Problem s nabehnutim plochy

[Eddward]

Zdravim,

Asi od vcera pozorujem problem pri starte Windowsu. Bud ostane na obrazovke Vitajte a dalej sa nepohne (kolecko sa ale toci), alebo sa po chvili dostane na plochu, ale viac sa s tym neda pracovat. Mys pracuje a neda sa na nic kliknut, na liste Startu nabehnu len hodiny a ikona Start. S mysou sa da pohybovat ale neda sa na nic kliknut. Je to mrtve. Neviem co sa deje, absolutne nic sa neinstalovalo poslednu dobu ani nic specialne nerobilo, len zrazu sa toto deje. Skusal som uz rozne veci ako preinstalovanie grafickeho ovladaca, preskenoval som ESET online skenom aj Malwarebytes antimalwareom, vsetko co naslo som pomazal. Odstranil som aj Windows aktualizacie a vratil na prvu verziu Windows 10 v1803.
Zakazal som aj nejake veci co sa spustaju po starte, ale nic nepomaha.
Jedine na co som prisiel je ze ked odpojim LAN kabel (internet) tak vsetko zda sa funguje spolahlivo.
Po pripojeni kabla je 9/10 startov zlych ako som popisal vyssie.

Logy v prilohe

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Eddward]

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-12.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-21-2018
# Duration: 00:00:02
# OS: Windows 10 Pro
# Cleaned: 76
# Failed: 2


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\ytd video downloader
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Deleted C:\Users\Edo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Deleted C:\Program Files (x86)\GreenTree Applications
Deleted C:\ProgramData\apn

***** [ Files ] *****

Deleted C:\Users\Edo\AppData\Roaming\Mozilla\Firefox\Profiles\jd8e1a33.default\invalidprefs.js
Deleted C:\Users\Edo\AppData\Roaming\regsvr32.exe_log.txt

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Deleted HKLM\Software\Wow6432Node\08d37ad9-f699-cb96-4b96-1d827973d3ea
Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKLM\Software\Wow6432Node\ICQ\ICQToolbar
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
Deleted HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted HKLM\Software\Wow6432Node\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted HKCU\Software\UpdateStar
Deleted HKCU\Software\PIP
Deleted HKLM\Software\Wow6432Node\PIP
Deleted HKCU\Software\APN PIP
Deleted HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Deleted HKLM\Software\Wow6432Node\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Deleted HKLM\Software\Wow6432Node\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Deleted HKLM\Software\Wow6432Node\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Deleted HKLM\Software\Wow6432Node\YourFileDownloader
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Deleted HKLM\Software\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Deleted HKLM\Software\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
Deleted HKLM\Software\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
Deleted HKLM\Software\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Deleted HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Deleted HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Deleted HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Deleted HKLM\Software\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Deleted HKLM\Software\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Deleted HKLM\Software\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Deleted HKLM\Software\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Deleted HKLM\Software\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Deleted HKLM\Software\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Deleted HKLM\Software\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Deleted HKLM\Software\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Deleted HKLM\Software\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Deleted HKLM\Software\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Deleted HKLM\Software\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Deleted HKLM\Software\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Deleted HKLM\Software\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Deleted HKLM\Software\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Deleted HKLM\Software\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Deleted HKLM\Software\Classes\Interface\{BB9817CA-9B43-41EB-8706-44847957338D}
Deleted HKLM\Software\Classes\Prod.cap
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|ICQ Search
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{601EAC53-BB21-4B2D-830F-30A6DA4FC674}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Deleted HKLM\Software\Wow6432Node\Mail.Ru
Deleted HKCU\Software\Classes\TypeLib\{157B1AA6-3E5C-404A-9118-C1D91F537040}
Deleted HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-346989771-1160639889-3117841305-1000\Software\SweetIM

***** [ Chromium (and derivatives) ] *****

Deleted ppdjnkblmcjfnlogjjhpigpdgpcgdpll
Deleted FBPHOTOZOOM
Deleted SweetIM for Facebook

***** [ Chromium URLs ] *****

Deleted mystartsearch
Deleted ICQ Search
Deleted SweetIM Search
Deleted mystartsearch
Deleted mystartsearch
Deleted mystartsearch
Deleted SweetIM Search
Deleted WebSearch
Not Deleted WebSearch
Deleted WebSearch
Not Deleted WebSearch

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [8101 octets] - [21/10/2018 22:09:19]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

OK. Dejte nový log FRST.

[Eddward]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Ran by Edo (administrator) on EDO-PC (22-10-2018 11:05:31)
Running from C:\Users\Edo\Desktop
Loaded Profiles: Edo (Available Profiles: Edo)
Platform: Windows 10 Pro Version 1803 17134.345 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1809.2-0\MsMpEng.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1809.2-0\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{43f432cb-1fc8-4e1c-bca0-252afe5725e7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{68996fc1-735d-4d5e-9333-7a36951d4c15}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{acace881-d992-42a1-b2d0-95409a79cf15}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{beee578a-d7a0-4d35-97df-4e301c8af56f}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{ea5e466e-8ed5-4ba2-bf7f-f9e6e13f4ee8}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{eb751e0a-eef4-403d-83b1-5d4d258b9a91}: [DhcpNameServer] 7.254.254.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.swellsearch.info/?l=1&q={searchTerms}&pid=21242&r=2015/03/08&hid=12967995321305785416&lg=EN&cc=SK&unqvl=84
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.swellsearch.info/?l=1&q={searchTerms}&pid=21242&r=2015/03/08&hid=12967995321305785416&lg=EN&cc=SK&unqvl=84
SearchScopes: HKU\S-1-5-21-346989771-1160639889-3117841305-1000 -> DefaultScope {601EAC53-BB21-4B2D-830F-30A6DA4FC674} URL =
SearchScopes: HKU\S-1-5-21-346989771-1160639889-3117841305-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&r=514
SearchScopes: HKU\S-1-5-21-346989771-1160639889-3117841305-1000 -> {7072DC13-5827-4235-9DEA-F02765D83C42} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-346989771-1160639889-3117841305-1000 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.swellsearch.info/?l=1&q={searchTerms}&pid=21242&r=2015/03/08&hid=12967995321305785416&lg=EN&cc=SK&unqvl=84
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-10-20] (Microsoft Corporation)
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} hxxp://195.28.70.134/kapor2/lib/mgaxctrl.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-29] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-346989771-1160639889-3117841305-1000 -> hxxp://www.google.sk/

