Queryrouter, OZIP, Rambler etc.

[Kiara]

Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 87847
Uplynulý čas: 0 min, 42 sek

To fakt trvalo jen necelou minutu?

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach
(Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)

A ne, Avast mi nic nehlásí jako škodnou

[Márty84]

Nalezy MBAM nechte odstranit a pak dejte ty logy z FRST a budem mazat.

[Kiara]

Nalezy MBAM nechte odstranit a pak dejte ty logy z FRST a budem mazat.

Launcher mi opravdu stáhnout nejde Avast jsem vypla a stejně ho chrome nepustí.

FRST zde:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by pavel a iva (07-04-2017 08:34:48)
Running from C:\Users\pavel a iva\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-22 16:08:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2254503229-660155158-3332669493-500 - Administrator - Disabled)
Guest (S-1-5-21-2254503229-660155158-3332669493-501 - Limited - Disabled)
pavel a iva (S-1-5-21-2254503229-660155158-3332669493-1000 - Administrator - Enabled) => C:\Users\pavel a iva
UpdatusUser (S-1-5-21-2254503229-660155158-3332669493-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3505 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0609.2011 - Acer Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Aktualizace NVIDIA 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Avast Pro Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
Battlefield 1942 WWII Anthology HD (HKLM-x32\...\{41AA2A65-DC47-4A15-9EBB-7D2B1FB1A51E}_is1) (Version: 1.61 - Electronic Arts)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
FOTOKNIHY (HKLM-x32\...\FOTOKNIHY_FOTOKNIHY) (Version: - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0 - Nero AG) Hidden
HP LaserJet 1020 Series (HKLM\...\HP LaserJet 1020 Series) (Version: - )
HP Support Solutions Framework (HKLM-x32\...\{E1BB50BA-7CCB-47CD-9FE3-03AAE6EEF862}) (Version: 12.0.30.81 - Hewlett-Packard Company)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LG USB Modem Drivers (HKLM-x32\...\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}) (Version: 4.9.4 - LG Electronics)
Malwarebytes verze 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.25 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.25 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.15 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.15 - Egis Technology Inc.) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.4.10300.1.100 - Nero AG)
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10900.11.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.13400.11.100 - Nero AG)
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10900.4.100 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)
Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10600.2.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10600.28.0 - Nero AG)
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7316 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 310.90 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.90 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.90 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
Ovládací panel NVIDIA 310.90 (Version: 310.90 - NVIDIA Corporation) Hidden
PhotoFiltre 7 (HKU\S-1-5-21-2254503229-660155158-3332669493-1000\...\PhotoFiltre 7) (Version: - )
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Prohlížeč Seznam.cz (HKU\S-1-5-21-2254503229-660155158-3332669493-1000\...\Seznam Browser) (Version: - Seznam.cz a.s.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
SafeZone Stable 3.55.2393.590 (x32 Version: 3.55.2393.590 - Avast Software) Hidden
Seznam Software (HKU\S-1-5-21-2254503229-660155158-3332669493-1000\...\SeznamInstall) (Version: - Seznam.cz)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3503 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Zoo Tycoon 2 (HKLM-x32\...\Zoo Tycoon 2) (Version: 1.0 - Microsoft)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04F95B8F-9BBE-4EB5-8591-33D317AC415A} - System32\Tasks\{19F410FE-5FC9-4A67-8243-0C4CA1B1E846} => pcalua.exe -a "C:\Users\pavel a iva\AppData\Local\Temp\nro.tmp\SetupX.exe" -d "C:\Users\pavel a iva\AppData\Local\Temp\nro.tmp\" -c CONFIGPATH="C:\Users\pavel a iva\AppData\Local\Temp\7ZipSfx.000\" SC SOURCEPATH="C:\Users\pavel a iva\AppData\Local\Temp\7ZipSfx.000\" <==== ATTENTION
Task: {0F97CA9A-8724-4334-97F7-6FFA065153BD} - System32\Tasks\{2A1AAD44-C02C-426A-BBBE-E1C98AAF446B} => pcalua.exe -a E:\setup.exe -d E:\
Task: {3272751F-C619-45D0-9644-127558F16920} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-19] (Google Inc.)
Task: {57480930-E865-479B-84E8-7E8520E63AB2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-21] (AVAST Software)
Task: {68EEE106-B6C2-41A7-9107-05CEE0D3B237} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {851EE294-8A3D-4316-8C85-65D3F238BC6E} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
Task: {856EF276-D364-4C9A-96D8-0D635D03EE72} - System32\Tasks\{0503986B-2BCD-4ED9-AB74-D1010A2D095F} => pcalua.exe -a E:\Alcohol120_trial_1_9_5_3105.exe -d E:\
Task: {99BE2658-0B0A-445F-B4B3-E70011462BA4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-14] (Adobe Systems Incorporated)
Task: {A4B21CC4-D315-4BC5-8437-D05BABE2D376} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {B3D5C5E0-2776-470C-9D44-81646F17A8FC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-19] (Google Inc.)
Task: {BCA41DDF-F06A-4BD8-947A-0FCCD7B71583} - System32\Tasks\SafeZone scheduled Autoupdate 1453623331 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-03] (Avast Software)
Task: {C6E17D46-3A44-4793-ABEB-C1302A20367F} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {F397DA56-665D-4532-8B8C-351AF3C58432} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\pavel a iva\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_lddenopjeegfphcihhhlingcmdlbfkdb\Doručené – Seznam Email.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=lddenopjeegfphcihhhlingcmdlbfkdb
ShortcutWithArgument: C:\Users\pavel a iva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Doručené – Seznam Email.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=lddenopjeegfphcihhhlingcmdlbfkdb
ShortcutWithArgument: C:\Users\pavel a iva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Doručené – Seznam Email.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=lddenopjeegfphcihhhlingcmdlbfkdb

