Kontrola - zpomalený notebook

[JuMi]

Dobrý den,
prosím o kontrolu, velmi zpomalený notebook, dříve nedělalo.
Vkládám logy.
Děkuji.

FRST.rar

(13.67 KiB) Staženo 77 x

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.09.2018
Ran by Juřica Michal (23-09-2018 21:03:51)
Running from C:\Users\Juřica Michal\Desktop
Windows 10 Pro Version 1803 17134.286 (X64) (2018-07-16 10:49:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2602649610-1559384438-1550357517-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2602649610-1559384438-1550357517-503 - Limited - Disabled)
Guest (S-1-5-21-2602649610-1559384438-1550357517-501 - Limited - Disabled)
Juřica Michal (S-1-5-21-2602649610-1559384438-1550357517-1001 - Administrator - Enabled) => C:\Users\Juřica Michal
WDAGUtilityAccount (S-1-5-21-2602649610-1559384438-1550357517-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Flash Player 9 ActiveX (HKLM-x32\...\{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}) (Version: 9.0.16.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{8431b7d7-59d1-4f45-8212-a2eac049528f}) (Version: 19.60.0 - Intel Corporation)
Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
AutoCAD LT 2008 - Český (HKLM-x32\...\{5783F2D7-6009-0405-0002-0060B0CE6BBA}) (Version: 17.1.51.0 - Autodesk) Hidden
AutoCAD LT 2008 - Český (HKLM-x32\...\AutoCAD LT 2008 - Český) (Version: 17.1.51.0 - Autodesk)
Autodesk DWG TrueView 2015 - English (HKLM\...\DWG TrueView 2015 - English) (Version: 20.0.210.0 - Autodesk)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 18.1.5273 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 69.0.792.81 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon MF Scan Utility (HKLM-x32\...\Canon_MF_Scan_Utility) (Version: 1.4.0.0 - CANON INC.)
Canon MF633C/635C (HKLM\...\{7B95F8E4-3E24-4FAF-9CB0-5063F9E1202A}) (Version: 5.4.0.0 - CANON INC.)
CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12 - CyberLink Corp.)
Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{AB7F2792-2ED1-4C5C-9F28-680E5110BF72}) (Version: 3.1.1018.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\{4CB4741A-20C1-454E-8276-993D06A76D67}) (Version: 2.2.3.2 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{4164FBBB-3428-4EFE-863F-30CAC3ADE51A}) (Version: 3.1.2.3837 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{80642b68-d76d-4777-a9dc-4ca30647e8a8}) (Version: 3.1.2.3837 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{B16CC15E-08D8-4FA8-AE36-4DC5C197ED92}) (Version: 3.3.0.4941 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{74d58082-09be-4059-afb8-50334cde261d}) (Version: 3.3.0.4941 - Dell Inc.)
Dell Update (HKLM-x32\...\{D8AE5F9D-647C-49B4-A666-1C20B44EC0E1}) (Version: 2.1.3.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
DWG TrueView 2015 - English (HKLM\...\{5783F2D7-E028-0409-0100-0060B0CE6BBA}) (Version: 20.0.210.0 - Autodesk) Hidden
DYNALOG (HKLM-x32\...\DYNALOG) (Version: 3.5.43 DYA - Julius Blum Ges.m.b.H)
EasyMP Network Projection Ver.2.86 (HKLM-x32\...\{4A515955-A3D4-4FE6-98C0-E7987FF3279A}) (Version: 2.8.6.0 - SEIKO EPSON CORPORATION)
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
FormApps Signing Extension (HKLM-x32\...\{ACA43D91-8B42-4D42-8C8B-A893BD6AA40D}) (Version: 2.8.2.28 - Software602 a.s.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Huawei Drivers (HKLM-x32\...\{C82D8932-EB28-4da6-9582-33D515D46F04}) (Version: 5.01.05.00 - )
iCloud (HKLM\...\{82FCC407-A0E5-4B80-9241-5ABA78B61090}) (Version: 7.6.0.15 - Apple Inc.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.9.1053 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Internet Manager (HKLM-x32\...\Tmobile_Czech Estoril Internet Manager_is1) (Version: - T-mobile)
iTunes (HKLM\...\{9F1EE6A3-7BDE-48CC-BC81-1EA3D21D94E3}) (Version: 12.9.0.167 - Apple Inc.)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.8006.3 - Waves Audio Ltd.) Hidden
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Office 2000 Premium (HKLM-x32\...\{00000405-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Office 365 Business - cs-cz (HKLM\...\O365BusinessRetail - cs-cz) (Version: 16.0.10730.20102 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2602649610-1559384438-1550357517-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Mozilla Firefox 62.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 62.0.2 (x64 cs)) (Version: 62.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 62.0.2.6837 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 cs)) (Version: 52.9.1 - Mozilla)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Název společnosti:)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Optimik (HKLM-x32\...\Optimik_is1) (Version: - Rastislav Korytár - RK Software)
