Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

PC podezření na zavirování.

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
gold
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 15 srp 2018 11:28

PC podezření na zavirování.

#1 Příspěvek od gold »

Prosím o pomoc.PC hlásí,že došlo k chybám a že po kontrole musí být proveden restart. Zamrzá tak 1x za hodinu cca na minutu.Často pracuje disk na 100proc.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.12.2018 01
Ran by oldřich (administrator) on OLDA (05-12-2018 12:33:23)
Running from C:\Users\oldřich\Downloads
Loaded Profiles: oldřich (Available Profiles: oldřich)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(C. Ghisler & Co.) C:\totalcmd\TOTALCMD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-21] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] ()
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare)
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49805160 2018-11-09] (Skype Technologies S.A.)
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [AvastBrowserAutoLaunch_D94630ADFD9E294522375000616C5DA7] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1819312 2018-11-16] (AVAST Software)
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net)
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [McAfeeSafeConnect] => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\oldřich\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\oldřich\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-08-24] (Piriform Ltd)
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [GoogleChromeAutoLaunch_FE6A20CA7E40AA098E515C3A3E39A34B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589080 2018-11-16] (Google Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2B5E2A4C-36C6-4596-B56D-BC3F15599931}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================

FireFox:
========
FF DefaultProfile: hac9qjf3.default
FF ProfilePath: C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\hac9qjf3.default [2018-12-05]
FF Homepage: Mozilla\Firefox\Profiles\hac9qjf3.default -> hxxps://cz2.herozerogame.com/|hxxps://s1-cz.tanoth.gameforge.com/
FF NewTab: Mozilla\Firefox\Profiles\hac9qjf3.default -> about:newtab
FF NewTabOverride: Mozilla\Firefox\Profiles\hac9qjf3.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\hac9qjf3.default\Extensions\sp@avast.com.xpi [2018-11-15]
FF Extension: (Avast Online Security) - C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\hac9qjf3.default\Extensions\wrc@avast.com.xpi [2018-11-21]
FF SearchPlugin: C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\hac9qjf3.default\searchplugins\google-avast.xml [2018-09-19]
FF HKLM-x32\...\Firefox\Extensions: [{8B1E27AE-119E-456b-B22E-08C61FACB097}] - C:\Program Files (x86)\Tomabo\MP4 Converter\MP4D_FF.xpi
FF Extension: (MP4 Downloader Extension) - C:\Program Files (x86)\Tomabo\MP4 Converter\MP4D_FF.xpi [2016-07-26] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_153.dll [2018-11-20] ()
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_153.dll [2018-11-20] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-12-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://mysearch.avg.com/?cid={45DD1CF7-3D04-434F-A055-272FDE9E94D8}&mid=028d32a7d62f47d39d2a057438b6981c-92518a0fdba704d147702791a4152f31ba6bf657&lang=en&ds=co011&pr=sa&d=2013-06-28 19:05:03&v=15.3.0.11&pid=safeguard&sg=0&sap=hp
CHR StartupUrls: Default -> "hxxps://www.myfreezoo.cz/game/","hxxps://s1-cz. ... ogame.com/"
CHR Profile: C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default [2018-12-05]
CHR Extension: (Překladač Google) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-09-03]
CHR Extension: (Prezentace) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-03]
CHR Extension: (Dokumenty) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-03]
CHR Extension: (Disk Google) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-03]
CHR Extension: (YouTube) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-03]
CHR Extension: (Adblock Plus) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-04]
CHR Extension: (Aliexpress SuperStar) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2018-11-30]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2018-09-27]
CHR Extension: (Adobe Acrobat) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-09-07]
CHR Extension: (Spyware Terminator Internet Guard) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\elbjpfdfllhaioofjgmiaekihidancnc [2018-09-03]
CHR Extension: (uBlock) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2018-11-23]
CHR Extension: (Tabulky) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-03]
CHR Extension: (CastBuddy) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghagedffjalchgcgdgfindabkpnmalel [2018-10-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-03]
CHR Extension: (Reklamy blokátor pro YouTube ™) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2018-09-03]
CHR Extension: (FormApps Extension) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2018-09-03]
CHR Extension: (PlayTo for Chromecast™) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\jngkenaoceimiimeokpdbmejeonaaami [2018-09-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-03]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2018-12-05]
CHR Extension: (Gmail) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-09-03]
CHR Extension: (Chrome Media Router) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-03]
CHR Profile: C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\System Profile [2018-09-25]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-11-21] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-03] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-11-21] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-03] (AVAST Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
S3 WSService; C:\Windows\System32\WSService.dll [3460472 2014-11-21] (Microsoft Corporation) [File not signed]