FireFox:
========
FF DefaultProfile: jd8e1a33.default
FF ProfilePath: C:\Users\Edo\AppData\Roaming\Mozilla\Firefox\Profiles\jd8e1a33.default [2018-10-22]
FF Homepage: Mozilla\Firefox\Profiles\jd8e1a33.default -> hxxp://www.google.sk/
FF NewTab: Mozilla\Firefox\Profiles\jd8e1a33.default -> hxxps://www.google.sk/
FF Extension: (uBlock Origin) - C:\Users\Edo\AppData\Roaming\Mozilla\Firefox\Profiles\jd8e1a33.default\Extensions\uBlock0@raymondhill.net.xpi [2018-10-18]
FF Extension: (Majster N!) - C:\Users\Edo\AppData\Roaming\Mozilla\Firefox\Profiles\jd8e1a33.default\Extensions\{cccd0d58-96d4-43f1-ae2a-1ec0f99f6f71}.xpi [2017-10-29]
FF Extension: (Adblock Plus) - C:\Users\Edo\AppData\Roaming\Mozilla\Firefox\Profiles\jd8e1a33.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-08-30]
FF Extension: (Nepi Jano!) - C:\Users\Edo\AppData\Roaming\Mozilla\Firefox\Profiles\jd8e1a33.default\Extensions\{efca0a1f-71f3-485a-8df9-322da85b676e}.xpi [2018-03-21]
FF ProfilePath: C:\Users\Edo\AppData\Roaming\Mozilla\Firefox\Profiles\1o8xh6ze.novy [2018-10-21]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll [2018-09-12] ()
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-12] ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-11] (Microsoft Corporation)
FF Plugin-x32: @raidcall.kr/RCplugin -> C:\Users\Edo\AppData\Roaming\RCKR\plugins\nprcplugin.dll [2012-08-09] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-346989771-1160639889-3117841305-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Edo\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-346989771-1160639889-3117841305-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Edo\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.sk/"
CHR Profile: C:\Users\Edo\AppData\Local\Google\Chrome\User Data\Default [2018-10-21]
CHR Extension: (Magio GO) - C:\Users\Edo\AppData\Local\Google\Chrome\User Data\Default\Extensions\anoiechkjklgabdfompidjolhpfdpjdd [2017-04-13]
CHR Extension: (YouTube) - C:\Users\Edo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-18]
CHR Extension: (uBlock Origin) - C:\Users\Edo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-09-28]
CHR Extension: (Google Search) - C:\Users\Edo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Edo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Edo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Edo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Edo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-06]
CHR Profile: C:\Users\Edo\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-05-11]
CHR Extension: (No Name) - C:\Users\Edo\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\hadgncflclgppldajdlmglcbodpfhpon [2015-03-08]
CHR Extension: (Oogle) - C:\Users\Edo\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\hnldbiikfjheppkbnjbnkgimnfejifpf [2015-08-10] [UpdateUrl: hxxps://mynamedomain.koko//0service/update2/crx] <==== ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [anoiechkjklgabdfompidjolhpfdpjdd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6076936 2018-05-31] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9683736 2018-10-14] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [529056 2018-02-14] (EasyAntiCheat Ltd)
S4 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2018-02-06] (Futuremark)
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2018-02-13] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-12-05] (Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2017-02-19] (Intel Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [11072272 2018-08-16] (LLC Mail.Ru)
S4 NahimicService; C:\WINDOWS\System32\NahimicService.exe [1185736 2018-04-11] (Nahimic)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2216256 2018-10-10] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3087176 2018-10-10] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [672824 2018-04-17] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\NisSrv.exe [3847376 2018-09-25] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MsMpEng.exe [114200 2018-09-25] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S4 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [20992 2015-01-21] (LG Electronics Inc.)
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (LG Electronics Inc.)
S3 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [24840 2009-01-08] (IVT Corporation.)
S3 btnetBUs; C:\WINDOWS\System32\Drivers\btnetBus.sys [35848 2008-12-07] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [942128 2018-02-13] (Intel Corporation)
S3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [31624 2008-07-02] (IVT Corporation.)
S3 Ke2200; C:\WINDOWS\System32\drivers\e22w7x64.sys [129200 2014-03-27] (Qualcomm Atheros, Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [10288768 2018-08-16] (LLC Mail.Ru)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f4187dc256a67a6b\nvlddmkm.sys [20337064 2018-10-12] (NVIDIA Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2012-11-24] ()
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Resplendence Software Projects Sp.)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] ()
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46896 2018-04-23] ()
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [47944 2018-01-16] (SteelSeries ApS)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] ()
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46184 2018-09-25] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [352424 2018-09-25] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60584 2018-09-25] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-22 11:05 - 2018-10-22 11:05 - 002414592 _____ (Farbar) C:\Users\Edo\Desktop\FRST64.exe
2018-10-22 11:05 - 2018-10-22 11:05 - 000018370 _____ C:\Users\Edo\Desktop\FRST.txt
2018-10-21 23:26 - 2018-10-22 00:06 - 000003120 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2018-10-21 22:08 - 2018-10-21 22:09 - 000000000 ____D C:\AdwCleaner
2018-10-21 19:57 - 2018-10-22 11:05 - 000000000 ____D C:\FRST
2018-10-21 18:07 - 2018-10-21 18:07 - 000000000 ____D C:\Users\Edo\AppData\Roaming\NVIDIA
2018-10-21 18:06 - 2018-10-22 11:04 - 000000000 ____D C:\ProgramData\NVIDIA
2018-10-21 18:06 - 2018-10-21 18:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-10-21 18:06 - 2018-10-21 18:06 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-10-21 18:06 - 2018-10-12 17:38 - 000552504 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-10-21 18:06 - 2018-10-12 17:38 - 000456632 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-10-21 18:06 - 2018-10-11 09:19 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-10-21 18:06 - 2018-10-11 01:10 - 005939056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-10-21 18:06 - 2018-10-11 01:10 - 002611696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-10-21 18:06 - 2018-10-11 01:09 - 001767816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-10-21 18:06 - 2018-10-11 01:09 - 000635704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-10-21 18:06 - 2018-10-11 01:09 - 000450416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-10-21 18:06 - 2018-10-11 01:09 - 000124400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-10-21 18:06 - 2018-10-11 01:09 - 000083256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-10-21 18:06 - 2018-10-11 00:37 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-10-21 18:06 - 2018-10-08 11:08 - 008379002 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-10-21 18:05 - 2018-10-21 18:06 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-10-21 18:05 - 2018-10-12 17:38 - 000978312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2018-10-21 18:05 - 2018-10-12 17:38 - 000978312 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-10-21 18:05 - 2018-10-12 17:38 - 000845184 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2018-10-21 18:05 - 2018-10-12 17:38 - 000845184 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-10-21 18:05 - 2018-10-12 17:38 - 000268168 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2018-10-21 18:05 - 2018-10-12 17:38 - 000268168 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-10-21 18:05 - 2018-10-12 17:38 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-10-21 18:05 - 2018-10-12 17:38 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-10-21 18:05 - 2018-10-12 17:37 - 002017888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441634.dll