Origin (HKLM-x32\...\Origin) (Version: 10.4.16.25850 - Electronic Arts, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.318.1 - Tracker Software Products Ltd)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
PX Profile Update (HKLM-x32\...\{0D5E5C9A-84C2-D3E9-30EE-1836BA479E0E}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{6551EEEC-4938-70FF-77EB-E83D1E3E88C8}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{8DC1990E-2E49-BEA6-D083-C26A2BB218F9}) (Version: 1.00.1. - AMD) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.17.009 - Dell Inc.)
reaConverter 7 Standard (HKLM-x32\...\{659727C6-7267-4076-803B-351A467F6CAF}_is1) (Version: 7.2.85.0 - reaConverter LLC)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7737 - Realtek Semiconductor Corp.)
Registrace produktu (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:) Hidden
Registrace produktu Dell (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Sentinel Protection Installer 7.6.3 (HKLM-x32\...\{954D9E32-BE47-43F4-9BFF-6DB46F17EAF2}) (Version: 7.6.3 - SafeNet, Inc.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
SmartByte Drivers and Services (HKLM\...\{EC62F71A-6CFA-4918-9EBC-99BFF86DB3C9}) (Version: 1.2.600 - Název společnosti:)
Software602 Form Filler (HKLM-x32\...\{04703FE3-1A8B-4467-88E6-3D6A1A0FA65A}) (Version: 4.70 - Software602 a.s.)
Software602 Print2PDF (HKLM-x32\...\{32C74893-0243-4235-A6F3-201F0E5D2C03}) (Version: 9.1.11.0421 - Software602 a.s.)
Spotify (HKU\S-1-5-21-2602649610-1559384438-1550357517-1001\...\Spotify) (Version: 1.0.88.353.g15c26ea1 - Spotify AB)
T-Cloud Záloha (HKLM-x32\...\{01578B0D-17D0-4C40-965E-60DF1DAAED39}) (Version: 3.9.3 - Xopero Software) Hidden
T-Cloud Záloha (HKLM-x32\...\T-Cloud Záloha 3.9.3) (Version: 3.9.3 - Xopero Software)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer)
T-Mobile Internet Manager (HKLM-x32\...\T-Mobile Communication Centre) (Version: 2017-12-05@2017-04-13 - Gemfor s.r.o.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Trachea OS (HKLM-x32\...\{FF1A1986-738B-ED6F-81A9-4A5786029382}) (Version: 3.3.108 - SOFTconsult spol. s r.o.) Hidden
Trachea OS (HKLM-x32\...\TracheaOS) (Version: 3.3.108 - SOFTconsult spol. s r.o.)
TTLEditor 1.5 (HKLM-x32\...\{A1BFEB7F-3126-4F60-9CFD-8D4FC1B87BEB}_is1) (Version: 1.5 - Boris Maisuradze)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{8CFAB044-7D2E-4655-B86D-99932E988980}) (Version: 2.45.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0-2) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wood Flash 2.9 (HKLM-x32\...\Wood Flash) (Version: 2.9 - T.P.A. S.p.A.)
Zoner Photo Studio 14 (HKLM\...\ZonerPhotoStudio14_CZ_is1) (Version: 14.0.1.7 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2602649610-1559384438-1550357517-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2602649610-1559384438-1550357517-1001_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\en-US\dwgviewrficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-22] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-22] (AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-22] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2014-09-10] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2014-09-10] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2014-09-10] (Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-22] (AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-08-20] (Cyberlink)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-06-26] (Apple Inc.)
ContextMenuHandlers1: [Print602] -> {D5F8CFC7-1A45-4517-A565-E42CDE7880CF} => C:\Program Files (x86)\Software602\Print2PDF\CtxMenu64.dll [2011-04-15] (Software602)
ContextMenuHandlers1: [ReaConverter7_std] -> {0C83C06D-41F5-4666-B1C2-0923EA75EB10} => C:\Program Files (x86)\reaConverter 7 Standard\new_context64.dll [2017-01-13] ()
ContextMenuHandlers1: [ShellMenu] -> {cccccccc-aaaa-aaaa-aaaa-aaaaaaaaaaaa} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-08-20] (Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-22] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [ReaConverter7_std] -> {0C83C06D-41F5-4666-B1C2-0923EA75EB10} => C:\Program Files (x86)\reaConverter 7 Standard\new_context64.dll [2017-01-13] ()