==================== Loaded Modules (Whitelisted) ==============

2016-02-23 17:43 - 2012-12-29 10:40 - 00087480 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-18 11:06 - 2012-09-18 15:27 - 00192512 ____N () C:\Windows\System32\zlhp1020.dll
2015-08-18 11:06 - 2012-09-18 15:27 - 00065024 ____N () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2009-08-11 02:01 - 2009-08-11 02:01 - 00626208 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
2009-08-11 02:00 - 2009-08-11 02:00 - 00070176 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
2009-08-11 02:01 - 2009-08-11 02:01 - 00578592 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
2017-04-05 20:31 - 2017-03-24 04:09 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-05 20:31 - 2017-03-24 04:10 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2009-08-11 02:01 - 2009-08-11 02:01 - 00206880 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
2015-07-17 19:34 - 2015-07-17 19:34 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2017-04-06 20:19 - 2017-03-29 10:47 - 02885464 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-04-06 20:19 - 2017-03-29 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll
2017-03-21 19:29 - 2017-03-21 19:29 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-04-06 20:17 - 2017-04-06 20:17 - 06021296 _____ () C:\Program Files\AVAST Software\Avast\defs\17040602\algo.dll
2017-03-21 19:29 - 2017-03-21 19:29 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-06-30 21:24 - 2016-06-30 21:24 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-03-21 19:27 - 2017-03-21 19:28 - 00290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:gs5sys [2816]
AlternateDataStreams: C:\Users\All Users:gs5sys [2816]
AlternateDataStreams: C:\Users\pavel a iva:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [2816]
AlternateDataStreams: C:\Users\pavel a iva\Data aplikací:gs5sys [2560]
AlternateDataStreams: C:\Users\pavel a iva\Local Settings:gs5sys [2560]
AlternateDataStreams: C:\Users\pavel a iva\Soubory cookie:gs5sys [2048]
AlternateDataStreams: C:\Users\pavel a iva\Šablony:gs5sys [2048]
AlternateDataStreams: C:\Users\pavel a iva\Desktop\desktop.ini:gs5sys [2048]
AlternateDataStreams: C:\Users\pavel a iva\AppData\Local:gs5sys [2560]
AlternateDataStreams: C:\Users\pavel a iva\AppData\Roaming:gs5sys [2560]
AlternateDataStreams: C:\Users\pavel a iva\AppData\Local\Data aplikací:gs5sys [2560]
AlternateDataStreams: C:\Users\pavel a iva\AppData\Local\History:gs5sys [2048]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2017-04-05 11:24 - 00000841 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2254503229-660155158-3332669493-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\pavel a iva\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.20.1 - 10.11.128.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^Users^pavel a iva^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk => C:\Windows\pss\OpenOffice.org 3.1.lnk.Startup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: EgisTecPMMUpdate => "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
MSCONFIG\startupreg: EgisUpdate => "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
MSCONFIG\startupreg: GoogleChromeAutoLaunch_85843E0F71DE959CB0CB6413D03AF1E4 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: SuiteTray => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{66E93D67-3EE1-4D4B-A522-BCDDFDD8BF0D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B2BAC492-DAEC-43DF-823E-AD41FF9954A1}] => (Allow) LPort=2869
FirewallRules: [{E66CA287-4A93-4419-BB6B-36AD742DD00A}] => (Allow) LPort=1900
FirewallRules: [{6E51EF2B-275E-469C-9320-AE78EEEA14F7}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{52126C38-E64F-463A-BDF5-2154FC94A95B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4F46822D-11AF-4804-8557-0CB915132625}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{497E9A24-FB26-4071-A4D4-31C98C32E1B3}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{659F80F4-7A84-4C66-8F02-8465CC45289F}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{0E4DC3E0-E97A-4F10-8753-8EADB93CDC6D}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [TCP Query User{A689884B-634D-458F-B975-9D5B756FD69D}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{2C9795EA-09DE-43A9-A43A-8A123A9AF05E}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{E8C046E1-2F0C-47A2-97B2-DFD4976F845A}C:\users\pavel a iva\desktop\bulanci_2.0.exe] => (Block) C:\users\pavel a iva\desktop\bulanci_2.0.exe
FirewallRules: [UDP Query User{64B9226F-CAFA-4CC4-8DC9-CCA67B184083}C:\users\pavel a iva\desktop\bulanci_2.0.exe] => (Block) C:\users\pavel a iva\desktop\bulanci_2.0.exe
FirewallRules: [TCP Query User{6F12B412-5F34-43DA-876F-C773CFD2DE22}C:\users\pavel a iva\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pavel a iva\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{03A10D1B-53DA-4E27-9656-798F9DBA1614}C:\users\pavel a iva\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pavel a iva\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{E133B628-CE25-4FBE-9F22-2C793E8320BF}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe
FirewallRules: [{29499F2E-E3F0-4706-BF30-9F79212E53BD}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe
FirewallRules: [{575D3444-E4B3-4103-AA48-54099EDED3C6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{AD48522B-6AED-44B1-8B24-461976E03E82}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{81D5FAAE-6F78-44CB-A15A-D235D8A847B4}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe] => (Allow) C:\program files (x86)\ea games\battlefield 1942\bf1942.exe
FirewallRules: [UDP Query User{EDC6D32F-CB0B-4089-9352-5CA071053BFB}C:\program files (x86)\ea games\battlefield 1942\bf1942.exe] => (Allow) C:\program files (x86)\ea games\battlefield 1942\bf1942.exe
FirewallRules: [{763618BA-D3BE-4CDF-BAFA-FDD745C2DBAB}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe
FirewallRules: [{5F7FD238-C825-4391-8EBA-E16E828F999C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0037D410-5D5E-4510-B984-F098A07B5325}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{08F263B7-660E-428D-87C0-3D4B5A64B4A6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0A18A36C-2900-4A05-BDA6-23194DFE3FE0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A5BDE902-C631-4B3B-8430-6DC4D9B149FD}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe
FirewallRules: [{81052B0E-F687-4589-AD77-9BEFFA10D53B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