2018-10-21 18:05 - 2018-10-12 17:37 - 001997736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-10-21 18:05 - 2018-10-12 17:37 - 001508112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-10-21 18:05 - 2018-10-12 17:37 - 001468464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441634.dll
2018-10-21 18:05 - 2018-10-12 17:37 - 001455560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-10-21 18:05 - 2018-10-12 17:37 - 001122672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-10-21 18:05 - 2018-10-12 17:37 - 000631664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-10-21 18:05 - 2018-10-12 17:37 - 000522184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-10-21 18:05 - 2018-10-12 17:36 - 040254128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-10-21 18:05 - 2018-10-12 17:36 - 035151944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-10-21 18:05 - 2018-10-12 17:36 - 004937960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-10-21 18:05 - 2018-10-12 17:36 - 004310600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-10-21 18:05 - 2018-10-12 17:36 - 000750256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-10-21 18:05 - 2018-10-12 17:36 - 000608488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-10-21 18:05 - 2018-10-12 14:36 - 035298072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-10-21 18:05 - 2018-10-12 14:36 - 029973400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-10-21 18:05 - 2018-10-12 14:36 - 015907200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-10-21 18:05 - 2018-10-12 14:36 - 013202856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-10-21 18:05 - 2018-10-12 14:36 - 001462184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-10-21 18:05 - 2018-10-12 14:36 - 001167376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-10-21 18:05 - 2018-10-12 14:36 - 001145512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-10-21 18:05 - 2018-10-12 14:36 - 000914552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-10-21 18:05 - 2018-10-12 14:36 - 000794416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-10-21 18:05 - 2018-10-12 14:36 - 000637456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-10-21 18:05 - 2018-10-12 14:35 - 019705728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-10-21 18:05 - 2018-10-12 14:35 - 016984816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-10-21 18:05 - 2018-10-12 14:35 - 004990000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-10-21 18:05 - 2018-10-12 14:35 - 004249528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-10-21 18:05 - 2018-10-11 09:19 - 000048056 _____ C:\WINDOWS\system32\nvinfo.pb
2018-10-21 18:04 - 2018-10-21 18:06 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-10-21 16:39 - 2018-10-21 17:54 - 000000000 ____D C:\Users\Edo\AppData\Local\ESET
2018-10-21 16:26 - 2018-10-21 16:26 - 006122152 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Edo\Desktop\GPU-Z.2.13.0.exe
2018-10-20 14:40 - 2018-10-20 14:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office
2018-10-11 15:24 - 2018-10-11 15:24 - 000000000 ____D C:\WINDOWS\Panther
2018-10-10 13:24 - 2018-09-20 11:40 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-10-10 13:24 - 2018-09-20 11:37 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-10 13:24 - 2018-09-20 11:23 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-10-10 13:24 - 2018-09-20 11:22 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-10-10 13:24 - 2018-09-20 11:19 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-10-10 13:24 - 2018-09-20 11:18 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-10-10 13:24 - 2018-09-20 11:18 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-10-10 13:24 - 2018-09-20 11:18 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-10-10 13:24 - 2018-09-20 11:17 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-10 13:24 - 2018-09-20 11:17 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-10 13:24 - 2018-09-20 11:17 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-10-10 13:24 - 2018-09-20 11:17 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-10-10 13:24 - 2018-09-20 11:16 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-10 13:24 - 2018-09-20 10:46 - 001454440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-10 13:24 - 2018-09-20 10:35 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-10-10 13:24 - 2018-09-20 10:34 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-10-10 13:24 - 2018-09-20 10:30 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-10-10 13:24 - 2018-09-20 10:29 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-10-10 13:24 - 2018-09-20 10:29 - 002824704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-10 13:24 - 2018-09-20 10:29 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-10 13:24 - 2018-09-20 10:28 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-10-10 13:24 - 2018-09-20 08:43 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-10-10 13:24 - 2018-09-20 07:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-10-10 13:24 - 2018-09-20 06:29 - 006569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-10 13:24 - 2018-09-20 06:29 - 006039368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-10-10 13:24 - 2018-09-20 06:29 - 001989232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-10 13:24 - 2018-09-20 06:29 - 001513032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-10 13:24 - 2018-09-20 06:29 - 000357056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-10-10 13:24 - 2018-09-20 06:28 - 001129544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-10-10 13:24 - 2018-09-20 06:28 - 000581792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-10-10 13:24 - 2018-09-20 06:28 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-10-10 13:24 - 2018-09-20 06:21 - 022013440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-10-10 13:24 - 2018-09-20 06:17 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-10-10 13:24 - 2018-09-20 06:15 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-10-10 13:24 - 2018-09-20 06:13 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-10-10 13:24 - 2018-09-20 06:12 - 000272200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-10 13:24 - 2018-09-20 06:12 - 000269128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-10 13:24 - 2018-09-20 06:11 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-10-10 13:24 - 2018-09-20 06:11 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-10-10 13:24 - 2018-09-20 06:11 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-10-10 13:24 - 2018-09-20 06:11 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-10-10 13:24 - 2018-09-20 06:11 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-10-10 13:24 - 2018-09-20 06:10 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-10-10 13:24 - 2018-09-20 06:10 - 001221128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-10-10 13:24 - 2018-09-20 06:10 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-10-10 13:24 - 2018-09-20 06:10 - 