2641c3d\nvlddmkm.sys [22094728 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [8206848 2018-09-15] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [452008 2019-04-07] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [376032 2020-02-01] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-01] (Microsoft Windows -> Microsoft Corporation)
S3 WsAudio_Device(1); C:\WINDOWS\system32\drivers\VirtualAudio1.sys [31080 2015-08-03] (Wondershare Software Co., Ltd. -> Wondershare)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-06 07:44 - 2020-02-06 07:45 - 000024967 _____ C:\Users\aldik\Downloads\FRST.txt
2020-02-06 07:44 - 2020-02-06 07:45 - 000000000 ____D C:\FRST
2020-02-06 07:42 - 2020-02-06 07:43 - 002279424 _____ (Farbar) C:\Users\aldik\Downloads\FRST64.exe
2020-02-06 07:32 - 2020-02-06 07:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2020-02-06 07:32 - 2020-02-06 07:32 - 000000000 ____D C:\Program Files\Speccy
2020-02-06 07:31 - 2020-02-06 07:31 - 006889184 _____ (Piriform Ltd) C:\Users\aldik\Downloads\spsetup132.exe
2020-02-06 07:09 - 2020-02-06 07:09 - 000000000 ___HD C:\OneDriveTemp
2020-02-05 11:53 - 2020-02-05 11:54 - 710312617 _____ C:\Users\aldik\Downloads\Slunečná 8.mkv
2020-02-05 11:19 - 2020-02-05 11:21 - 972706938 _____ C:\Users\aldik\Downloads\Slunečná-9.díl-Pomsta je sladká.mkv
2020-02-05 11:19 - 2020-02-05 11:19 - 556724918 _____ C:\Users\aldik\Downloads\Slunečná 10. epizoda (04.02.20).mp4
2020-01-28 11:55 - 2020-01-28 11:55 - 000354989 _____ C:\Users\aldik\Downloads\slevomat-cz-voucher-pobyt-v-beskydech-s-wellness-a-polopenzi-4951428390E-670.pdf
2020-01-28 10:25 - 2020-01-28 10:25 - 000748816 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-01-26 18:55 - 2020-01-26 18:55 - 000259626 _____ C:\Users\aldik\Downloads\slevomat-cz-voucher-1-5-kg-grilovaneho-veproveho-kolena-pro-partu-7791109730A-424.pdf
2020-01-26 18:46 - 2020-01-26 18:46 - 000600296 _____ C:\Users\aldik\Downloads\slevomat-cz-voucher-vymazlene-trdelniky-s-prichuti-naplni-i-s-kavou-3854959800J-117.pdf
2020-01-26 18:45 - 2020-01-26 18:45 - 000601055 _____ C:\Users\aldik\Downloads\slevomat-cz-voucher-vymazlene-trdelniky-s-prichuti-naplni-i-s-kavou-3017758390E-213.pdf
2020-01-15 15:42 - 2020-01-15 15:42 - 009668408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-15 15:42 - 2020-01-15 15:42 - 008905728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 007922688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 006543736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-01-15 15:42 - 2020-01-15 15:42 - 003637248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-15 15:42 - 2020-01-15 15:42 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-15 15:42 - 2020-01-15 15:42 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 002419712 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-15 15:42 - 2020-01-15 15:42 - 002323896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 002149160 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 001936520 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 001677088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 001670800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 001665712 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 001258296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-15 15:42 - 2020-01-15 15:42 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 001084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 001050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-15 15:42 - 2020-01-15 15:42 - 001049400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-15 15:42 - 2020-01-15 15:42 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-15 15:42 - 2020-01-15 15:42 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000677144 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-01-15 15:42 - 2020-01-15 15:42 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000541264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000410616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000405304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-15 15:42 - 2020-01-15 15:42 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000350416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000154976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-15 15:42 - 2020-01-15 15:42 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000122568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-15 15:42 - 2020-01-15 15:42 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-15 15:42 - 2020-01-15 15:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-01-15 15:42 - 2020-01-15 15:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-01-15 15:42 - 2020-01-15 15:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-01-15 15:42 - 2020-01-15 15:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-01-15 15:42 - 2020-01-15 15:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-01-15 15:42 - 2020-01-15 15:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-01-15 15:42 - 2020-01-15 15:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-01-15 15:42 - 2020-01-15 15:42 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-06 07:23 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-02-06 07:22 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-06 07:13 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-06 07:13 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-06 07:09 - 2019-05-21 09:04 - 000002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge Dev.lnk
2020-02-06 07:09 - 2019-05-21 09:04 - 000002301 _____ C:\Users\Public\Desktop\Microsoft Edge Dev.lnk
2020-02-06 07:09 - 2019-05-15 11:39 - 000002361 _____ C:\Users\aldik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-02-06 07:09 - 2017-11-11 12:51 - 000000000 ___RD C:\Users\aldik\OneDrive
2020-02-06 07:08 - 2019-12-28 08:18 - 000000000 ____D C:\Program Files (x86)\Steam
2020-02-05 12:31 - 2017-11-11 12:56 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-05 12:29 - 2017-11-11 13:26 - 000000000 ____D C:\Users\aldik\AppData\Roaming\eM Client
2020-02-05 12:14 - 2019-05-15 11:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-05 07:20 - 2019-10-08 09:07 - 000003504 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d57daf6a029810
2020-02-05 07:20 - 2019-10-08 09:07 - 000003380 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d57daf6a0035ac
2020-02-04 14:37 - 2019-09-04 08:02 - 000003614 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA1d562eec95636ee
2020-02-04 14:37 - 2019-09-04 08:02 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d562eec952b3b5
2020-02-03 12:33 - 2017-11-11 13:18 - 000000000 ____D C:\Users\aldik\AppData\Roaming\vlc
2020-02-01 19:20 - 2018-02-16 07:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-01-29 13:30 - 2018-06-29 13:53 - 000000000 ____D C:\Users\aldik\Desktop\aukro
2020-01-23 11:31 - 2017-11-11 12:55 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-23 11:31 - 2017-11-11 12:55 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-16 08:46 - 2019-05-15 11:45 - 001606106 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-16 08:46 - 2018-09-15 18:32 - 000682526 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-16 08:46 - 2018-09-15 18:32 - 000137244 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-16 08:46 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2020-01-16 08:45 - 2019-06-19 04:02 - 000000000 ____D C:\Program Files\UNP
2020-01-16 08:42 - 2019-05-15 11:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-16 08:42 - 2019-05-15 11:37 - 000258088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-16 08:42 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-16 08:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-16 08:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-16 08:42 - 2018-09-15 07:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-15 15:46 - 2017-11-12 10:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-15 15:44 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-15 15:44 - 2017-11-12 10:42 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2019-05-21 09:03 - 2019-05-21 09:03 - 006963200 _____ () C:\Program Files (x86)\GUT70BB.tmp
2018-03-30 10:44 - 2018-03-30 10:44 - 000000038 _____ () C:\Users\aldik\AppData\Local\cloudready_installer_uuid
2018-01-15 10:49 - 2018-01-15 10:49 - 000007605 _____ () C:\Users\aldik\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by aldik (06-02-2020 07:45:47)
Running from C:\Users\aldik\Downloads
Windows 10 Home Version 1809 17763.973 (X64) (2019-05-15 10:44:45)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-419092594-3582731984-512919202-500 - Administrator - Disabled)
aldik (S-1-5-21-419092594-3582731984-512919202-1001 - Administrator - Enabled) => C:\Users\aldik
DefaultAccount (S-1-5-21-419092594-3582731984-512919202-503 - Limited - Disabled)
Guest (S-1-5-21-419092594-3582731984-512919202-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-419092594-3582731984-512919202-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AIMP (HKLM-x32\...\AIMP) (Version: v4.50.2042, 30.10.2017 - AIMP DevTeam)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CrystalDiskInfo 7.5.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.5.1 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
eM Client (HKLM-x32\...\{5DAF1ADB-AD1D-457E-8803-6FA42EF5701D}) (Version: 7.2.34959.0 - eM Client Inc.)