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Ultimate(CPC)\Transfer\DriverInstall.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\Windows\system32\DRIVERS\aftap0901.sys [48624 2018-03-06] (The OpenVPN Project)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201240 2018-11-21] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230344 2018-11-21] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201768 2018-11-21] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346592 2018-11-21] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59496 2018-11-21] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239840 2018-11-26] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46384 2018-11-21] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2018-11-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163208 2018-11-21] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111800 2018-11-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87432 2018-11-21] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028680 2018-11-21] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469272 2018-11-21] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208472 2018-11-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380464 2018-11-21] (AVAST Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-05 12:33 - 2018-12-05 12:33 - 000016070 _____ C:\Users\oldřich\Downloads\FRST.txt
2018-12-05 12:33 - 2018-12-05 12:33 - 000000000 ____D C:\FRST
2018-12-05 12:29 - 2018-12-05 12:29 - 002417152 _____ (Farbar) C:\Users\oldřich\Downloads\FRST64.exe
2018-12-05 12:22 - 2018-12-05 12:22 - 000287904 _____ C:\Windows\Minidump\120518-15578-01.dmp
2018-12-05 10:44 - 2018-12-05 10:44 - 000000096 ____H C:\Users\oldřich\Desktop\.~lock.ZOO.ods_0.ods#
2018-12-04 14:27 - 2018-12-04 14:30 - 734454064 _____ C:\Users\oldřich\Downloads\Cooganův-trik---1968.avi
2018-12-03 20:14 - 2018-12-03 20:49 - 387909423 _____ C:\Users\oldřich\Downloads\Kriminálka Miami 03x04 - Blesková vražda (1).avi
2018-12-03 19:49 - 2018-12-03 20:10 - 387909423 _____ C:\Users\oldřich\Downloads\Kriminálka Miami 03x04 - Blesková vražda.avi
2018-12-02 23:10 - 2018-12-02 23:39 - 313053114 _____ C:\Users\oldřich\Downloads\Kriminálka Miami 03x03 - Pod vlivem.avi
2018-12-02 21:46 - 2018-12-02 21:46 - 000002316 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-02 21:46 - 2018-12-02 21:46 - 000002275 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-12-02 21:45 - 2018-12-02 21:45 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-02 21:45 - 2018-12-02 21:45 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-02 21:29 - 2018-12-02 21:33 - 880199389 _____ C:\Users\oldřich\Downloads\856 Ordinace v růžové zahradě 2 - 856.mp4
2018-12-01 21:40 - 2018-12-01 21:40 - 000279656 _____ C:\Windows\Minidump\120118-16343-01.dmp
2018-12-01 15:26 - 2018-12-01 15:26 - 001130840 _____ (Google Inc.) C:\Users\oldřich\Downloads\ChromeSetup.exe
2018-11-30 18:42 - 2018-11-30 18:42 - 000287736 _____ C:\Windows\Minidump\113018-15250-01.dmp
2018-11-29 22:38 - 2018-11-29 22:44 - 1305274092 _____ C:\Users\oldřich\Downloads\Ready Player One - Hra zacina (2018 BluRay 720p AC3 - CZ dabing).mkv
2018-11-29 19:52 - 2018-11-29 19:53 - 476377286 _____ C:\Users\oldřich\Downloads\Modrý kód 139-Polibek brouka-28.11.18.avi
2018-11-21 17:59 - 2018-11-21 17:59 - 000279600 _____ C:\Windows\Minidump\112118-22843-01.dmp
2018-11-21 13:23 - 2018-11-21 13:22 - 000378584 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-11-16 18:23 - 2018-11-16 18:24 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2018-11-16 18:23 - 2018-11-16 18:23 - 000001019 _____ C:\Users\oldřich\Desktop\SpeedFan.lnk
2018-11-16 18:23 - 2018-11-16 18:23 - 000000045 _____ C:\Windows\SysWOW64\initdebug.nfo
2018-11-16 18:23 - 2018-11-16 18:23 - 000000000 ____D C:\Users\oldřich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2018-11-16 18:18 - 2018-11-16 18:18 - 000009216 ___SH C:\Users\oldřich\Downloads\Thumbs.db
2018-11-14 12:14 - 2018-10-25 01:54 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2018-11-14 12:14 - 2018-10-25 01:51 - 000121344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2018-11-14 12:14 - 2018-10-25 01:46 - 000205824 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2018-11-14 12:14 - 2018-10-25 01:45 - 000168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2018-11-14 12:14 - 2018-10-18 03:48 - 025737728 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-11-14 12:14 - 2018-10-18 03:17 - 020281344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-11-14 12:14 - 2018-10-16 04:46 - 007371720 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-11-14 12:14 - 2018-10-16 04:39 - 002171800 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2018-11-14 12:14 - 2018-10-16 04:39 - 001662504 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-11-14 12:14 - 2018-10-16 04:39 - 001063368 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2018-11-14 12:14 - 2018-10-16 04:18 - 001137472 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-11-14 12:14 - 2018-10-16 04:02 - 001563584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2018-11-14 12:14 - 2018-10-16 04:02 - 001214920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-11-14 12:14 - 2018-10-12 21:35 - 000862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-11-14 12:14 - 2018-10-12 21:26 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-11-14 12:14 - 2018-10-12 21:25 - 000189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2018-11-14 12:14 - 2018-10-12 21:22 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-11-14 12:14 - 2018-10-12 21:17 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-11-14 12:14 - 2018-10-12 21:16 - 000148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2018-11-14 12:14 - 2018-10-12 21:16 - 000131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2018-11-14 12:14 - 2018-10-12 21:03 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-11-14 12:14 - 2018-10-12 21:00 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-11-14 12:14 - 2018-10-12 20:59 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-11-14 12:14 - 2018-10-12 20:57 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-11-14 12:14 - 2018-10-12 20:56 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-11-14 12:14 - 2018-10-12 20:51 - 000267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2018-11-14 12:14 - 2018-10-12 20:47 - 001049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-11-14 12:14 - 2018-10-12 20:42 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-11-14 12:14 - 2018-10-12 20:38 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-11-14 12:14 - 2018-10-12 20:36 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-11-14 12:14 - 2018-10-12 03:16 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\dispex.dll