000566800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-10-10 13:24 - 2018-09-20 06:10 - 000500536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-10 13:24 - 2018-09-20 06:10 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-10 13:24 - 2018-09-20 06:10 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-10-10 13:24 - 2018-09-20 06:10 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-10-10 13:24 - 2018-09-20 06:09 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-10-10 13:24 - 2018-09-20 06:09 - 007520096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-10 13:24 - 2018-09-20 06:09 - 007432136 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-10-10 13:24 - 2018-09-20 06:09 - 002825232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-10-10 13:24 - 2018-09-20 06:09 - 002462888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-10 13:24 - 2018-09-20 06:09 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-10 13:24 - 2018-09-20 06:09 - 001767096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-10 13:24 - 2018-09-20 06:09 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-10 13:24 - 2018-09-20 06:09 - 001097744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-10-10 13:24 - 2018-09-20 06:09 - 000885952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-10-10 13:24 - 2018-09-20 06:09 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-10-10 13:24 - 2018-09-20 06:09 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-10-10 13:24 - 2018-09-20 06:09 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-10-10 13:24 - 2018-09-20 06:08 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-10-10 13:24 - 2018-09-20 06:08 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-10-10 13:24 - 2018-09-20 05:53 - 025851392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-10-10 13:24 - 2018-09-20 05:46 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-10-10 13:24 - 2018-09-20 05:44 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-10-10 13:24 - 2018-09-20 05:44 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-10-10 13:24 - 2018-09-20 05:42 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-10-10 13:24 - 2018-09-20 05:42 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-10-10 13:24 - 2018-09-20 05:42 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-10-10 13:24 - 2018-09-20 05:41 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-10-10 13:24 - 2018-09-20 05:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-10-10 13:24 - 2018-09-20 05:41 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-10-10 13:24 - 2018-09-20 05:41 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-10-10 13:24 - 2018-09-20 05:41 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-10-10 13:24 - 2018-09-20 05:40 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-10 13:24 - 2018-09-20 05:40 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-10-10 13:24 - 2018-09-20 05:40 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-10-10 13:24 - 2018-09-20 05:38 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-10 13:24 - 2018-09-20 05:38 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-10 13:24 - 2018-09-20 05:37 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-10-10 13:24 - 2018-09-20 05:37 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-10-10 13:24 - 2018-09-20 05:36 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-10-10 13:24 - 2018-09-20 04:21 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-10-10 13:24 - 2018-09-20 03:28 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-09-28 23:11 - 2018-09-21 11:23 - 000257848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2018-09-28 23:11 - 2018-09-21 11:21 - 001786168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-09-28 23:11 - 2018-09-21 11:21 - 001626936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2018-09-28 23:11 - 2018-09-21 11:21 - 001422648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-09-28 23:11 - 2018-09-21 11:21 - 001038136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2018-09-28 23:11 - 2018-09-21 11:21 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2018-09-28 23:11 - 2018-09-21 11:21 - 000830264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2018-09-28 23:11 - 2018-09-21 11:21 - 000825144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-09-28 23:11 - 2018-09-21 11:21 - 000749880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-09-28 23:11 - 2018-09-21 11:21 - 000670008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2018-09-28 23:11 - 2018-09-21 11:21 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-09-28 23:11 - 2018-09-21 11:21 - 000495416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2018-09-28 23:11 - 2018-09-21 11:21 - 000399672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-09-28 23:11 - 2018-09-21 11:21 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2018-09-28 23:11 - 2018-09-21 11:21 - 000228152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2018-09-28 23:11 - 2018-09-21 11:21 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2018-09-28 23:11 - 2018-09-21 11:21 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2018-09-28 23:11 - 2018-09-21 11:21 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
2018-09-28 23:11 - 2018-09-21 11:21 - 000034304 _____ C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2018-09-28 23:11 - 2018-09-21 11:18 - 021386888 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-09-28 23:11 - 2018-09-21 11:01 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-09-28 23:11 - 2018-09-21 10:22 - 020381784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-09-28 23:11 - 2018-09-21 10:12 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-09-28 23:11 - 2018-09-21 06:14 - 000661056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-09-28 23:11 - 2018-09-21 06:13 - 000480568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-09-28 23:11 - 2018-09-21 06:12 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-09-28 23:11 - 2018-09-21 06:11 - 000753056 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-09-28 23:11 - 2018-09-21 06:09 - 004790160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-09-28 23:11 - 2018-09-21 06:09 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-09-28 23:11 - 2018-09-21 06:09 - 001427968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-09-28 23:11 - 2018-09-21 06:09 - 001062920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-09-28 23:11 - 2018-09-21 06:09 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-09-28 23:11 - 2018-09-21 06:08 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-09-28 23:11 - 2018-09-21 06:08 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-09-28 23:11 - 2018-09-21 06:08 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-09-28 23:11 - 2018-09-21 06:08 - 001456720 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-09-28 23:11 - 2018-09-21 06:08 - 001257864 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-09-28 23:11 - 2018-09-21 06:08 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-09-28 23:11 - 2018-09-21 06:08 - 000982600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-09-28 23:11 - 2018-09-21 06:08 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-09-28 23:11 - 2018-09-21 06:08 - 000261008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-09-28 23:11 - 2018-09-21 06:08 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-09-28 23:11 - 2018-09-21 06:07 - 000604664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-09-28 23:11 - 2018-09-21 05:58 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-09-28 23:11 - 2018-09-21 05:57 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-09-28 