FileZilla Client 3.29.0 (HKLM-x32\...\FileZilla Client) (Version: 3.29.0 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Microsoft Edge Dev (HKLM-x32\...\Microsoft Edge Dev) (Version: 81.0.410.1 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.119.43 - )
Microsoft OneDrive (HKU\S-1-5-21-419092594-3582731984-512919202-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0005 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Zoo Tycoon (HKLM-x32\...\Zoo Tycoon 1.0) (Version: - )
NVIDIA Ovladač HD audia 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 - NVIDIA Corporation)
Ovládací panel NVIDIA 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 432.00 - NVIDIA Corporation) Hidden
PhotoFiltre (HKU\S-1-5-21-419092594-3582731984-512919202-1001\...\PhotoFiltre) (Version: - )
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )
Skype verze 8.55 (HKLM-x32\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_CZ_is1) (Version: 18.0.1.10 - ZONER software)
Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.156.300.0_x86__kgqvnymyfvs32 [2020-01-29] (king.com)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-09-13] (Facebook Inc)
Mapy.cz -> C:\Program Files\WindowsApps\949FFEAB.Mapy.cz_6.12.23.0_x64__refxrrjvvv3cw [2019-10-01] (Seznam.cz a.s.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.5.2.1_x86__h6adky7gbf63m [2020-01-15] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-10] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-01-31] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.35.20273.0_x64__8wekyb3d8bbwe [2020-02-04] (Microsoft Corporation) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.2001.0_x64__8wekyb3d8bbwe [2020-01-29] (Microsoft Studios)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
HKU\S-1-5-21-419092594-3582731984-512919202-1001\...\ChromeHTML: -> <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-419092594-3582731984-512919202-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-11-11] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-11-11] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers1_S-1-5-21-419092594-3582731984-512919202-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\aldik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Keep – poznámky a seznamy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\aldik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Alan - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\aldik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Keep – poznámky a seznamy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\aldik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Ewa-farna.cz - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\aldik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\(Ero) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2017-11-11 13:37 - 2015-08-18 15:42 - 004420608 _____ (Terra Informatica Software, Inc.) [File not signed] C:\Program Files\Zoner\Photo Studio 18\Program32\sciter32.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\aldik\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [130]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2017-09-29 14:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-419092594-3582731984-512919202-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8103DD18-46EB-4377-8C19-8DE46E560155}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{8D0291E2-5FA7-4637-B57D-334E3ADBCF69}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{9391C03C-4C70-4907-81E9-475D345F2793}C:\users\aldik\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\aldik\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{88F73E10-FFC2-4327-98E8-042AEFBE58DD}C:\users\aldik\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\aldik\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{214E4EE7-8DB6-4F53-9D93-27604B652A22}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe No File
FirewallRules: [UDP Query User{2C19FDC5-D907-45A7-9A34-295CCCCD1378}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe No File
FirewallRules: [{ECE74D79-3BA5-4B1C-BE74-B57DC35A30CB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{413D2F55-95C0-48E0-9B43-3053D53FF162}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CF231002-AFC2-4831-9B5D-FA9693212A52}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{25D96F2D-5822-448B-83D7-0E22E1BDA7D9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{282A5A86-AB51-4F2C-BF8C-46595CD8C241}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{83044408-E553-43A1-A8A9-AF50772B4CC7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{2E0DEAF5-806B-46E7-842F-04EF9479B413}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TPH\TPH.exe () [File not signed]
FirewallRules: [{3DB6FAC5-52D4-4FAA-B07B-1602F4D068BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TPH\TPH.exe () [File not signed]
FirewallRules: [{F4E6BB62-AE1C-480C-BB35-C23267A08B61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RollerCoaster Tycoon World\RollerCoaster Tycoon World.exe () [File not signed]
FirewallRules: [{8B5E53A5-59CB-4438-90EE-46F500C2F909}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RollerCoaster Tycoon World\RollerCoaster Tycoon World.exe () [File not signed]
FirewallRules: [{2785AA2D-DBCD-45EB-BA09-B1564900B083}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1B7324C7-8F7A-4B95-9853-65A4FE5AE43A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F9BB530A-F722-4CA0-BE7A-19B038D4BA08}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0921DB66-8683-4BD4-A043-603E4ECAF02C}] => (Allow) C:\Program Files (x86)\Microsoft\Edge Dev\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
15-01-2020 15:38:42 Windows Update
23-01-2020 20:56:47 Naplánovaný kontrolní bod
02-02-2020 12:45:06 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/03/2020 12:41:56 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (12/28/2019 08:19:00 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