2018-11-14 12:14 - 2018-10-12 03:12 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-11-14 12:14 - 2018-10-12 03:10 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-11-14 12:14 - 2018-10-12 03:10 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2018-11-14 12:14 - 2018-10-12 03:01 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-11-14 12:14 - 2018-10-12 02:59 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-11-14 12:14 - 2018-10-12 02:59 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-11-14 12:14 - 2018-10-12 02:58 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2018-11-14 12:14 - 2018-10-12 02:58 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2018-11-14 12:14 - 2018-10-12 02:35 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-11-14 12:14 - 2018-10-12 02:30 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-11-14 12:14 - 2018-10-12 02:27 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-11-14 12:14 - 2018-10-12 02:27 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-11-14 12:14 - 2018-10-12 02:25 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-11-14 12:14 - 2018-10-12 02:19 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-11-14 12:14 - 2018-10-12 02:17 - 000809984 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-11-14 12:14 - 2018-10-12 02:12 - 002882048 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-11-14 12:14 - 2018-10-12 02:06 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-11-14 12:14 - 2018-10-12 01:55 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-11-14 12:14 - 2018-10-06 19:14 - 001547192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-11-14 12:14 - 2018-10-06 19:14 - 000388536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-11-14 12:14 - 2018-10-06 19:04 - 001308976 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-11-14 12:14 - 2018-10-06 19:03 - 000356288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-11-14 12:14 - 2018-10-06 17:48 - 004168192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-11-14 12:14 - 2018-10-06 16:41 - 002465792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2018-11-14 12:14 - 2018-10-06 16:34 - 002175488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2018-11-14 12:14 - 2018-10-06 16:32 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-11-14 12:14 - 2018-09-28 14:38 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2018-11-14 12:14 - 2018-09-28 14:34 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll
2018-11-14 12:14 - 2018-09-23 17:47 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-11-14 12:14 - 2018-09-23 17:45 - 000468992 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2018-11-14 12:14 - 2018-09-23 17:45 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2018-11-14 12:14 - 2018-09-23 17:37 - 000774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-11-14 12:14 - 2018-09-23 17:24 - 003631616 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-11-14 12:14 - 2018-09-23 17:23 - 000391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2018-11-14 12:14 - 2018-09-23 17:23 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2018-11-14 12:14 - 2018-09-23 17:20 - 002750464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2018-11-14 12:14 - 2018-09-23 17:17 - 000699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2018-11-14 12:14 - 2018-09-23 17:00 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2018-11-14 12:14 - 2018-09-23 17:00 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2018-11-14 12:14 - 2018-09-23 16:58 - 000904192 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-11-14 12:14 - 2018-09-23 16:56 - 002551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-11-14 12:14 - 2018-09-23 16:53 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2018-11-14 12:14 - 2018-09-23 16:51 - 001920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2018-11-14 12:14 - 2018-09-23 16:50 - 000709632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2018-11-14 12:14 - 2018-09-12 19:30 - 000137008 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-11-14 12:14 - 2018-09-11 16:30 - 003718144 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-11-14 12:14 - 2018-08-26 04:38 - 001200640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2018-11-14 12:14 - 2018-08-26 04:38 - 000323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2018-11-14 12:14 - 2018-08-26 04:21 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2018-11-14 12:14 - 2018-08-26 04:21 - 000200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2018-11-14 12:14 - 2018-08-26 02:45 - 000513448 _____ C:\Windows\SysWOW64\locale.nls
2018-11-14 12:14 - 2018-08-26 02:45 - 000513448 _____ C:\Windows\system32\locale.nls
2018-11-14 12:14 - 2018-08-21 14:39 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-11-14 12:14 - 2018-08-21 14:35 - 000358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-11-14 12:14 - 2018-08-19 17:22 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-11-14 12:14 - 2018-08-19 16:52 - 001436672 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-11-14 12:14 - 2018-08-19 16:43 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-11-12 22:23 - 2018-11-12 22:26 - 671317184 _____ C:\Users\oldřich\Downloads\31s.cz - Jízda.avi
2018-11-12 22:12 - 2018-11-12 22:22 - 1746258464 _____ C:\Users\oldřich\Downloads\31s.cz - Restart.mkv
2018-11-11 22:31 - 2018-11-11 23:50 - 876217726 _____ C:\Users\oldřich\Downloads\John Wick 1 - Akční 2014 CZdab (dublsoft).mp4
2018-11-07 01:30 - 2018-11-07 01:31 - 002425125 _____ C:\Users\oldřich\Downloads\videoplayback.m4a