23:11 - 2018-09-21 05:57 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-09-28 23:11 - 2018-09-21 05:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-09-28 23:11 - 2018-09-21 05:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-09-28 23:11 - 2018-09-21 05:53 - 001006080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-09-28 23:11 - 2018-09-21 05:43 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-09-28 23:11 - 2018-09-21 05:42 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-09-28 23:11 - 2018-09-21 05:41 - 003396096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-09-28 23:11 - 2018-09-21 05:40 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-09-28 23:11 - 2018-09-21 05:39 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-09-28 23:11 - 2018-09-21 05:39 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-09-28 23:11 - 2018-09-21 05:39 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-09-28 23:11 - 2018-09-21 05:39 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-09-28 23:11 - 2018-09-21 05:38 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-09-28 23:11 - 2018-09-21 05:38 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-09-28 23:11 - 2018-09-21 05:37 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-09-28 23:11 - 2018-09-21 05:37 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-09-28 23:11 - 2018-09-21 05:37 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-09-28 23:11 - 2018-09-21 05:37 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-09-28 23:11 - 2018-09-21 05:36 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-09-28 23:11 - 2018-09-21 05:36 - 001034240 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-09-28 23:11 - 2018-09-21 05:36 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-09-28 23:11 - 2018-09-21 05:36 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-09-28 23:11 - 2018-09-21 05:36 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-22 11:05 - 2016-07-30 19:00 - 000000000 ____D C:\Users\Edo\AppData\LocalLow\Mozilla
2018-10-22 11:04 - 2018-05-01 15:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-22 11:04 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-22 00:06 - 2018-04-11 23:04 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2018-10-22 00:03 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-10-21 23:54 - 2018-04-27 13:01 - 000000000 ____D C:\Users\Edo\AppData\Local\GameCenter
2018-10-21 23:53 - 2016-12-14 20:14 - 000000000 ____D C:\ProgramData\TruckersMP
2018-10-21 23:50 - 2018-05-01 14:56 - 000422600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-21 23:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-10-21 23:49 - 2018-04-12 19:25 - 000000000 ____D C:\WINDOWS\Containers
2018-10-21 23:49 - 2018-04-12 19:08 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-10-21 23:49 - 2018-04-12 19:07 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\ta-in
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\si-lk
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\setup
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\am-et
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-10-21 23:49 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-10-21 23:49 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-10-21 23:48 - 2018-05-01 14:57 - 018801200 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-21 23:48 - 2018-05-01 14:57 - 000000000 ____D C:\Users\Edo
2018-10-21 23:48 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-21 23:48 - 2015-11-20 00:48 - 013360900 _____ C:\WINDOWS\system32\perfh01B.dat
2018-10-21 23:48 - 2015-11-20 00:48 - 004193372 _____ C:\WINDOWS\system32\perfc01B.dat
2018-10-21 23:41 - 2018-05-01 14:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-10-21 23:26 - 2012-03-21 12:38 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2018-10-21 23:24 - 2013-04-01 19:04 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2018-10-21 22:28 - 2017-04-08 19:07 - 000000000 ____D C:\Program Files (x86)\Steam
2018-10-21 19:48 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-21 19:31 - 2014-03-25 18:06 - 000129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2018-10-21 18:06 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Help
2018-10-21 18:06 - 2017-12-12 21:41 - 000000000 ____D C:\Temp
2018-10-21 18:01 - 2012-05-18 19:05 - 000000000 ____D C:\ProgramData\Intel
2018-10-21 18:01 - 2012-03-21 12:11 - 000000000 ____D C:\Program Files\Intel
2018-10-21 16:25 - 2018-09-12 20:49 - 000003810 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-10-21 00:26 - 2014-07-25 20:30 - 000000000 ____D C:\Users\Edo\AppData\Local\Ubisoft Game Launcher
2018-10-20 14:40 - 2018-07-29 17:34 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-10-20 14:40 - 2018-07-29 17:34 - 000002484 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-10-20 14:40 - 2018-07-29 17:34 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-10-20 14:40 - 2018-07-29 17:34 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-10-20 14:40 - 2018-06-14 14:39 - 000002563 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-10-20 14:40 - 2018-06-14 14:39 - 000002480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-10-20 14:40 - 2018-06-14 14:39 - 000002475 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-10-20 14:40 - 2012-08-16 23:02 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-10-20 13:33 - 2017-10-19 23:30 - 000000000 ____D C:\Users\Edo\AppData\Roaming\Origin
2018-10-20 13:33 - 2013-03-02 00:31 - 000000000 ____D C:\ProgramData\Origin
2018-10-20 13:32 - 2016-10-09 22:14 - 000000000 ____D C:\Program Files (x86)\Origin Games
2018-10-19 15:34 - 2012-03-21 13:53 - 000000000 ____D C:\Users\Edo\AppData\Roaming\vlc
2018-10-19 14:49 - 2017-07-18 17:06 - 000000000 ____D C:\Users\Edo\AppData\Local\Warframe
2018-10-17 16:21 - 2018-01-03 16:46 - 000000000 ____D C:\Users\Edo\Desktop\zivotopisy ziadosti
2018-10-17 16:12 - 2017-10-19 02:29 - 000000000 ____D C:\Users\Edo\AppData\Local\Packages
2018-10-16 13:44 - 2012-03-21 12:34 - 000559880 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-10-10 16:40 - 2017-10-19 23:25 - 000000000 ____D C:\Program Files (x86)\Origin
2018-10-10 13:26 - 2013-07-09 22:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-10-10 13:25 - 2012-03-21 13:30 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-10-08 13:59 - 2018-01-24 16:40 - 000000000 ____D C:\Users\Edo\Desktop\F1 2017 mods
2018-10-07 22:12 - 2014-06-20 16:44 - 000000000 ____D C:\Users\Edo\Documents\Euro Truck Simulator 2
2018-10-04 22:19 - 2017-05-11 21:33 - 000000000 ____D C:\Users\Edo\AppData\Local\ElevatedDiagnostics
2018-10-04 19:46 - 2017-03-06 18:23 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-10-04 19:46 - 2012-03-21 12:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-03 16:22 - 2018-06-06 18:16 - 000001735 _____ C:\Users\Edo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-10-03 16:22 - 2017-11-09 14:26 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-10-02 22:13 - 2018-04-12 01:41 - 000835152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-10-02 22:13 - 2018-04-12 01:41 - 000179792 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-10-01 14:53 - 2013-04-05 15:17 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2018-10-01 14:53 - 2012-03-21 13:42 - 000000000 ____D C:\Users\Edo\AppData\Roaming\TS3Client
2018-09-28 23:17 - 2017-10-19 02:33 - 000000000 ___RD C:\Users\Edo\3D Objects
2018-09-28 23:17 - 2015-11-18 02:18 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-09-28 23:12 - 2018-04-12 01:34 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-09-25 20:38 - 2018-03-01 16:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Files in the root of some directories =======