Error: (12/20/2019 06:22:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.17763.1, časové razítko: 0x6fe3727f
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.17763.292, časové razítko: 0x270a22eb
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000000bd588
ID chybujícího procesu: 0x4f0
Čas spuštění chybující aplikace: 0x01d5b75a1cfbf359
Cesta k chybující aplikaci: C:\Windows\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\twinapi.appcore.dll
ID zprávy: bf492cd2-3ffe-4ba5-865c-b09148bd80c1
Úplný název chybujícího balíčku: 520DA1B7.36601D28B7F13_3.0.14.0_x64__zeqck6vyrt7bt
ID aplikace související s chybujícím balíčkem: App
Error: (12/12/2019 03:24:14 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (12/09/2019 06:29:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.17763.1, časové razítko: 0x6fe3727f
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.17763.292, časové razítko: 0x270a22eb
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000000bd588
ID chybujícího procesu: 0x190
Čas spuštění chybující aplikace: 0x01d5aeb63f03c86e
Cesta k chybující aplikaci: C:\Windows\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\twinapi.appcore.dll
ID zprávy: f5c8e294-0ca1-4259-9604-6146259f7a5e
Úplný název chybujícího balíčku: 520DA1B7.36601D28B7F13_3.0.14.0_x64__zeqck6vyrt7bt
ID aplikace související s chybujícím balíčkem: App
Error: (12/09/2019 06:14:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.17763.1, časové razítko: 0x6fe3727f
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.17763.292, časové razítko: 0x270a22eb
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000000bd588
ID chybujícího procesu: 0x236c
Čas spuštění chybující aplikace: 0x01d5aeb4279210c6
Cesta k chybující aplikaci: C:\Windows\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\twinapi.appcore.dll
ID zprávy: e3114ce4-f79d-492e-9e17-8ade45e038be
Úplný název chybujícího balíčku: 520DA1B7.36601D28B7F13_3.0.14.0_x64__zeqck6vyrt7bt
ID aplikace související s chybujícím balíčkem: App
Error: (12/09/2019 05:59:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.17763.1, časové razítko: 0x6fe3727f
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.17763.292, časové razítko: 0x270a22eb
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000000bd588
ID chybujícího procesu: 0x3dcc
Čas spuštění chybující aplikace: 0x01d5aeb20fffea9d
Cesta k chybující aplikaci: C:\Windows\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\twinapi.appcore.dll
ID zprávy: aee9496a-a8eb-4152-a1b7-bdec63f2be89
Úplný název chybujícího balíčku: 520DA1B7.36601D28B7F13_3.0.14.0_x64__zeqck6vyrt7bt
ID aplikace související s chybujícím balíčkem: App
Error: (12/09/2019 05:44:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.17763.1, časové razítko: 0x6fe3727f
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.17763.292, časové razítko: 0x270a22eb
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000000bd588
ID chybujícího procesu: 0xd08
Čas spuštění chybující aplikace: 0x01d5aeaff78c739e
Cesta k chybující aplikaci: C:\Windows\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\twinapi.appcore.dll
ID zprávy: 02b5e01e-47b1-4da3-a067-d0ce84699f3e
Úplný název chybujícího balíčku: 520DA1B7.36601D28B7F13_3.0.14.0_x64__zeqck6vyrt7bt
ID aplikace související s chybujícím balíčkem: App
System errors:
=============
Error: (02/06/2020 07:32:27 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena s následující chybou:
Přístup ke klíči nelze získat.
Error: (02/06/2020 07:32:27 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Protokol PNRP (Peer Name Resolution Protocol) nebylo možné spustit, protože se nezdařilo vytvoření nové identity. Kód chyby: 0x80630203.
Error: (02/06/2020 07:08:45 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GNDKI0V)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-GNDKI0V\aldik (SID: S-1-5-21-419092594-3582731984-512919202-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/06/2020 07:08:34 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GNDKI0V)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-GNDKI0V\aldik (SID: S-1-5-21-419092594-3582731984-512919202-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/05/2020 12:24:58 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN se nepodařilo spustit.
Cesta k modulu: C:\WINDOWS\system32\Rtlihvs.dll
Kód chyby: 126
Error: (02/05/2020 07:37:04 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GNDKI0V)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-GNDKI0V\aldik (SID: S-1-5-21-419092594-3582731984-512919202-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/05/2020 07:25:50 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GNDKI0V)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-GNDKI0V\aldik (SID: S-1-5-21-419092594-3582731984-512919202-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/04/2020 06:41:58 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GNDKI0V)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-GNDKI0V\aldik (SID: S-1-5-21-419092594-3582731984-512919202-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2020-01-23 20:15:43.729
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8FDF8C36-3983-4B79-9E00-D60AB3D1C491}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-01-23 19:19:38.192
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {95A8F065-C296-45C1-A6B7-E7F2EBB5DF37}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-01-13 12:42:19.506
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {84E0A7FE-1C6A-4B0E-A649-3BBFB5C1299B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-01-13 12:30:57.797
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B9291CDC-1435-4F91-8C1B-61FE5E76B869}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-01-05 19:21:28.910
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {E87A2902-CF78-4846-A69E-D753654A9DB1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-02-06 07:17:57.224
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.309.304.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.