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-05 12:23 - 2018-09-06 09:40 - 000000000 ____D C:\Users\oldřich\AppData\Local\CrashDumps
2018-12-05 12:22 - 2018-09-25 17:47 - 597067036 _____ C:\Windows\MEMORY.DMP
2018-12-05 12:22 - 2018-09-03 14:58 - 000000000 ____D C:\Windows\Minidump
2018-12-05 12:22 - 2018-09-03 00:27 - 000000000 ____D C:\Users\oldřich
2018-12-05 12:22 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-05 10:59 - 2018-09-03 00:34 - 000003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D300AD43-1DAD-4CA1-BFE2-4610B487236A}
2018-12-04 22:59 - 2018-09-25 18:12 - 000000000 ____D C:\Users\oldřich\AppData\Roaming\vlc
2018-12-04 16:51 - 2018-09-03 00:37 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3829940882-3502807747-84982314-1001
2018-12-04 16:09 - 2018-09-10 22:23 - 000000000 ____D C:\Users\oldřich\AppData\Roaming\Seznam.cz
2018-12-04 16:07 - 2018-09-03 00:59 - 000000000 ____D C:\Users\oldřich\AppData\LocalLow\Mozilla
2018-12-04 16:06 - 2018-09-03 00:33 - 000000000 ___DO C:\Users\oldřich\OneDrive
2018-12-04 16:02 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-12-03 16:00 - 2014-11-21 05:53 - 001661154 _____ C:\Windows\system32\PerfStringBackup.INI
2018-12-03 16:00 - 2014-11-21 05:10 - 000705162 _____ C:\Windows\system32\perfh005.dat
2018-12-03 16:00 - 2014-11-21 05:10 - 000143922 _____ C:\Windows\system32\perfc005.dat
2018-12-03 16:00 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2018-12-02 21:46 - 2018-09-03 00:37 - 000000000 ____D C:\Program Files (x86)\Google
2018-12-02 21:27 - 2018-09-08 16:36 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2018-12-02 21:26 - 2018-09-03 00:49 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-11-30 18:54 - 2018-09-03 00:34 - 000000000 __SHD C:\Users\oldřich\AppData\LocalLow\EmieUserList
2018-11-30 18:54 - 2018-09-03 00:34 - 000000000 __SHD C:\Users\oldřich\AppData\LocalLow\EmieSiteList
2018-11-30 18:54 - 2018-09-03 00:34 - 000000000 __SHD C:\Users\oldřich\AppData\Local\EmieUserList
2018-11-30 18:54 - 2018-09-03 00:34 - 000000000 __SHD C:\Users\oldřich\AppData\Local\EmieSiteList
2018-11-30 18:46 - 2018-09-03 00:49 - 000000000 ____D C:\Users\oldřich\AppData\Local\AVAST Software
2018-11-30 18:32 - 2018-09-19 14:15 - 000002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-11-30 18:32 - 2018-09-07 23:32 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-11-30 18:32 - 2018-09-04 20:48 - 000003176 _____ C:\Windows\System32\Tasks\{88BB4075-CDE1-4920-A443-5F07D09E1A1C}
2018-11-30 18:32 - 2018-09-04 20:45 - 000003176 _____ C:\Windows\System32\Tasks\{576B81E5-DBBC-464F-82A9-F59EE703EA65}
2018-11-30 18:32 - 2018-09-03 19:27 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-11-30 18:32 - 2018-09-03 01:06 - 000004524 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-11-30 18:32 - 2018-09-03 01:06 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-11-30 13:20 - 2018-09-27 09:30 - 000028672 ___SH C:\Users\oldřich\Desktop\Thumbs.db
2018-11-30 13:20 - 2018-09-05 09:51 - 000024520 _____ C:\Users\oldřich\Desktop\ZOO.ods_0.ods
2018-11-28 21:01 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\NDF
2018-11-26 17:24 - 2018-09-03 00:48 - 000239840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-11-23 21:46 - 2018-09-03 00:59 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-11-23 21:46 - 2018-09-03 00:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-22 22:57 - 2018-09-03 00:51 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-11-22 22:57 - 2018-09-03 00:51 - 000002406 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-11-22 15:50 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp
2018-11-21 20:30 - 2018-09-03 00:59 - 000000924 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-11-21 13:22 - 2018-10-23 19:49 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 001028680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000469272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000380464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000346592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000230344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000208472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000201768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000201240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000163208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000111800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000087432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000059496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000046384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-11-20 14:05 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-11-20 14:05 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\Macromed
2018-11-17 23:26 - 2018-09-04 20:36 - 000019593 _____ C:\Users\oldřich\Desktop\POZNÁMKY.odt
2018-11-17 17:32 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\rescache
2018-11-16 22:29 - 2018-09-05 12:26 - 000834960 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-11-16 22:29 - 2018-09-05 12:26 - 000179600 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-16 18:16 - 2018-09-03 00:43 - 000001322 _____ C:\Users\Public\Desktop\Skype.lnk
2018-11-16 18:16 - 2018-09-03 00:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-11-16 18:14 - 2013-08-22 15:44 - 000387064 _____ C:\Windows\system32\FNTCACHE.DAT
2018-11-16 08:39 - 2018-09-07 23:32 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-11-14 14:41 - 2018-09-05 11:07 - 000000000 ____D C:\Windows\system32\MRT
2018-11-14 14:38 - 2018-09-05 11:07 - 137810048 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some files in TEMP:
====================
2018-09-29 22:28 - 2018-09-29 22:28 - 040094224 _____ (Ellora Assets Corporation ) C:\Users\oldřich\AppData\Local\Temp\FreemakeVideoConverterFull.exe
2018-11-16 18:23 - 2018-11-16 18:23 - 000192512 _____ () C:\Users\oldřich\AppData\Local\Temp\sfamcc00001.dll
2015-02-10 18:56 - 2015-02-10 18:56 - 000105984 _____ () C:\Users\oldřich\AppData\Local\Temp\sfextra.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-12-03 08:14