20-03-2017 22:28:39 Instalace balíčku ovladače zařízení: AVG Technologies Síťová služba
21-03-2017 12:21:25 AA11
21-03-2017 12:22:44 Windows Update
21-03-2017 12:33:13 AA11
26-03-2017 18:34:55 AA11
04-04-2017 20:15:11 zoek.exe restore point
05-04-2017 07:38:18 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/07/2017 08:26:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/06/2017 10:05:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/06/2017 10:05:02 AM) (Source: SignInAssistant) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/06/2017 09:55:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/06/2017 08:37:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/05/2017 07:18:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/05/2017 10:38:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/05/2017 07:15:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/05/2017 07:15:08 AM) (Source: SignInAssistant) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/04/2017 09:11:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (04/07/2017 08:27:22 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Služba WMPNetworkSvc nebyla spuštěna správně, protože u funkce CoCreateInstance (CLSID_UPnPDeviceFinder) došlo k chybě 0x80004005. Zkontrolujte, zda je spuštěná služba UPnPHost a zda je správně nainstalována součást systému Windows UPnPHost.

Error: (04/07/2017 08:25:52 AM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: Event-ID 14

Error: (04/06/2017 08:16:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby Netman bylo dosaženo časového limitu (30000 ms).

Error: (04/06/2017 10:05:52 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Služba WMPNetworkSvc nebyla spuštěna správně, protože u funkce CoCreateInstance (CLSID_UPnPDeviceFinder) došlo k chybě 0x80004005. Zkontrolujte, zda je spuštěná služba UPnPHost a zda je správně nainstalována součást systému Windows UPnPHost.

Error: (04/06/2017 10:04:45 AM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: Event-ID 14

Error: (04/06/2017 09:56:21 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Služba WMPNetworkSvc nebyla spuštěna správně, protože u funkce CoCreateInstance (CLSID_UPnPDeviceFinder) došlo k chybě 0x80004005. Zkontrolujte, zda je spuštěná služba UPnPHost a zda je správně nainstalována součást systému Windows UPnPHost.

Error: (04/06/2017 09:55:12 AM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: Event-ID 14

Error: (04/06/2017 09:55:14 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (9:53:58, ‎6.‎4.‎2017) bylo neočekávané.

Error: (04/06/2017 08:37:02 AM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: Event-ID 14

Error: (04/05/2017 09:48:34 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo časového limitu (30000 ms).


CodeIntegrity:
===================================
Date: 2017-03-21 11:21:57.021
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\adaware\adaware antivirus\updater\12.0.649.11190\AdAwareUpdater.exe because the set of per-page image hashes could not be found on the system.

Date: 2016-09-20 16:26:25.995
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswHdsKe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-09-20 16:26:25.994
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswHdsKe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-09-08 20:36:32.244
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 20:36:32.197
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 13:05:10.275
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 13:05:10.197
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 09:29:21.290
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 09:29:21.150
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 07:29:01.353
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD Athlon(tm) II X2 220 Processor
Percentage of memory in use: 48%
Total physical RAM: 4095.37 MB
Available physical RAM: 2089.42 MB
Total Virtual: 8188.92 MB
Available Virtual: 6097.8 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:456.95 GB) (Free:311.3 GB) NTFS
Drive d: (DATA) (Fixed) (Total:457.46 GB) (Free:421.53 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E3812943)
Partition 1: (Not Active) - (Size=17 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=457 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=457.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