ContextMenuHandlers4: [ShellMenu] -> {cccccccc-aaaa-aaaa-aaaa-aaaaaaaaaaaa} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-10-26] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxDTCM.dll [2018-03-22] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-22] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [ReaConverter7_std] -> {0C83C06D-41F5-4666-B1C2-0923EA75EB10} => C:\Program Files (x86)\reaConverter 7 Standard\new_context64.dll [2017-01-13] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1192CEFE-EFFE-4648-B1B2-964CE9496E8A} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe [2015-08-19] (CyberLink)
Task: {157FBE17-49E0-4AB4-A68E-32134060653F} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-09-17] (Microsoft Corporation)
Task: {1EAA193E-D3B6-4C36-BD43-5FC1D00E89C7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-19] (Piriform Ltd)
Task: {2A828C55-783F-4F15-A515-A8E6DAAED16D} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [2016-09-21] (Tracker Software Products (Canada) Ltd.)
Task: {2AC7A525-ED00-42F6-9D97-08C6534C0292} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [2018-08-09] (AVAST Software)
Task: {2BA0D6FC-735C-46C1-A53F-9ECA8F87E120} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-08] (Microsoft Corporation)
Task: {31A62CFF-C6E0-4E60-A1BC-CB44E3178B95} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [2018-03-20] (DELL)
Task: {337D3E16-6AE5-41B0-8483-8ABADB2BB8F9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-17] (Microsoft Corporation)
Task: {3C80E7E4-4AA6-4344-8525-50C1479460CA} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-09-18] (AVAST Software)
Task: {470ECF03-4013-424E-B328-3B11837D5A87} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-02-05] (Realtek Semiconductor)
Task: {4D7EDB43-D5C8-43EB-92DF-F8C5A30CD8B5} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-10-11] (Intel(R) Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6B4CA31D-4006-4066-A72B-72FE9A5F7F99} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-09-21] ()
Task: {6B6F1FE8-D379-41FA-82A5-07BC7AE88802} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-22] (AVAST Software)
Task: {7583D453-8FEB-43D3-A034-705C24A571B8} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [2018-07-08] (Dell Inc.)
Task: {7DD1137E-82C0-459D-B5D3-EC216D8CA4A1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-19] (Piriform Ltd)
Task: {9424CBBF-A0B0-4721-AF15-C7F043E7BB21} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {97834511-BAC8-4C5E-9C36-DA3A028D4061} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLVDLauncher.exe [2015-01-29] (CyberLink Corp.)
Task: {9E8F4920-4434-4A62-B73B-6B675C42AFE9} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.)
Task: {A071F39D-7A9F-43F5-B67F-36D9C54A425E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-13] (Google Inc.)
Task: {A1A0EF58-C1DF-416C-9B3E-4326CABF91CB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-13] (Google Inc.)
Task: {A4AF49CB-90C4-4481-8A3F-BF583327896A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-17] (Microsoft Corporation)
Task: {A4CD7BDE-B3CE-4089-A800-2737C37FBA8D} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-10-26] (Advanced Micro Devices, Inc.)
Task: {A6B11D71-A97E-470B-BC15-A27236F4F8C5} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-06] (AVAST Software)
Task: {ABF100BF-823C-44FA-AE36-DFFFE21EE1FD} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.)
Task: {B4EB22DE-FADE-41DD-BE0E-6B3B50CDD77E} - System32\Tasks\SafeZone scheduled Autoupdate 1476020617 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {BE108CBF-2CDF-4A93-ABDD-B945CCE9BD33} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {CB020DB1-8434-4EF2-95CF-8F0BD7CCBD8D} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-15] (Adobe Systems Incorporated)
Task: {D4D5ACA7-3A09-4C36-B49A-DD32004BE9A8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-09-17] (Microsoft Corporation)
Task: {EDEABA42-564B-46DD-BD61-BF5FEE0B4EDB} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-06] (AVAST Software)
Task: {F085F16A-AE53-472E-8F1E-0CCB52F78E5C} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {F3D9A128-913B-45C6-AF4B-E1EAB6853C08} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {FCDE7189-37D8-4872-8C80-983DE198A9BD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-08] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-02-15 21:01 - 2016-02-15 21:01 - 000031256 _____ () C:\WINDOWS\System32\us008lm.dll
2018-01-03 15:43 - 2010-12-02 03:13 - 000216576 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\Software602.dll