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by oldřich (05-12-2018 12:34:11)
Running from C:\Users\oldřich\Downloads
Windows 8.1 (Update) (X64) (2018-09-02 23:27:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3829940882-3502807747-84982314-500 - Administrator - Disabled)
Guest (S-1-5-21-3829940882-3502807747-84982314-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3829940882-3502807747-84982314-1004 - Limited - Enabled)
oldřich (S-1-5-21-3829940882-3502807747-84982314-1001 - Administrator - Enabled) => C:\Users\oldřich

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Airflow 1.0.0-beta6 (HKLM-x32\...\Airflow) (Version: 1.0.0-beta6 - InMethod, s.r.o.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 70.0.917.103 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Eusing Free MP3 Cutter (HKLM-x32\...\Eusing Free MP3 Cutter) (Version: - )
Free AVI to MP4 Converter (32-bit) 1.2 (HKLM-x32\...\{55F62293-FD7F-4CF0-8097-8DE29EF66DC8}_is1) (Version: 1.2 - Jacek Pazera)
Free AVI to MP4 Converter 1.0 (HKLM-x32\...\{756DF96D-E40E-4B52-A53D-036E3D6AAB44}_is1) (Version: - PolySoft Solutions)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 63.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 63.0.3 (x64 cs)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.2 - Mozilla)
MP4 Converter 3 (HKLM-x32\...\MP4 Converter_is1) (Version: - Tomabo)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Seznam Software (HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Skype verze 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Wondershare AllMyTube(Build 5.0.0.3) (HKLM-x32\...\AllMyTube_is1) (Version: 5.0.0.3 - Wondershare)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
World of Tanks (HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-21] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-21] (AVAST Software)
ContextMenuHandlers1: [Tomabo.MP4Converter] -> {67A979E9-C5A6-4C0F-B0B7-FB516406FA9E} => C:\Program Files (x86)\Tomabo\MP4 Converter\MP4C_WS.dll [2015-07-21] (Tomabo)
ContextMenuHandlers1: [Tomabo.MP4Player] -> {DA4F8B8B-91CF-43AD-BB0B-B52BF770DA3E} => C:\Program Files (x86)\Tomabo\MP4 Converter\MP4P_WS.dll [2015-07-21] (Tomabo)
ContextMenuHandlers1: [TVCShellExt] -> {4E33A7F5-8083-4C08-9D45-C5CED88F5C04} => C:\PROGRA~2\TOTALV~1\TVCShellExtx64.dll -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-21] (AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-07-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-21] (AVAST Software)
ContextMenuHandlers6: [Tomabo.MP4Converter] -> {67A979E9-C5A6-4C0F-B0B7-FB516406FA9E} => C:\Program Files (x86)\Tomabo\MP4 Converter\MP4C_WS.dll [2015-07-21] (Tomabo)
ContextMenuHandlers6: [Tomabo.MP4Player] -> {DA4F8B8B-91CF-43AD-BB0B-B52BF770DA3E} => C:\Program Files (x86)\Tomabo\MP4 Converter\MP4P_WS.dll [2015-07-21] (Tomabo)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {27A13939-3712-41D3-8559-A2164FE2D9BD} - System32\Tasks\{576B81E5-DBBC-464F-82A9-F59EE703EA65} => C:\Windows\system32\pcalua.exe -a G:\instalace\manažéry\TotalComander650\tcmdr650.exe -d G:\instalace\manažéry\TotalComander650
Task: {3EF9DA0A-9CB7-44EA-BC3A-1A4E9D6EBC5E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [2018-11-20] (Adobe Systems Incorporated)
Task: {52A2BA6F-2218-4C6C-B2A2-917B2361A4C2} - System32\Tasks\{88BB4075-CDE1-4920-A443-5F07D09E1A1C} => C:\Windows\system32\pcalua.exe -a G:\instalace\manažéry\TotalComander652\tcmdr652.exe -d G:\instalace\manažéry\TotalComander652
Task: {70AB7D3F-CA75-40E0-87CD-035CD8ECEB6A} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-03] (AVAST Software)
Task: {80023563-0D15-4461-9B93-FD382C561ECE} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-21] (AVAST Software)
Task: {861C0CEB-00BE-48AC-A7B2-6E1746ED8606} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-02] (Google Inc.)
Task: {9464F744-C473-4B5D-B9B0-6F70B184CB1B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-20] (Adobe Systems Incorporated)
Task: {C06E9B50-1A3E-421B-BDB6-7D11164A26EA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {D0F27F2C-EB1C-4A58-B3E2-529DC8E8F6EC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-08-24] ()
Task: {D570BF3C-6F3F-4F22-94AD-212CBDE67FA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-02] (Google Inc.)
Task: {D7225496-DC29-4F0E-8781-25F0F4D9A7C2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-11-02] (AVAST Software)
Task: {DC4FABA5-1000-4126-B19A-648985510B44} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-03] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2014-07-04 20:33 - 2014-07-04 20:33 - 000214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 000814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 003650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2018-12-02 21:46 - 2018-11-16 06:43 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libglesv2.dll
2018-12-02 21:46 - 2018-11-16 06:43 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libegl.dll
2018-12-03 18:04 - 2018-12-03 18:04 - 031311872 _____ () C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\PepperFlash\32.0.0.101\pepflashplayer.dll
2018-09-03 00:43 - 2018-11-09 19:57 - 001790592 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2018-11-16 18:16 - 2018-11-09 19:57 - 002381152 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\slimcore\bin\skypert.dll
2018-11-16 18:16 - 2018-11-09 19:57 - 000097224 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2018-11-16 18:16 - 2018-11-09 19:57 - 000219080 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\electron-ssid\build\Release\electron-ssid.node
2018-11-16 18:16 - 2018-11-09 19:57 - 000081864 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\desktop-idle\build\Release\desktopIdle.node
2018-09-03 00:43 - 2018-11-09 19:57 - 002723872 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2018-09-03 00:43 - 2018-11-09 19:57 - 000031776 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2018-11-16 18:16 - 2018-11-09 19:57 - 000409544 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
2018-11-16 18:16 - 2018-11-09 19:57 - 000138696 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2018-11-15 18:48 - 000000826 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3829940882-3502807747-84982314-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\oldřich\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img_20160830_155631.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{47C5AFD7-7C06-43C8-AFD3-AEC87A077AA8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{CFF794E6-7114-4EB4-BB0B-8D5BA85C7D62}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1F53F198-0E1B-4497-9449-D048C374D171}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{52506540-54AF-4F52-B705-45AAC61EE65E}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{AF7941E1-8CC3-4CA9-8F8A-A98CC2F26114}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{4CBA44BB-913E-4A62-9437-34AEB2435E27}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{E07B31D8-A8CC-447D-BB5E-1AB61F44B563}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{FCD6E1CD-1C88-4DCC-906C-D4AFAC13DCBD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{1FCF9EC1-0F5E-4CC5-A195-0E653FA1383A}C:\users\oldřich\downloads\odorik.exe] => (Allow) C:\users\oldřich\downloads\odorik.exe
FirewallRules: [UDP Query User{88026E05-3FAF-43EA-A9E4-0B72BE5A23A6}C:\users\oldřich\downloads\odorik.exe] => (Allow) C:\users\oldřich\downloads\odorik.exe
FirewallRules: [TCP Query User{A70CA720-6A6C-49C6-BF6E-1B5E873F48CE}C:\users\oldřich\desktop\odorik.exe] => (Allow) C:\users\oldřich\desktop\odorik.exe
FirewallRules: [UDP Query User{EC0CE601-BECB-4BEA-BD96-54255AA8B2E3}C:\users\oldřich\desktop\odorik.exe] => (Allow) C:\users\oldřich\desktop\odorik.exe
FirewallRules: [TCP Query User{1C3CB269-E00B-4AEB-8443-488241435E57}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{FA8BC68D-75D5-47C4-84B2-41A8F2AEADE0}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{E886934A-CB4A-46CE-91F2-40715C6BF21E}C:\program files (x86)\airflow\airflow.exe] => (Allow) C:\program files (x86)\airflow\airflow.exe
FirewallRules: [UDP Query User{D813C402-7206-4BB8-8D46-741C5CAE19CB}C:\program files (x86)\airflow\airflow.exe] => (Allow) C:\program files (x86)\airflow\airflow.exe
FirewallRules: [{2ECBB3F1-43A8-43C1-A7AA-672DF1295244}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{762DCA34-D993-4D76-98DE-8BF9A97E6592}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{DCB28BAC-2318-4572-A2DC-BC93890F9211}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{6A8F7677-FF92-46A2-B744-CB74C04E1405}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{1208D8A3-A9C1-48AF-B70C-22AF809194FE}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{BD0DE790-3E5E-431E-8E1E-AF96F9A7364B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Tomabo\MP4 Converter\MP4Downloader.exe] => Enabled:MP4 Downloader