A FRST druhý:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by pavel a iva (administrator) on DÁŠENKA (07-04-2017 08:33:38)
Running from C:\Users\pavel a iva\Downloads
Loaded Profiles: pavel a iva & UpdatusUser (Available Profiles: pavel a iva & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-21] (AVAST Software)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2254503229-660155158-3332669493-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2254503229-660155158-3332669493-1000\...\MountPoints2: {0eb9f4fd-f2ad-11e5-bf1c-f80f41198679} - G:\iLinker.exe
HKU\S-1-5-21-2254503229-660155158-3332669493-1000\...\MountPoints2: {24abb682-8c21-11e4-bd5b-f80f41198679} - G:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2254503229-660155158-3332669493-1000\...\MountPoints2: {44f3596f-2cbf-11e1-bb30-f80f41198679} - G:\LGAutoRun.exe
HKU\S-1-5-21-2254503229-660155158-3332669493-1000\...\MountPoints2: {5cb0f1f9-881f-11e2-ae08-f80f41198679} - G:\AutoRun.exe
HKU\S-1-5-21-2254503229-660155158-3332669493-1000\...\MountPoints2: {b7ded9ff-d852-11e3-aea6-f80f41198679} - G:\Startme.exe
HKU\S-1-5-21-2254503229-660155158-3332669493-1000\...\MountPoints2: {f25846bf-6d8b-11e3-969a-f80f41198679} - G:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A14B04 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-2254503229-660155158-3332669493-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-21-2254503229-660155158-3332669493-1001\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\S-1-5-21-2254503229-660155158-3332669493-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [456224 2010-07-29] ()
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-21] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-21] (AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-21] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.20.1 10.11.128.254
Tcpip\..\Interfaces\{6B8CCA00-BF2E-4778-9F9C-931DFAB9BC80}: [DhcpNameServer] 192.168.20.1 10.11.128.254

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-2254503229-660155158-3332669493-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2254503229-660155158-3332669493-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-21] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-22] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-21] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-22] (Oracle Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-12-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2254503229-660155158-3332669493-1000: anvisoft.com/AdblockPlugin -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll [No File]