2012-05-07 21:57 - 2014-01-17 22:21 - 000000457 _____ () C:\Users\Edo\AppData\Roaming\Drives Monitor_Settings.ini
2018-03-05 20:35 - 2018-03-17 19:36 - 000002312 _____ () C:\Users\Edo\AppData\Roaming\Startup.Profile_ImageEngine
2014-06-20 17:27 - 2014-06-20 17:40 - 000000000 _____ () C:\Users\Edo\AppData\Roaming\SupportPrinters
2014-06-20 17:26 - 2014-06-20 17:26 - 000000268 ___RH () C:\Users\Edo\AppData\Roaming\Themes
2016-07-14 12:25 - 2016-07-14 12:26 - 000000000 _____ () C:\Users\Edo\AppData\Local\Driver_LOM_8171Present.flag
2012-03-23 23:07 - 2016-11-19 03:02 - 002370560 _____ () C:\Users\Edo\AppData\Local\file__0.localstorage
2013-05-03 22:08 - 2013-09-20 17:12 - 000000989 _____ () C:\Users\Edo\AppData\Local\killertool.log
2013-04-15 15:11 - 2013-04-15 15:13 - 000000600 _____ () C:\Users\Edo\AppData\Local\PUTTY.RND
2012-03-22 00:15 - 2016-10-12 00:19 - 000007596 _____ () C:\Users\Edo\AppData\Local\Resmon.ResmonCfg
2015-03-08 18:42 - 2015-03-08 18:42 - 000000400 _____ () C:\Users\Edo\AppData\Local\Temp-log.txt