2017-12-08 02:48 - 2017-12-08 02:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-08-22 22:18 - 2018-08-22 22:18 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-02-29 17:01 - 2014-04-15 04:59 - 000253776 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2018-01-27 19:39 - 2014-12-11 12:24 - 000076584 _____ () C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
2018-09-22 21:01 - 2018-09-12 17:57 - 002785784 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-09-22 21:01 - 2018-09-12 11:35 - 002701064 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2017-01-16 16:11 - 2017-01-13 17:30 - 001787904 _____ () C:\Program Files (x86)\reaConverter 7 Standard\new_context64.dll
2018-09-18 16:17 - 2018-09-15 04:17 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-18 08:28 - 2018-07-18 08:29 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-18 08:28 - 2018-07-18 08:29 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-18 08:28 - 2018-07-18 08:30 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-18 08:28 - 2018-07-18 08:29 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-09-12 15:05 - 2018-09-12 15:06 - 035124736 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-09-12 15:05 - 2018-09-12 15:06 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-09-12 15:05 - 2018-09-12 15:05 - 006417408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 07:34 - 2017-09-26 07:35 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-09-12 15:05 - 2018-09-12 15:05 - 009010176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2017-06-05 05:33 - 2017-06-05 05:33 - 000015360 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2017-06-05 05:33 - 2017-06-05 05:33 - 002519040 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-08-28 10:46 - 2018-08-28 10:46 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-08-28 10:46 - 2018-08-28 10:46 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-07-12 14:15 - 2018-07-12 14:15 - 002587968 _____ () C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\libprotobuf.dll
2018-09-19 10:12 - 2018-09-19 10:12 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-01-27 19:39 - 2014-12-11 12:19 - 000159016 _____ () C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe
2016-02-29 16:59 - 2014-12-08 09:28 - 000627672 _____ () C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMediaLibrary.dll
2014-12-09 01:28 - 2014-12-09 01:28 - 000016856 _____ () C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvcPS.dll
2017-09-19 10:35 - 2017-09-19 10:35 - 000134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2018-03-07 08:34 - 2018-03-07 08:34 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-08-22 11:11 - 2018-08-22 11:11 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-08-22 22:19 - 2018-08-22 22:19 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2018-08-22 22:18 - 2018-08-22 22:18 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2017-12-08 02:49 - 2017-12-08 02:49 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-11-20 10:41 - 2016-09-12 15:53 - 048936448 _____ () C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
2018-03-27 13:41 - 2018-03-27 13:41 - 000134616 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2017-11-09 01:44 - 2017-11-09 01:44 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-09-17 09:06 - 2018-09-17 09:06 - 000166992 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\JitV.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2602649610-1559384438-1550357517-1001\Software\Classes\.scr: AutoCADLTScriptFile => "C:\Windows\system32\notepad.exe" "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-07-15 10:40 - 2018-09-23 20:23 - 000000034 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2602649610-1559384438-1550357517-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Juřica Michal\Pictures\Saved Pictures\Rap.jpg
DNS Servers: 192.168.211.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Prompt)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-2602649610-1559384438-1550357517-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C4357CDB-C22F-4F99-BBC1-6618A7C8CA7D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{6ED062A6-1FD2-4F8E-A175-4D2F8D72644E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{B78AAB36-72FC-48C6-9626-B229678A3A8A}] => (Allow) C:\Program Files (x86)\EPSON Projector\EasyMP Network Projection V2\EMP_NSC.exe
FirewallRules: [{12D09F1A-521C-4557-88FE-29F92201FBD6}] => (Allow) C:\Program Files (x86)\EPSON Projector\EasyMP Network Projection V2\EMP_NSC.exe