Chrome:
=======
CHR Profile: C:\Users\pavel a iva\AppData\Local\Google\Chrome\User Data\Default [2017-04-07]
CHR Extension: (Prezentace Google) - C:\Users\pavel a iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-05]
CHR Extension: (Dokumenty Google) - C:\Users\pavel a iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-05]
CHR Extension: (Disk Google) - C:\Users\pavel a iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-05]
CHR Extension: (YouTube) - C:\Users\pavel a iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-05]
CHR Extension: (Adobe Acrobat) - C:\Users\pavel a iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-05]
CHR Extension: (Avast SafePrice) - C:\Users\pavel a iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-04-05]
CHR Extension: (Tabulky Google) - C:\Users\pavel a iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\pavel a iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-05]
CHR Extension: (Avast Online Security) - C:\Users\pavel a iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-04-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pavel a iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-05]
CHR Extension: (Gmail) - C:\Users\pavel a iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-05]
CHR Extension: (Chrome Media Router) - C:\Users\pavel a iva\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-07]
CHR HKU\S-1-5-21-2254503229-660155158-3332669493-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-21] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-21] (AVAST Software)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [626208 2009-08-11] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [206880 2009-08-11] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-21] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-21] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-02-25] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-02-25] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [82936 2017-01-31] (AVAST Software)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-02-25] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-02-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126088 2017-02-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-02-25] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [74680 2017-02-25] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [991496 2017-02-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [547904 2017-02-25] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-02-25] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337080 2017-02-25] (AVAST Software)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-03-24] ()
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-04-05] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-04-07] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-04-07] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [251832 2017-04-07] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [82720 2017-04-07] (Malwarebytes)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-19] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-19] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-19] (LG Electronics Inc.)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
S3 avchv; system32\DRIVERS\avchv.sys [X]
S3 DxVGrb; system32\drivers\DxVGrb.sys [X]
S3 HidNt; system32\DRIVERS\HIDNt.sys [X]
S3 Huawei; system32\DRIVERS\ewdcsc.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 Mac606; system32\DRIVERS\Mac606.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-07 08:34 - 2017-04-07 08:34 - 00112640 _____ (forum.viry.cz) C:\Users\pavel a iva\Downloads\Nepotvrzeno 514089.crdownload
2017-04-07 08:33 - 2017-04-07 08:34 - 00017521 _____ C:\Users\pavel a iva\Downloads\FRST.txt
2017-04-07 08:32 - 2017-04-07 08:33 - 00000000 ____D C:\FRST
2017-04-07 08:32 - 2017-04-07 08:32 - 02424832 _____ (Farbar) C:\Users\pavel a iva\Downloads\FRST64 (1).exe
2017-04-07 08:31 - 2017-04-07 08:31 - 02424832 _____ (Farbar) C:\Users\pavel a iva\Downloads\FRST64.exe
2017-04-07 08:28 - 2017-04-07 08:28 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-04-05 20:31 - 2017-04-07 08:27 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-04-05 20:31 - 2017-04-07 08:27 - 00082720 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-04-05 20:31 - 2017-04-07 08:27 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-04-05 20:31 - 2017-04-07 08:26 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-04-05 20:31 - 2017-04-05 20:31 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-04-05 20:31 - 2017-04-05 20:31 - 00001871 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-04-05 20:31 - 2017-04-05 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-04-05 20:31 - 2017-04-05 20:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-05 20:31 - 2017-04-05 20:31 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-05 20:31 - 2017-03-24 04:10 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-04-05 20:29 - 2017-04-05 20:30 - 59272008 _____ (Malwarebytes ) C:\Users\pavel a iva\Downloads\mb3-setup-consumer-3.0.6.1469-1096.exe
2017-04-05 20:09 - 2017-04-05 20:13 - 723489708 _____ C:\Users\pavel a iva\Downloads\Historie.cs---Keltové-(2012).avi
2017-04-05 20:03 - 2017-04-05 20:17 - 232414052 _____ C:\Users\pavel a iva\Downloads\Malý princ 2015 cz titulky vlozeny novinka.mkv
2017-04-05 19:57 - 2017-04-05 20:07 - 1070493900 _____ C:\Users\pavel a iva\Downloads\Obr Dobr (2016, CZ titulky) NOVINKA.avi
2017-04-05 12:52 - 2017-04-05 12:52 - 00000000 ___HD C:\$AV_ASW
2017-04-05 12:19 - 2017-04-05 12:19 - 00000000 ____D C:\zoek
2017-04-05 07:37 - 2017-04-05 07:38 - 01663904 _____ (Malwarebytes) C:\Users\pavel a iva\Downloads\JRT.exe
2017-04-05 07:19 - 2017-04-05 07:19 - 00028549 _____ C:\Users\pavel a iva\Downloads\mKonto_nr_2878 _za_2017-03.htm
2017-04-04 21:07 - 2017-04-04 21:07 - 01309184 _____ C:\Users\pavel a iva\Downloads\zoek (1).exe
2017-04-04 20:13 - 2017-04-05 12:32 - 00003439 _____ C:\runcheck.txt
2017-04-04 20:11 - 2017-04-05 12:24 - 00000000 ____D C:\zoek_backup
2017-04-04 20:11 - 2017-04-04 20:11 - 01309184 _____ C:\Users\pavel a iva\Downloads\zoek.exe
2017-04-04 20:03 - 2017-04-04 20:07 - 00000000 ____D C:\AdwCleaner
2017-04-04 20:03 - 2017-04-04 20:03 - 04089296 _____ C:\Users\pavel a iva\Downloads\adwcleaner_6.045.exe
2017-04-03 19:53 - 2017-04-03 19:54 - 00000000 ____D C:\rsit
2017-04-03 19:53 - 2017-04-03 19:54 - 00000000 ____D C:\Program Files\trend micro
2017-04-03 19:53 - 2017-04-03 19:53 - 01222144 _____ C:\Users\pavel a iva\Downloads\RSITx64.exe
2017-04-03 12:19 - 2017-04-03 12:19 - 00384515 _____ C:\Users\pavel a iva\Downloads\LZ revm..JPEG
2017-04-03 12:19 - 2017-04-03 12:19 - 00372983 _____ C:\Users\pavel a iva\Downloads\LZ ORLG 1.JPEG
2017-04-03 12:19 - 2017-04-03 12:19 - 00340296 _____ C:\Users\pavel a iva\Downloads\LZ ORLG 2.JPEG
2017-03-31 11:43 - 2017-03-31 11:43 - 00294143 _____ C:\Users\pavel a iva\Downloads\Smlouva 61192.pdf
2017-03-30 20:22 - 2017-03-30 20:32 - 734059868 _____ C:\Users\pavel a iva\Downloads\Pat a Mat ve filmu CZ film (2016) Animovaný , Rodinný , Česko.avi
2017-03-30 20:10 - 2017-03-30 20:10 - 00175367 _____ C:\Users\pavel a iva\Downloads\Faktura s objednatelem.pdf
2017-03-21 19:30 - 2017-03-21 19:29 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-21 12:54 - 2017-03-21 12:54 - 00000000 ____D C:\ProgramData\BitDefender
2017-03-21 12:37 - 2017-03-21 12:37 - 00000000 ____D C:\Users\pavel a iva\AppData\Local\AdAwareDesktop
2017-03-21 12:36 - 2017-03-21 12:36 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2017-03-21 12:34 - 2017-03-21 12:34 - 00000000 ____D C:\Users\pavel a iva\AppData\Local\AdAwareUpdater