==================== Restore Points =========================

27-11-2018 12:59:45 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/05/2018 12:23:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OLDA)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (12/05/2018 12:22:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.3.9600.18460, časové razítko: 0x57c1b8c1
Název chybujícího modulu: twinui.appcore.dll, verze: 6.3.9600.18423, časové razítko: 0x5793b4e5
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000c2548
ID chybujícího procesu: 0x670
Čas spuštění chybující aplikace: 0x01d48c8cd0a792c4
Cesta k chybující aplikaci: C:\Windows\Explorer.EXE
Cesta k chybujícímu modulu: C:\Windows\System32\twinui.appcore.dll
ID zprávy: 1db93108-f880-11e8-827d-d43d7e5271ef
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/05/2018 12:18:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OLDA)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (12/05/2018 12:18:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OLDA)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (12/05/2018 11:48:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OLDA)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (12/05/2018 11:48:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OLDA)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (12/05/2018 11:18:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OLDA)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (12/05/2018 11:18:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OLDA)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (12/05/2018 12:31:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba Windows Store (WSService) byla neočekávaně ukončena. Tento stav nastal již 6krát.

Error: (12/05/2018 12:31:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba Windows Store (WSService) byla neočekávaně ukončena. Tento stav nastal již 5krát.

Error: (12/05/2018 12:28:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba Windows Store (WSService) byla neočekávaně ukončena. Tento stav nastal již 4krát.

Error: (12/05/2018 12:25:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba Windows Store (WSService) byla neočekávaně ukončena. Tento stav nastal již 3krát.

Error: (12/05/2018 12:23:30 PM) (Source: DCOM) (EventID: 10001) (User: OLDA)
Description: Nelze spustit server DCOM: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
15612
při provádění příkazu:
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server

Error: (12/05/2018 12:23:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Store (WSService) byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 300000 milisekund: Restartovat službu.

Error: (12/05/2018 12:23:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Store (WSService) byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (12/05/2018 12:22:24 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x0000007a (0xfffff6fc80a26dd8, 0xffffffffc000009d, 0x00000001690ea880, 0xfffff90144dbb008). Výpis byl uložen do: C:\Windows\MEMORY.DMP. ID hlášení: 120518-15578-01


Windows Defender:
===================================
Date: 2018-09-03 01:49:17.541
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

CodeIntegrity:
===================================

Date: 2018-12-01 11:34:18.327
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 11:34:18.023
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 11:34:17.755
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 11:34:17.487
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 11:34:17.222
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 11:34:16.925
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 11:34:16.643
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 11:34:16.378
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 33%
Total physical RAM: 8191.18 MB
Available physical RAM: 5449.27 MB
Total Virtual: 16383.18 MB
Available Virtual: 13435.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.17 GB) (Free:809.88 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:0.34 GB) (Free:0.31 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: C0B93A2A)
Partition 1: (Not Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=931.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: PC podezření na zavirování.