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-01 14:56

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.swellsearch.info/?l=1&q={searchTerms}&pid=21242&r=2015/03/08&hid=12967995321305785416&lg=EN&cc=SK&unqvl=84
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.swellsearch.info/?l=1&q={searchTerms}&pid=21242&r=2015/03/08&hid=12967995321305785416&lg=EN&cc=SK&unqvl=84
SearchScopes: HKU\S-1-5-21-346989771-1160639889-3117841305-1000 -> DefaultScope {601EAC53-BB21-4B2D-830F-30A6DA4FC674} URL =
SearchScopes: HKU\S-1-5-21-346989771-1160639889-3117841305-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&r=514
SearchScopes: HKU\S-1-5-21-346989771-1160639889-3117841305-1000 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.swellsearch.info/?l=1&q={searchTerms}&pid=21242&r=2015/03/08&hid=12967995321305785416&lg=EN&cc=SK&unqvl=84
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} hxxp://195.28.70.134/kapor2/lib/mgaxctrl.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin HKU\S-1-5-21-346989771-1160639889-3117841305-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Edo\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-346989771-1160639889-3117841305-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Edo\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll [No File]
CHR Extension: (Oogle) - C:\Users\Edo\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\hnldbiikfjheppkbnjbnkgimnfejifpf [2015-08-10] [UpdateUrl: hxxps://mynamedomain.koko//0service/update2/crx] <==== ATTENTION
U3 idsvc; no ImagePath
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> [CC]{57CE581A-0CB6-4266-9CA0-19364C90A0B3} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
Task: {4580D94D-E4E5-4E1C-9981-D99C557B8498} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [118]
AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [146]
AlternateDataStreams: C:\ProgramData\TEMP:638E6F6B [136]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Eddward]

Rano ked som spustil PC tak nabehlo v poriadku. Vcera ma este napadla vec ze vypnem cez msconfig vsetky sluzby okrem Microsoftu t.j. clean boot, mal som pocit ze to pomohlo, lebo 3x som potom restartoval PC a nabehol so sietou OK. Myslel som si ze to bude nejaka sluzba, ale potom som zapol znova vsetky tie sluzby a tak isto nabehol 3x. Nerozumiem uz asi nicomu.
Po vcerajsom precisteni AdwCleanerom, sa este nic nezmenilo.

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by Edo (22-10-2018 16:30:07) Run:1
Running from C:\Users\Edo\Desktop
Loaded Profiles: Edo (Available Profiles: Edo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.swellsearch.info/?l=1&q={searchTerms}&pid=21242&r=2015/03/08&hid=12967995321305785416&lg=EN&cc=SK&unqvl=84
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.swellsearch.info/?l=1&q={searchTerms}&pid=21242&r=2015/03/08&hid=12967995321305785416&lg=EN&cc=SK&unqvl=84
SearchScopes: HKU\S-1-5-21-346989771-1160639889-3117841305-1000 -> DefaultScope {601EAC53-BB21-4B2D-830F-30A6DA4FC674} URL =
SearchScopes: HKU\S-1-5-21-346989771-1160639889-3117841305-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&r=514
SearchScopes: HKU\S-1-5-21-346989771-1160639889-3117841305-1000 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.swellsearch.info/?l=1&q={searchTerms}&pid=21242&r=2015/03/08&hid=12967995321305785416&lg=EN&cc=SK&unqvl=84
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} hxxp://195.28.70.134/kapor2/lib/mgaxctrl.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin HKU\S-1-5-21-346989771-1160639889-3117841305-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Edo\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-346989771-1160639889-3117841305-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Edo\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll [No File]
CHR Extension: (Oogle) - C:\Users\Edo\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\hnldbiikfjheppkbnjbnkgimnfejifpf [2015-08-10] [UpdateUrl: hxxps://mynamedomain.koko//0service/update2/crx] <==== ATTENTION
U3 idsvc; no ImagePath
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> [CC]{57CE581A-0CB6-4266-9CA0-19364C90A0B3} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
Task: {4580D94D-E4E5-4E1C-9981-D99C557B8498} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [118]
AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [146]
AlternateDataStreams: C:\ProgramData\TEMP:638E6F6B [136]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)

EmptyTemp:
End
*****************

Processes closed successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE} => not found
"HKU\S-1-5-21-346989771-1160639889-3117841305-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-346989771-1160639889-3117841305-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKU\S-1-5-21-346989771-1160639889-3117841305-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE} => removed successfully
HKLM\Software\Classes\CLSID\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{62789780-B744-11D0-986B-00609731A21D} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{62789780-B744-11D0-986B-00609731A21D} => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\skype4com => removed successfully
HKLM\Software\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} => not found
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4 => removed successfully
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5 => removed successfully
HKU\S-1-5-21-346989771-1160639889-3117841305-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=3 => removed successfully
"C:\Users\Edo\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll" => not found
HKU\S-1-5-21-346989771-1160639889-3117841305-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=9 => removed successfully
"C:\Users\Edo\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll" => not found
CHR Extension: (Oogle) - C:\Users\Edo\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\hnldbiikfjheppkbnjbnkgimnfejifpf [2015-08-10] [UpdateUrl: hxxps://mynamedomain.koko//0service/update2/crx] <==== ATTENTION => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MBAMShlExt => removed successfully
HKLM\Software\Classes\CLSID\[CC]{57CE581A-0CB6-4266-9CA0-19364C90A0B3} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
"HKU\\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKU\\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKU\\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4580D94D-E4E5-4E1C-9981-D99C557B8498}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4580D94D-E4E5-4E1C-9981-D99C557B8498}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully
C:\ProgramData\TEMP => ":4FC01C57" ADS removed successfully
C:\ProgramData\TEMP => ":638E6F6B" ADS removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 106936326 B
Java, Flash, Steam htmlcache => 801989629 B
Windows/system/drivers => 1393533 B
Edge => 2197233 B
Chrome => 750157110 B
Firefox => 1138388378 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 58670 B
NetworkService => 0 B
Edo => 37148125 B

RecycleBin => 0 B
EmptyTemp: => 2.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:31:27 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[Eddward]

Momentalne sa to zda v poriadku. PC nabieha normalne aj po niekolkych restartoch.
Bolo tam nieco vaznejsie ?
Kazdopadne dakujem za pomoc.