Date: 2020-02-06 07:17:57.224
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.309.304.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.
Date: 2020-02-06 07:17:57.224
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.309.304.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.
Date: 2020-02-06 07:17:57.217
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.309.304.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.
Date: 2020-02-06 07:17:57.217
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.309.304.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1.70 07/27/2017
Motherboard: Micro-Star International Co., Ltd B350 TOMAHAWK (MS-7A34)
Processor: AMD Ryzen 3 1200 Quad-Core Processor
Percentage of memory in use: 50%
Total physical RAM: 8144.75 MB
Available physical RAM: 4061.5 MB
Total Virtual: 9424.75 MB
Available Virtual: 3107.04 MB
==================== Drives ================================
Drive b: (Data) (Fixed) (Total:146.48 GB) (Free:116.37 GB) NTFS
Drive c: () (Fixed) (Total:300.04 GB) (Free:203.75 GB) NTFS
\\?\Volume{a7226841-3b5f-4a92-92a1-d2b37d7b1c2b}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.09 GB) NTFS
\\?\Volume{86ae899a-adf2-40fe-a397-cc2f78b1b448}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 447.1 GB) (Disk ID: AC834469)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu
log je v podstate OK
skus vycistit prehliadace podla https://forum.viry.cz/viewtopic.php?f=1 ... e#p1528952
oba kroky
skus vycistit prehliadace podla https://forum.viry.cz/viewtopic.php?f=1 ... e#p1528952
oba kroky
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu
Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by aldik on 06.02.2020 at 13:18:29,90.
Microsoft Windows 10 Home 10.0.17763 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\aldik\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
06.02.2020 13:20:00 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\Aimersoft deleted successfully
C:\PROGRA~2\Digiarty deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\aldik\AppData\Roaming\Apple Computer deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking deleted successfully
C:\Users\aldik\AppData\Local\CrashDumps deleted successfully
C:\Users\aldik\AppData\Local\CyberLink deleted successfully
C:\Users\aldik\AppData\Local\DBG deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Aimersoft not found
C:\PROGRA~2\Digiarty not found
C:\Users\aldik\AppData\Local\Aimersoft deleted
C:\PROGRA~2\GUT70BB.tmp deleted
C:\PROGRA~2\EU70BA.tmp deleted
C:\PROGRA~3\Package Cache deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2AC8E.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2F6C0.tmp deleted
C:\windows\SysNative\tasks\Microsoft_Hardware_Launch_vVX6000_exe deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted
C:\WINDOWS\SysWow64\AI_RecycleBin deleted
"C:\Users\aldik\AppData\Local\cloudready_installer_uuid" deleted
==== Chromium Look ======================
Google Chrome Version: 79.0.3945.130
Seznam doplněk - Email - aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Plná Peněženka Lištička - aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek
4.41.0 - aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd
Save to Pocket - aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
Checker Plus for Gmail™ - aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj
Outlook.com - aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge
Chrome Media Router - aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Chrome Media Router - aldik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
4.38.0 - aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hdokiejnpimakedhajhdlcegeplioahd
Chrome Media Router - aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Chrome Media Router - aldik\AppData\Local\Microsoft\Edge Dev\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://oem17win10.msn.com/?pc=NMTE"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://oem17win10.msn.com/?pc=NMTE"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
==== Reset Google Chrome ======================
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Guest Profile\Preferences was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Guest Profile\Secure Preferences was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Preferences was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Secure Preferences was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\System Profile\Preferences was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\System Profile\Secure Preferences was reset successfully
C:\Users\aldik\AppData\Local\Microsoft\Edge Dev\User Data\Default\Preferences was reset successfully
C:\Users\aldik\AppData\Local\Microsoft\Edge Dev\User Data\Default\Secure Preferences was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Guest Profile\Web Data was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Guest Profile\Web Data-journal was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data-journal was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\System Profile\Web Data was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\System Profile\Web Data-journal was reset successfully
C:\Users\aldik\AppData\Local\Microsoft\Edge Dev\User Data\Default\Web Data was reset successfully
C:\Users\aldik\AppData\Local\Microsoft\Edge Dev\User Data\Default\Web Data-journal was reset successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\aldik\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\aldik\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Edge Cache ======================
Edge Cache Emptied Successfully
==== Empty Chrome Cache ======================
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Guest Profile\Cache emptied successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully
C:\Users\aldik\AppData\Local\Microsoft\Edge Dev\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=16 folders=26 15305751 bytes)
==== Empty Temp Folders ======================
C:\Users\aldik\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\aldik\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 06.02.2020 at 13:38:03,33 ======================
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by aldik (Administrator) on 06.02.2020 at 13:46:24,01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 2
Successfully deleted: C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Folder)
Successfully deleted: C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Folder)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.02.2020 at 13:48:04,55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Tool run by aldik on 06.02.2020 at 13:18:29,90.