2017-03-21 12:23 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-03-21 12:23 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-03-21 12:23 - 2015-02-03 05:34 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-03-21 12:23 - 2015-02-03 05:34 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-03-21 12:23 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-03-21 12:23 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-03-21 12:23 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 02644992 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-03-21 12:23 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-03-21 12:23 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-03-21 12:23 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-03-21 12:23 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-03-21 12:23 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2017-03-21 12:23 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-03-21 12:23 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2017-03-21 12:23 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-03-21 12:23 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2017-03-21 12:23 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2017-03-21 12:23 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2017-03-21 12:23 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-03-21 12:23 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-03-21 12:23 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2017-03-21 12:23 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-03-21 12:23 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-03-21 12:23 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-03-21 12:23 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2017-03-21 12:23 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-03-21 12:23 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2017-03-21 12:23 - 2015-02-03 05:30 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-03-21 12:23 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-03-21 12:23 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-03-21 12:23 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-03-21 12:23 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-03-21 12:23 - 2015-02-03 05:30 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-03-21 12:23 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-03-21 12:23 - 2015-02-03 05:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-03-21 12:23 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-03-21 12:23 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2017-03-21 12:23 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2017-03-21 12:23 - 2015-02-03 05:29 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-03-21 12:23 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2017-03-21 12:23 - 2015-02-03 05:28 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-03-21 12:23 - 2015-02-03 05:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-03-21 12:23 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-03-21 12:23 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-03-21 12:23 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2017-03-21 12:23 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-03-21 12:23 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-03-21 12:23 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 02135040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2017-03-21 12:23 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2017-03-21 12:23 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2017-03-21 12:23 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2017-03-21 12:23 - 2015-02-03 05:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-03-21 12:23 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2017-03-21 12:23 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-03-21 12:23 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2017-03-21 12:23 - 2015-02-03 05:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-03-21 12:23 - 2015-02-03 05:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-03-21 12:23 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2017-03-21 12:23 - 2015-02-03 05:08 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-03-21 12:23 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-03-21 12:23 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-03-21 12:23 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-03-21 12:23 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-03-21 12:23 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2017-03-21 12:23 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2017-03-21 12:21 - 2017-03-21 12:21 - 02558896 _____ C:\Users\pavel a iva\Downloads\Adaware_Installer.exe
2017-03-21 12:21 - 2017-03-21 12:21 - 00000000 ____D C:\Program Files\Common Files\adaware
2017-03-21 11:13 - 2017-03-21 11:13 - 02273093 _____ C:\Users\pavel a iva\Downloads\Čínská reklama na prášek na pran��.mp4
2017-03-20 22:24 - 2017-03-21 12:32 - 00000000 ____D C:\Program Files (x86)\AVG
2017-03-20 22:23 - 2017-03-20 22:23 - 03449312 _____ (AVG Technologies CZ, s.r.o.) C:\Users\pavel a iva\Downloads\Antivirus_Free_1894.exe
2017-03-09 17:57 - 2017-03-17 21:23 - 00000000 ____D C:\Program Files\Opera
2017-03-09 11:22 - 2017-03-09 11:22 - 00217625 _____ C:\Users\pavel a iva\Downloads\VY_32_INOVACE_2.2.01.4._M.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-07 08:30 - 2011-11-05 02:45 - 00666294 _____ C:\Windows\system32\perfh005.dat
2017-04-07 08:30 - 2011-11-05 02:45 - 00139990 _____ C:\Windows\system32\perfc005.dat
2017-04-07 08:30 - 2009-07-14 07:13 - 01576926 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-07 08:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-04-07 08:25 - 2011-11-09 07:50 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-07 08:25 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-06 20:19 - 2016-06-19 21:50 - 00002159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-06 20:19 - 2016-06-19 21:50 - 00002147 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-06 13:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2017-04-06 10:13 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-06 10:13 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-06 08:37 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2017-04-04 21:11 - 2009-07-14 07:08 - 00032594 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-03-21 19:27 - 2017-02-25 21:42 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-03-21 19:27 - 2017-02-25 21:42 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-03-21 12:32 - 2017-02-25 21:33 - 00000000 ____D C:\Users\pavel a iva\AppData\Local\AvgSetupLog
2017-03-21 12:32 - 2017-02-25 21:33 - 00000000 ____D C:\ProgramData\Avg
2017-03-21 12:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-03-21 12:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2017-03-21 11:58 - 2017-02-25 21:33 - 00000000 ____D C:\Users\pavel a iva\AppData\Local\Avg
2017-03-14 19:11 - 2016-06-19 20:02 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-14 19:11 - 2016-06-19 20:02 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-14 19:11 - 2016-06-19 20:02 - 00004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-14 19:11 - 2016-06-19 20:01 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-14 19:11 - 2011-07-13 12:48 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-10 20:35 - 2016-07-01 07:29 - 00003890 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1453623331
2017-03-09 09:36 - 2011-07-13 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2017-03-09 09:36 - 2011-07-13 12:17 - 00000000 ____D C:\Program Files (x86)\Acer
2017-03-09 09:17 - 2009-07-14 04:34 - 00000573 _____ C:\Windows\win.ini
2017-03-08 12:35 - 2009-07-14 05:20 - 00000000 ___RD C:\Users\Public\Hudba