[Rudy]

AdWary a zbytečnosti. Nemáte zač!

[Eddward]

myslim ze sa nam to uplne nepodarilo vyriesit, dnes mi PC nabehol, ale zostal prakticky v zamrznutom stave po nacitani plochy, neslo na nic kliknut ani spustit, len tvrdy reset...
po restarte to uz nabehlo bez problemov... nieco asi nie je OK pri starte, ale neprejavuje sa to vzdy

[Rudy]

Ještě proveďte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

[Eddward]

Snad je to ono:
Malwarebytes
www.malwarebytes.com

-Podrobnosti denníka-
Dátum skenovania: 24. 10. 2018
Čas skenovania: 15:13
Súbor denníka: aa607188-d78e-11e8-9397-309c2348b8f7.json

-Údaje o softvéri-
Verzia: 3.6.1.2711
Verzia súčastí: 1.0.463
Aktualizovať verziu balíka: 1.0.7505
Licencia: Skúšobná verzia

-Systémové informácie-
OS: Windows 10 (Build 17134.345)
Procesor: x64
Systém súborov: NTFS
Používateľ: Edo-PC\Edo

-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Skenovanie bolo spustené: Manuálne
Výsledok: Dokončené
Preskenované objekty: 319897
Zistené hrozby: 12
Hrozby umiestnené do karantény: 0
Uplynulý čas: 1 min, 34 s

-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Zistiť
PUM: Zistiť

-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)

Modul: 0
(Nezistili sa nijaké škodlivé položky)

Kľúč databázy Registry: 1
PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550355535536}, Bez zásahu používateľa, [405], [324197],1.0.7505

Hodnota databázy Registry: 1
PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550355535536}|, Bez zásahu používateľa, [405], [324197],1.0.7505

Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)

Priečinok: 2
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Edo\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\hnldbiikfjheppkbnjbnkgimnfejifpf\207, Bez zásahu používateľa, [14336], [443225],1.0.7505
PUP.Optional.ModifiedHijackedExtension.Generic, C:\USERS\EDO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\GUEST PROFILE\EXTENSIONS\HNLDBIIKFJHEPPKBNJBNKGIMNFEJIFPF, Bez zásahu používateľa, [14336], [443225],1.0.7505

Súbor: 8
PUP.Optional.ModifiedHijackedExtension.Generic, C:\USERS\EDO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Guest Profile\Secure Preferences, Bez zásahu používateľa, [14336], [443225],1.0.7505
PUP.Optional.ModifiedHijackedExtension.Generic, C:\USERS\EDO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\GUEST PROFILE\EXTENSIONS\HNLDBIIKFJHEPPKBNJBNKGIMNFEJIFPF\207\MANIFEST.JSON, Bez zásahu používateľa, [14336], [443225],1.0.7505
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Edo\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\hnldbiikfjheppkbnjbnkgimnfejifpf\207\background.html, Bez zásahu používateľa, [14336], [443225],1.0.7505
PUP.Optional.Delta, C:\USERS\EDO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Bez zásahu používateľa, [279], [455070],1.0.7505
PUP.Optional.Delta, C:\USERS\EDO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Bez zásahu používateľa, [279], [455070],1.0.7505
PUP.Optional.Delta, C:\USERS\EDO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Bez zásahu používateľa, [279], [455070],1.0.7505
PUP.Optional.Delta, C:\USERS\EDO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Bez zásahu používateľa, [279], [455070],1.0.7505
PUP.Optional.Delta, C:\USERS\EDO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Bez zásahu používateľa, [279], [455070],1.0.7505

Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)

WMI: 0
(Nezistili sa nijaké škodlivé položky)


(end)

[Rudy]

Je to ono a všechny nalezené položky smažte.

[Eddward]

Vymazane

Malwarebytes
http://www.malwarebytes.com

-Podrobnosti denníka-
Dátum skenovania: 24. 10. 2018
Čas skenovania: 16:29
Súbor denníka: 3e0c9e48-d799-11e8-b3f7-309c2348b8f7.json

-Údaje o softvéri-
Verzia: 3.6.1.2711
Verzia súčastí: 1.0.463
Aktualizovať verziu balíka: 1.0.7505
Licencia: Skúšobná verzia

-Systémové informácie-
OS: Windows 10 (Build 17134.345)
Procesor: x64
Systém súborov: NTFS
Používateľ: Edo-PC\Edo

-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Skenovanie bolo spustené: Manuálne
Výsledok: Dokončené
Preskenované objekty: 319818
Zistené hrozby: 0
Hrozby umiestnené do karantény: 0
Uplynulý čas: 0 min, 22 s

-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Zistiť
PUM: Zistiť

-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)

Modul: 0
(Nezistili sa nijaké škodlivé položky)

Kľúč databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Hodnota databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)

Priečinok: 0
(Nezistili sa nijaké škodlivé položky)

Súbor: 0
(Nezistili sa nijaké škodlivé položky)

Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)

WMI: 0
(Nezistili sa nijaké škodlivé položky)


(end)



Ako nemam z toho nejaky dobry pocit, lebo sa to nedeje pravidelne a toto bol prakticky trochu iny stav ako tie predtym.
Skusal som aj skontrolovat integritu systemu Windows cez prikaz sfc ale nic nenaslo.