Microsoft Windows 10 Home 10.0.17763 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\aldik\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
06.02.2020 13:20:00 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\Aimersoft deleted successfully
C:\PROGRA~2\Digiarty deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\aldik\AppData\Roaming\Apple Computer deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking deleted successfully
C:\Users\aldik\AppData\Local\CrashDumps deleted successfully
C:\Users\aldik\AppData\Local\CyberLink deleted successfully
C:\Users\aldik\AppData\Local\DBG deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Aimersoft not found
C:\PROGRA~2\Digiarty not found
C:\Users\aldik\AppData\Local\Aimersoft deleted
C:\PROGRA~2\GUT70BB.tmp deleted
C:\PROGRA~2\EU70BA.tmp deleted
C:\PROGRA~3\Package Cache deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2AC8E.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2F6C0.tmp deleted
C:\windows\SysNative\tasks\Microsoft_Hardware_Launch_vVX6000_exe deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted
C:\WINDOWS\SysWow64\AI_RecycleBin deleted
"C:\Users\aldik\AppData\Local\cloudready_installer_uuid" deleted
==== Chromium Look ======================
Google Chrome Version: 79.0.3945.130
Seznam doplněk - Email - aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Plná Peněženka Lištička - aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek
4.41.0 - aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd
Save to Pocket - aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj
Checker Plus for Gmail™ - aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj
Outlook.com - aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge
Chrome Media Router - aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Chrome Media Router - aldik\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
4.38.0 - aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hdokiejnpimakedhajhdlcegeplioahd
Chrome Media Router - aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Chrome Media Router - aldik\AppData\Local\Microsoft\Edge Dev\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://oem17win10.msn.com/?pc=NMTE"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://oem17win10.msn.com/?pc=NMTE"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
==== Reset Google Chrome ======================
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Guest Profile\Preferences was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Guest Profile\Secure Preferences was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Preferences was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Secure Preferences was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\System Profile\Preferences was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\System Profile\Secure Preferences was reset successfully
C:\Users\aldik\AppData\Local\Microsoft\Edge Dev\User Data\Default\Preferences was reset successfully
C:\Users\aldik\AppData\Local\Microsoft\Edge Dev\User Data\Default\Secure Preferences was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Guest Profile\Web Data was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Guest Profile\Web Data-journal was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data-journal was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\System Profile\Web Data was reset successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\System Profile\Web Data-journal was reset successfully
C:\Users\aldik\AppData\Local\Microsoft\Edge Dev\User Data\Default\Web Data was reset successfully
C:\Users\aldik\AppData\Local\Microsoft\Edge Dev\User Data\Default\Web Data-journal was reset successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\aldik\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\aldik\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Edge Cache ======================
Edge Cache Emptied Successfully
==== Empty Chrome Cache ======================
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Guest Profile\Cache emptied successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully
C:\Users\aldik\AppData\Local\Microsoft\Edge Dev\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=16 folders=26 15305751 bytes)
==== Empty Temp Folders ======================
C:\Users\aldik\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\aldik\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 06.02.2020 at 13:38:03,33 ======================
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by aldik (Administrator) on 06.02.2020 at 13:46:24,01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 2
Successfully deleted: C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Folder)
Successfully deleted: C:\Users\aldik\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Folder)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.02.2020 at 13:48:04,55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: Prosím o kontrolu
Zaskocim za kolegu 
Ako to momentalne vyzera s PC?
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
Ako to momentalne vyzera s PC? Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
- Nechaj zaskrtnute vsetky nalezy
- Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
- Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
- Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Přispějete na provoz fóra?