FirewallRules: [{CB5F2142-7DE4-46FA-896B-B17EDC63A22A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{EF2894CB-2A59-4190-8AD3-B5273DB0079D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A383D04C-8329-4A6D-854C-2F87CBE73007}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6DC9C8D0-C3FF-41D0-9A32-336D5E980766}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{419E98DB-F461-45EC-9EB4-11CDEC03EA10}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{3D0141B8-6BBC-4EC9-9476-0CDC7BDBD448}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
FirewallRules: [{6860E79F-34BE-4643-AC6D-32D347A30DB7}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
FirewallRules: [{AA57C455-2740-4ECF-8F8C-624056174686}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
FirewallRules: [{F5275CE7-65EF-4EA9-8605-1EE0C22B22AF}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
FirewallRules: [{BF734FB3-4A9D-4174-B10F-7777793EAA63}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{745FB2B6-F2F3-4C61-8269-6CA0893299C5}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{A5780F80-10AB-4D43-9311-6CDD8E7BC433}] => (Allow) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{6A0C807E-2BC4-4FC6-835F-DE61361BCBCB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BDAD8A64-AD5C-4FBF-A04C-C7E501EF5473}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B5131ED7-D92D-4C28-9165-E66F9CC5F426}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5F4B021C-234D-4578-AA8B-97CE12939BA1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CD5F10DC-6BBE-4D3D-91B7-31755BFE7727}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C8ED777D-73B0-4D51-B7BC-D74E08E70442}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{F743ECA0-E316-40DE-9A72-559C89B9BECF}C:\users\juřica michal\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\juřica michal\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6CF02B70-32D5-4344-B027-596863BA1A0C}C:\users\juřica michal\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\juřica michal\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D29ACE0C-7951-4104-9128-7C1AE277A5FD}] => (Allow) C:\Program Files (x86)\T-Cloud Záloha\Opero.Client.ClientApplication.exe
FirewallRules: [{D1457BE3-2DC4-46CA-A2C5-954D49263690}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{633924E6-7027-46DE-84B1-2DB7B2251087}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3B71DCAC-5A71-414B-B483-270E2EC7ADE6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8F5DB7C7-BB56-4926-947D-F40A68F72EF2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6FD2A9E1-90FA-4DEB-B840-5AF170206CCF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D94310E0-217F-4BE9-996E-77D6E353666F}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{B7F13652-A6F0-4685-80DE-45D653ED48FC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{38294128-0637-41F1-AD0F-9F77741D5A2B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{745450A8-3713-44BA-BBBC-2E6A23604C14}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{B9FC6916-0610-4A23-859E-0F26B608A904}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{50B99501-0288-4D26-8EFD-8866FDBD9359}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [TCP Query User{81F081E2-CF31-49D7-8511-CA21FDAE6985}C:\users\juřica michal\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\juřica michal\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{9D082403-FA33-4C7E-8B6E-B1F52F89A20F}C:\users\juřica michal\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\juřica michal\appdata\roaming\spotify\spotify.exe
FirewallRules: [{BA116BF8-5E3A-4DC3-A2B0-CA0CAF43D5E2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{338365CE-CD45-4095-B03F-B8E4B2D4E4B0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{F2BDFAD0-8C73-48D9-92BF-BAAE7D916ED1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{36728D7A-3162-49B5-A777-AC3335A5DE85}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{701C7065-CE1D-4F4D-8471-E73548599B7F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B63EC0A5-220D-4C89-82AE-0580CDAD2A38}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{0892EC7D-FACE-4CF0-A822-C40276D58844}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{15EF5408-7812-4A71-875E-B413AF7AE494}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{DEADC85B-F1C6-463F-A5FF-A59759A7E219}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{21F5D294-9DF7-4672-A3AC-A6F886E016EE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