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

gold
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 15 srp 2018 11:28

Re: PC podezření na zavirování.

#3 Příspěvek od gold »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build: 11-26-2018
# Database: 2018-12-03.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-05-2018
# Duration: 00:00:03
# OS: Windows 8.1
# Cleaned: 5
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Amazon Assistant for Chrome

***** [ Chromium URLs ] *****

Deleted http://mysearch.avg.com/?cid={45DD1CF7- ... 2013-06-28 19:05:03&v=15.3.0.11&pid=safeguard&sg=0&sap=hp
Deleted AVG Secure Search
Deleted http://mysearch.avg.com/?cid={45DD1CF7- ... 2013-06-28 19:05:03&v=15.3.0.11&pid=safeguard&sg=0&sap=hp
Deleted AVG Secure Search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1860 octets] - [05/12/2018 15:46:58]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: PC podezření na zavirování.

#4 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

gold
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 15 srp 2018 11:28

Re: PC podezření na zavirování.

#5 Příspěvek od gold »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.12.2018 01
Ran by oldřich (administrator) on OLDA (06-12-2018 19:02:13)
Running from C:\Users\oldřich\Desktop
Loaded Profiles: oldřich (Available Profiles: oldřich)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Wargaming.net) C:\Games\World_of_Tanks\WargamingGameUpdater.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(C. Ghisler & Co.) C:\totalcmd\TOTALCMD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-21] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] ()
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare)
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49805160 2018-11-09] (Skype Technologies S.A.)
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [AvastBrowserAutoLaunch_D94630ADFD9E294522375000616C5DA7] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1819312 2018-11-16] (AVAST Software)
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net)
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [McAfeeSafeConnect] => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\oldřich\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\oldřich\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-08-24] (Piriform Ltd)
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [GoogleChromeAutoLaunch_FE6A20CA7E40AA098E515C3A3E39A34B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589080 2018-11-16] (Google Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2B5E2A4C-36C6-4596-B56D-BC3F15599931}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================