==================== Files in the root of some directories =======

2014-05-10 17:29 - 2017-02-01 21:02 - 0014336 _____ () C:\Users\pavel a iva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-11-09 08:09 - 2011-11-09 08:12 - 0014794 _____ () C:\ProgramData\ArcadeDeluxe5.log
2016-03-14 19:17 - 2016-03-14 19:17 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-06-09 20:55 - 2015-06-09 20:56 - 0000032 _____ () C:\ProgramData\PS.log

Some files in TEMP:
====================
2017-04-04 20:13 - 2017-04-05 12:58 - 0030720 _____ (NirSoft) C:\Users\pavel a iva\AppData\Local\Temp\NirCmd.exe
2017-04-04 20:13 - 2017-04-05 12:58 - 0256512 _____ () C:\Users\pavel a iva\AppData\Local\Temp\PEVZ.EXE
2017-04-04 20:13 - 2017-04-05 12:58 - 0161792 _____ (SteelWerX) C:\Users\pavel a iva\AppData\Local\Temp\swreg.exe
2017-04-04 20:13 - 2017-04-05 12:58 - 0154232 _____ (Noël Danjou) C:\Users\pavel a iva\AppData\Local\Temp\wget.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-04-06 13:15

==================== End of FRST.txt ============================

[Márty84]

Napiste mi velikost adresare plochy (C:\Users\pavel a iva\Plocha)



Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

Task: {04F95B8F-9BBE-4EB5-8591-33D317AC415A} - System32\Tasks\{19F410FE-5FC9-4A67-8243-0C4CA1B1E846} => pcalua.exe -a "C:\Users\pavel a iva\AppData\Local\Temp\nro.tmp\SetupX.exe" -d "C:\Users\pavel a iva\AppData\Local\Temp\nro.tmp\" -c CONFIGPATH="C:\Users\pavel a iva\AppData\Local\Temp\7ZipSfx.000\" SC SOURCEPATH="C:\Users\pavel a iva\AppData\Local\Temp\7ZipSfx.000\" <==== ATTENTION

AlternateDataStreams: C:\ProgramData:gs5sys [2816]
AlternateDataStreams: C:\Users\All Users:gs5sys [2816]
AlternateDataStreams: C:\Users\pavel a iva:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [2816]
AlternateDataStreams: C:\Users\pavel a iva\Data aplikací:gs5sys [2560]
AlternateDataStreams: C:\Users\pavel a iva\Local Settings:gs5sys [2560]
AlternateDataStreams: C:\Users\pavel a iva\Soubory cookie:gs5sys [2048]
AlternateDataStreams: C:\Users\pavel a iva\Šablony:gs5sys [2048]
AlternateDataStreams: C:\Users\pavel a iva\Desktop\desktop.ini:gs5sys [2048]
AlternateDataStreams: C:\Users\pavel a iva\AppData\Local:gs5sys [2560]
AlternateDataStreams: C:\Users\pavel a iva\AppData\Roaming:gs5sys [2560]
AlternateDataStreams: C:\Users\pavel a iva\AppData\Local\Data aplikací:gs5sys [2560]
AlternateDataStreams: C:\Users\pavel a iva\AppData\Local\History:gs5sys [2048]

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox

FF Plugin HKU\S-1-5-21-2254503229-660155158-3332669493-1000: anvisoft.com/AdblockPlugin -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll [No File]

S3 avchv; system32\DRIVERS\avchv.sys [X]

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_85843E0F71DE959CB0CB6413D03AF1E4
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hotkey Utility
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^pavel a iva^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

[Kiara]

459 bajtů (459 bajtů) je plocha

[Kiara]

A zde vyplivaný fixlog

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by pavel a iva (07-04-2017 20:55:42) Run:1
Running from C:\Users\pavel a iva\Desktop
Loaded Profiles: pavel a iva & UpdatusUser (Available Profiles: pavel a iva & UpdatusUser)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

Task: {04F95B8F-9BBE-4EB5-8591-33D317AC415A} - System32\Tasks\{19F410FE-5FC9-4A67-8243-0C4CA1B1E846} => pcalua.exe -a "C:\Users\pavel a iva\AppData\Local\Temp\nro.tmp\SetupX.exe" -d "C:\Users\pavel a iva\AppData\Local\Temp\nro.tmp\" -c CONFIGPATH="C:\Users\pavel a iva\AppData\Local\Temp\7ZipSfx.000\" SC SOURCEPATH="C:\Users\pavel a iva\AppData\Local\Temp\7ZipSfx.000\" <==== ATTENTION

AlternateDataStreams: C:\ProgramData:gs5sys [2816]
AlternateDataStreams: C:\Users\All Users:gs5sys [2816]
AlternateDataStreams: C:\Users\pavel a iva:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [2816]
AlternateDataStreams: C:\Users\pavel a iva\Data aplikací:gs5sys [2560]
AlternateDataStreams: C:\Users\pavel a iva\Local Settings:gs5sys [2560]
AlternateDataStreams: C:\Users\pavel a iva\Soubory cookie:gs5sys [2048]
AlternateDataStreams: C:\Users\pavel a iva\Šablony:gs5sys [2048]
AlternateDataStreams: C:\Users\pavel a iva\Desktop\desktop.ini:gs5sys [2048]
AlternateDataStreams: C:\Users\pavel a iva\AppData\Local:gs5sys [2560]
AlternateDataStreams: C:\Users\pavel a iva\AppData\Roaming:gs5sys [2560]
AlternateDataStreams: C:\Users\pavel a iva\AppData\Local\Data aplikací:gs5sys [2560]
AlternateDataStreams: C:\Users\pavel a iva\AppData\Local\History:gs5sys [2048]

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox

FF Plugin HKU\S-1-5-21-2254503229-660155158-3332669493-1000: anvisoft.com/AdblockPlugin -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll [No File]

S3 avchv; system32\DRIVERS\avchv.sys [X]