==================== Restore Points =========================

18-09-2018 16:15:46 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/23/2018 08:56:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: UpdaterUI.exe, verze: 6.0.6992.1236, časové razítko: 0x5b3b18d5
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.165, časové razítko: 0xb0bb231d
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0x3140
Čas spuštění chybující aplikace: 0x01d4536f26660b14
Cesta k chybující aplikaci: C:\Program Files\Dell\SupportAssistAgent\PCDr\Updater\6.0.6992.1236\UpdaterUI.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 3c0ed33b-5f7f-4704-9bbe-c7ae6f0e38e5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/23/2018 08:56:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: UpdaterUI.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na <StartupCode$UpdaterUI>.$Program..cctor()

Informace o výjimce: System.TypeInitializationException
na Program..cctor()

Informace o výjimce: System.TypeInitializationException
na Program.main(System.String[])

Error: (09/23/2018 08:26:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: UpdaterUI.exe, verze: 6.0.6992.1236, časové razítko: 0x5b3b18d5
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.165, časové razítko: 0xb0bb231d
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0x2dc8
Čas spuštění chybující aplikace: 0x01d4536ae8c83029
Cesta k chybující aplikaci: C:\Program Files\Dell\SupportAssistAgent\PCDr\Updater\6.0.6992.1236\UpdaterUI.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: d47491a6-7c97-49fd-8806-9fad0f0e00ca
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/23/2018 08:26:16 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: UpdaterUI.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na <StartupCode$UpdaterUI>.$Program..cctor()

Informace o výjimce: System.TypeInitializationException
na Program..cctor()

Informace o výjimce: System.TypeInitializationException
na Program.main(System.String[])

Error: (09/23/2018 07:53:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: UpdaterUI.exe, verze: 6.0.6992.1236, časové razítko: 0x5b3b18d5
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.165, časové razítko: 0xb0bb231d
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0x3354
Čas spuštění chybující aplikace: 0x01d453664ff38a45
Cesta k chybující aplikaci: C:\Program Files\Dell\SupportAssistAgent\PCDr\Updater\6.0.6992.1236\UpdaterUI.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: d5d5f064-ec6c-4fb6-a705-e32537e3aff1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/23/2018 07:53:20 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: UpdaterUI.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na <StartupCode$UpdaterUI>.$Program..cctor()

Informace o výjimce: System.TypeInitializationException
na Program..cctor()

Informace o výjimce: System.TypeInitializationException
na Program.main(System.String[])

Error: (09/23/2018 07:23:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: UpdaterUI.exe, verze: 6.0.6992.1236, časové razítko: 0x5b3b18d5
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.165, časové razítko: 0xb0bb231d
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0x327c
Čas spuštění chybující aplikace: 0x01d4536217ad3fab
Cesta k chybující aplikaci: C:\Program Files\Dell\SupportAssistAgent\PCDr\Updater\6.0.6992.1236\UpdaterUI.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 7c9962f3-8c8b-4eaf-8cda-fd04c925080b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/23/2018 07:23:10 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: UpdaterUI.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na <StartupCode$UpdaterUI>.$Program..cctor()

Informace o výjimce: System.TypeInitializationException
na Program..cctor()

Informace o výjimce: System.TypeInitializationException
na Program.main(System.String[])


System errors:
=============
Error: (09/23/2018 08:35:30 PM) (Source: DCOM) (EventID: 10016) (User: DELL-ML-2)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DELL-ML-2\Juřica Michal (SID: S-1-5-21-2602649610-1559384438-1550357517-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/23/2018 08:34:38 PM) (Source: DCOM) (EventID: 10016) (User: DELL-ML-2)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DELL-ML-2\Juřica Michal (SID: S-1-5-21-2602649610-1559384438-1550357517-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/23/2018 08:33:23 PM) (Source: DCOM) (EventID: 10016) (User: DELL-ML-2)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DELL-ML-2\Juřica Michal (SID: S-1-5-21-2602649610-1559384438-1550357517-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/23/2018 08:33:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime přestala během spouštění reagovat.

Error: (09/23/2018 08:31:50 PM) (Source: DCOM) (EventID: 10016) (User: DELL-ML-2)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DELL-ML-2\Juřica Michal (SID: S-1-5-21-2602649610-1559384438-1550357517-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/23/2018 08:31:03 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.

Error: (09/23/2018 08:26:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Dell Digital Delivery Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (09/23/2018 08:26:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Dell Digital Delivery Service bylo dosaženo časového limitu (30000 ms).


CodeIntegrity:
===================================

Date: 2018-08-10 18:11:11.373
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz
Percentage of memory in use: 57%
Total physical RAM: 8083.82 MB
Available physical RAM: 3398.73 MB
Total Virtual: 11304.13 MB
Available Virtual: 2117.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:625.12 GB) (Free:503.31 GB) NTFS
Drive m: (DATA) (Fixed) (Total:292.97 GB) (Free:209.82 GB) NTFS

\\?\Volume{47f949d1-3891-4221-a89a-4eaefc066774}\ () (Fixed) (Total:0.44 GB) (Free:0.04 GB) NTFS
\\?\Volume{a377ad25-3fb4-4002-83bd-53dbb92d04e2}\ (Image) (Fixed) (Total:12.37 GB) (Free:0.6 GB) NTFS
\\?\Volume{0da3b56a-93c8-443a-bd49-ceadfc682587}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32
\\?\Volume{a5ef1ecb-f484-11e7-9da1-183da2fc3c1b}\ (DATA) (RAMDisk) (Total:292.97 GB) (Free:211.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DC2F5100)

Partition: GPT.

==================== End of Addition.txt ============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[JuMi]

Požadovaný log

# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-24-2018
# Duration: 00:00:32
# OS: Windows 10 Pro
# Scanned: 41930
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1281 octets] - [20/09/2018 15:01:04]
AdwCleaner[C00].txt - [1447 octets] - [20/09/2018 15:01:46]
AdwCleaner[S01].txt - [1359 octets] - [23/09/2018 19:38:09]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########

[Rudy]