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_85843E0F71DE959CB0CB6413D03AF1E4
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hotkey Utility
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^pavel a iva^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk

Hosts:
EmptyTemp:
Reboot:
End

*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{04F95B8F-9BBE-4EB5-8591-33D317AC415A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04F95B8F-9BBE-4EB5-8591-33D317AC415A} => key removed successfully
C:\Windows\System32\Tasks\{19F410FE-5FC9-4A67-8243-0C4CA1B1E846} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{19F410FE-5FC9-4A67-8243-0C4CA1B1E846} => key removed successfully
C:\ProgramData => ":gs5sys" ADS removed successfully.
"C:\Users\All Users" => ":gs5sys" ADS not found.
C:\Users\pavel a iva => ":gs5sys" ADS removed successfully.
"C:\ProgramData\Application Data" => ":gs5sys" ADS not found.
C:\Users\pavel a iva\Data aplikací => ":gs5sys" ADS removed successfully.
C:\Users\pavel a iva\Local Settings => ":gs5sys" ADS removed successfully.
C:\Users\pavel a iva\Soubory cookie => ":gs5sys" ADS removed successfully.
C:\Users\pavel a iva\Šablony => ":gs5sys" ADS removed successfully.
C:\Users\pavel a iva\Desktop\desktop.ini => ":gs5sys" ADS removed successfully.
"C:\Users\pavel a iva\AppData\Local" => ":gs5sys" ADS not found.
"C:\Users\pavel a iva\AppData\Roaming" => ":gs5sys" ADS not found.
"C:\Users\pavel a iva\AppData\Local\Data aplikací" => ":gs5sys" ADS not found.
C:\Users\pavel a iva\AppData\Local\History => ":gs5sys" ADS removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-2254503229-660155158-3332669493-1000\Software\MozillaPlugins\anvisoft.com/AdblockPlugin => key removed successfully
C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll => not found.
HKLM\System\CurrentControlSet\Services\avchv => key removed successfully
avchv => service removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent => key not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter => key not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx => key not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent => key not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_85843E0F71DE959CB0CB6413D03AF1E4 => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hotkey Utility => key not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent => key not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^pavel a iva^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4826930 B
Java, Flash, Steam htmlcache => 1981924 B
Windows/system/drivers => 614066157 B
Edge => 0 B
Chrome => 494109533 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 148851 B
systemprofile32 => 424 B
LocalService => 66228 B
NetworkService => 33125 B
pavel a iva => 69222566 B
UpdatusUser => 0 B

RecycleBin => 11296 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:56:18 ====

[Márty84]

459 bajtů (459 bajtů) je plocha

To asi ne, na plose mate FRST a jen to samotne ma pres 2 000 000 bajtu. To jste se divala na velikost te ikony plochy. Ja mel na mysli cely adresar


Udelejte novou kontrolu s MBAM

Nastala nejaka zmena?

[Kiara]

No to jsem ale jelito, omlouvám se, plocha má 2,37 MB (2 494 464 bajtů)

Změnilo se to, že už se mi neotvírá Query router a nevyskakují na moji rodinu hambatý holky! Jupíííííí! To je paráááááda, moc děkuji!!! Co jsem dlužna?

[Márty84]

No to jsem ale jelito, omlouvám se, plocha má 2,37 MB (2 494 464 bajtů)

Tak jestli mate fakt tak prazdnou plochu, je to super


Tak jeste uklidime...

Pokud test MBAM nic nenasel, odinstalujte ho.


Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak to s pc vypada. Pokud vse pujde jak ma, mame hotovo A dluzna nejste nic

[Kiara]

CCleaner mám už dlouho, používám pravidelně. Jinak jsem vše provedla. A mám ještě otázku: K čemu je dobré spouštět programy jako správce? Jo a nějakou kačku aspoň na kafe při tom vašem ponocování bych ráda poslala!

No to jsem ale jelito, omlouvám se, plocha má 2,37 MB (2 494 464 bajtů)

Tak jestli mate fakt tak prazdnou plochu, je to super


Tak jeste uklidime...

Pokud test MBAM nic nenasel, odinstalujte ho.


Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak to s pc vypada. Pokud vse pujde jak ma, mame hotovo A dluzna nejste nic

[Márty84]

A mám ještě otázku: K čemu je dobré spouštět programy jako správce?

Programy pak maji vetsi "pravomoc" a muzou efektivneji pracovat. Coz je fajn, pokud je to bezpecny legitimni program. V pripade haveti je to pak pruser

o a nějakou kačku aspoň na kafe při tom vašem ponocování bych ráda poslala!

No ja neponocuju kvuli fora, ale chystam se jit do prace, takze tady vzdycky predtim nakouknu
Samozrejme podpora fora mozna je, zde https://forum.viry.cz/viewtopic.php?f=7&t=78175 Za pripadny prispevek dekujeme

Je tedy vse v poradku a muzeme tema uzavrit?

[Kiara]

Ano, vše je v pořádku. Ještě se defragmentuje počítač, ale to nebude mít určitě vliv na nový výskyt havěti.
Tisíckrát děkuji za pomoc!

[Márty84]

Nemate vubec zac, rado se stalo!

Mejte se krasne a treba zase nekdy