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2602649610-1559384438-1550357517-1001\...\MountPoints2: {f675bc2d-ad19-11e8-9dd4-183da2fc3c1b} - "E:\Autorun.exe"
HKU\S-1-5-21-2602649610-1559384438-1550357517-1001\...\MountPoints2: {f675c15e-ad19-11e8-9dd4-183da2fc3c1b} - "E:\HiSuiteDownLoader.exe"
SearchScopes: HKLM -> DefaultScope {E0725565-A541-4F42-A6F0-89C7A2C63F46} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w28&q={searchTerms}
SearchScopes: HKLM -> {E0725565-A541-4F42-A6F0-89C7A2C63F46} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w28&q={searchTerms}
SearchScopes: HKLM-x32 -> {E0725565-A541-4F42-A6F0-89C7A2C63F46} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w28&q={searchTerms}
earchScopes: HKU\S-1-5-21-2602649610-1559384438-1550357517-1001 -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w28&q={searchTerms}
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[JuMi]

Fix result of Farbar Recovery Scan Tool (x64) Version: 23.09.2018
Ran by Juřica Michal (24-09-2018 11:27:38) Run:1
Running from C:\Users\Juřica Michal\Desktop
Loaded Profiles: Juřica Michal & (Available Profiles: Juřica Michal)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2602649610-1559384438-1550357517-1001\...\MountPoints2: {f675bc2d-ad19-11e8-9dd4-183da2fc3c1b} - "E:\Autorun.exe"
HKU\S-1-5-21-2602649610-1559384438-1550357517-1001\...\MountPoints2: {f675c15e-ad19-11e8-9dd4-183da2fc3c1b} - "E:\HiSuiteDownLoader.exe"
SearchScopes: HKLM -> DefaultScope {E0725565-A541-4F42-A6F0-89C7A2C63F46} URL = hxxps://search.gmx.com/web/result?origi ... w=y1w28&q={searchTerms}
SearchScopes: HKLM -> {E0725565-A541-4F42-A6F0-89C7A2C63F46} URL = hxxps://search.gmx.com/web/result?origi ... w=y1w28&q={searchTerms}
SearchScopes: HKLM-x32 -> {E0725565-A541-4F42-A6F0-89C7A2C63F46} URL = hxxps://search.gmx.com/web/result?origi ... w=y1w28&q={searchTerms}
earchScopes: HKU\S-1-5-21-2602649610-1559384438-1550357517-1001 -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL = hxxps://search.gmx.com/web/result?origi ... w=y1w28&q={searchTerms}
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKU\S-1-5-21-2602649610-1559384438-1550357517-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f675bc2d-ad19-11e8-9dd4-183da2fc3c1b}" => removed successfully
HKLM\Software\Classes\CLSID\{f675bc2d-ad19-11e8-9dd4-183da2fc3c1b} => not found
"HKU\S-1-5-21-2602649610-1559384438-1550357517-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f675c15e-ad19-11e8-9dd4-183da2fc3c1b}" => removed successfully
HKLM\Software\Classes\CLSID\{f675c15e-ad19-11e8-9dd4-183da2fc3c1b} => not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E0725565-A541-4F42-A6F0-89C7A2C63F46}" => removed successfully
HKLM\Software\Classes\CLSID\{E0725565-A541-4F42-A6F0-89C7A2C63F46} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E0725565-A541-4F42-A6F0-89C7A2C63F46}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{E0725565-A541-4F42-A6F0-89C7A2C63F46} => not found
earchScopes: HKU\S-1-5-21-2602649610-1559384438-1550357517-1001 -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL = hxxps://search.gmx.com/web/result?origi ... w=y1w28&q={searchTerms} => Error: No automatic fix found for this entry.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29600872 B
Java, Flash, Steam htmlcache => 988 B
Windows/system/drivers => 1410959 B
Edge => 3584 B
Chrome => 157398083 B
Firefox => 256435662 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 2849599 B
systemprofile32 => 123016 B
LocalService => 3610 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Juřica Michal => 571586826 B

RecycleBin => 319097218 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:28:42 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[JuMi]

Na první pohled se zdá, že nastala změna k lepšímu. Uvidíme ...
Zatím děkuji.

[Rudy]

Zatím není zač!