FireFox:
========
FF DefaultProfile: hac9qjf3.default
FF ProfilePath: C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\hac9qjf3.default [2018-12-06]
FF Homepage: Mozilla\Firefox\Profiles\hac9qjf3.default -> hxxps://cz2.herozerogame.com/|hxxps://s1-cz.tanoth.gameforge.com/
FF NewTab: Mozilla\Firefox\Profiles\hac9qjf3.default -> about:newtab
FF NewTabOverride: Mozilla\Firefox\Profiles\hac9qjf3.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\hac9qjf3.default\Extensions\sp@avast.com.xpi [2018-11-15]
FF Extension: (Avast Online Security) - C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\hac9qjf3.default\Extensions\wrc@avast.com.xpi [2018-11-21]
FF SearchPlugin: C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\hac9qjf3.default\searchplugins\google-avast.xml [2018-09-19]
FF HKLM-x32\...\Firefox\Extensions: [{8B1E27AE-119E-456b-B22E-08C61FACB097}] - C:\Program Files (x86)\Tomabo\MP4 Converter\MP4D_FF.xpi
FF Extension: (MP4 Downloader Extension) - C:\Program Files (x86)\Tomabo\MP4 Converter\MP4D_FF.xpi [2016-07-26] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_153.dll [2018-11-20] ()
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_153.dll [2018-11-20] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-12-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.myfreezoo.cz/game/","hxxps://s1-cz. ... ogame.com/"
CHR Profile: C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default [2018-12-06]
CHR Extension: (Překladač Google) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-09-03]
CHR Extension: (Prezentace) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-03]
CHR Extension: (Dokumenty) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-03]
CHR Extension: (Disk Google) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-03]
CHR Extension: (YouTube) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-03]
CHR Extension: (Adblock Plus) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-04]
CHR Extension: (Aliexpress SuperStar) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2018-11-30]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2018-09-27]
CHR Extension: (Adobe Acrobat) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-09-07]
CHR Extension: (Spyware Terminator Internet Guard) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\elbjpfdfllhaioofjgmiaekihidancnc [2018-09-03]
CHR Extension: (uBlock) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2018-11-23]
CHR Extension: (Tabulky) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-03]
CHR Extension: (CastBuddy) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghagedffjalchgcgdgfindabkpnmalel [2018-10-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-03]
CHR Extension: (Reklamy blokátor pro YouTube ™) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2018-09-03]
CHR Extension: (FormApps Extension) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2018-09-03]
CHR Extension: (PlayTo for Chromecast™) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\jngkenaoceimiimeokpdbmejeonaaami [2018-09-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-03]
CHR Extension: (Gmail) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-09-03]
CHR Extension: (Chrome Media Router) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-03]
CHR Profile: C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\System Profile [2018-09-25]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-11-21] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-03] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-11-21] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-03] (AVAST Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
S3 WSService; C:\Windows\System32\WSService.dll [3460472 2014-11-21] (Microsoft Corporation) [File not signed]
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Ultimate(CPC)\Transfer\DriverInstall.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\Windows\system32\DRIVERS\aftap0901.sys [48624 2018-03-06] (The OpenVPN Project)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201240 2018-11-21] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230344 2018-11-21] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201768 2018-11-21] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346592 2018-11-21] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59496 2018-11-21] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239840 2018-11-26] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46384 2018-11-21] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2018-11-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163208 2018-11-21] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111800 2018-11-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87432 2018-11-21] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028680 2018-11-21] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469272 2018-11-21] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208472 2018-11-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380464 2018-11-21] (AVAST Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-06 19:02 - 2018-12-06 19:02 - 000017380 _____ C:\Users\oldřich\Desktop\FRST.txt
2018-12-06 01:21 - 2018-12-06 01:39 - 336434972 _____ C:\Users\oldřich\Downloads\Kriminálka Miami 03x07 - Vlna zločinu.avi
2018-12-05 22:49 - 2018-12-05 23:11 - 389404528 _____ C:\Users\oldřich\Downloads\Kriminálka Miami 03x06 - Pekelná noc.avi
2018-12-05 22:36 - 2018-12-05 22:40 - 974273526 _____ C:\Users\oldřich\Downloads\857 Ordinace v růžové zahradě 2 - 857.mkv
2018-12-05 22:34 - 2018-12-05 22:49 - 256114422 _____ C:\Users\oldřich\Downloads\Kriminálka Miami 03x05 - Nezákonně.avi
2018-12-05 22:10 - 2018-12-05 22:14 - 434652027 _____ C:\Users\oldřich\Downloads\857 Ordinace v růžové zahradě 2 - 857.mkv.crdownload
2018-12-05 15:46 - 2018-12-05 15:46 - 000000000 ____D C:\AdwCleaner
2018-12-05 15:44 - 2018-12-05 15:44 - 007321808 _____ (Malwarebytes) C:\Users\oldřich\Downloads\adwcleaner_7.2.5.0.exe
2018-12-05 15:44 - 2018-12-05 15:44 - 007321808 _____ (Malwarebytes) C:\Users\oldřich\Desktop\adwcleaner_7.2.5.0.exe
2018-12-05 13:38 - 2018-12-05 13:38 - 000000000 __SHD C:\found.003
2018-12-05 12:34 - 2018-12-05 12:34 - 000025752 _____ C:\Users\oldřich\Downloads\Addition.txt
2018-12-05 12:33 - 2018-12-06 19:02 - 000000000 ____D C:\FRST
2018-12-05 12:33 - 2018-12-05 12:34 - 000037867 _____ C:\Users\oldřich\Downloads\FRST.txt
2018-12-05 12:29 - 2018-12-05 12:29 - 002417152 _____ (Farbar) C:\Users\oldřich\Desktop\FRST64.exe
2018-12-05 12:22 - 2018-12-05 12:22 - 000287904 _____ C:\Windows\Minidump\120518-15578-01.dmp
2018-12-03 19:49 - 2018-12-03 20:10 - 387909423 _____ C:\Users\oldřich\Downloads\Kriminálka Miami 03x04 - Blesková vražda.avi
2018-12-02 23:10 - 2018-12-02 23:39 - 313053114 _____ C:\Users\oldřich\Downloads\Kriminálka Miami 03x03 - Pod vlivem.avi
2018-12-02 21:46 - 2018-12-02 21:46 - 000002316 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-02 21:46 - 2018-12-02 21:46 - 000002275 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-12-02 21:45 - 2018-12-02 21:45 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-02 21:45 - 2018-12-02 21:45 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-02 21:29 - 2018-12-02 21:33 - 880199389 _____ C:\Users\oldřich\Downloads\856 Ordinace v růžové zahradě 2 - 856.mp4
2018-12-01 21:40 - 2018-12-01 21:40 - 000279656 _____ C:\Windows\Minidump\120118-16343-01.dmp
2018-12-01 15:26 - 2018-12-01 15:26 - 001130840 _____ (Google Inc.) C:\Users\oldřich\Downloads\ChromeSetup.exe
2018-11-30 18:42 - 2018-11-30 18:42 - 000287736 _____ C:\Windows\Minidump\113018-15250-01.dmp
2018-11-29 22:38 - 2018-11-29 22:44 - 1305274092 _____ C:\Users\oldřich\Downloads\Ready Player One - Hra zacina (2018 BluRay 720p AC3 - CZ dabing).mkv
2018-11-29 19:52 - 2018-11-29 19:53 - 476377286 _____ C:\Users\oldřich\Downloads\Modrý kód 139-Polibek brouka-28.11.18.avi
2018-11-21 17:59 - 2018-11-21 17:59 - 000279600 _____ C:\Windows\Minidump\112118-22843-01.dmp
2018-11-21 13:23 - 2018-11-21 13:22 - 000378584 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-11-16 18:23 - 2018-11-16 18:24 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2018-11-16 18:23 - 2018-11-16 18:23 - 000001019 _____ C:\Users\oldřich\Desktop\SpeedFan.lnk
2018-11-16 18:23 - 2018-11-16 18:23 - 000000045 _____ C:\Windows\SysWOW64\initdebug.nfo
2018-11-16 18:23 - 2018-11-16 18:23 - 000000000 ____D C:\Users\oldřich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2018-11-16 18:18 - 2018-11-16 18:18 - 000009216 ___SH C:\Users\oldřich\Downloads\Thumbs.db
2018-11-14 12:14 - 2018-10-25 01:54 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2018-11-14 12:14 - 2018-10-25 01:51 - 000121344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2018-11-14 12:14 - 2018-10-25 01:46 - 000205824 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2018-11-14 12:14 - 2018-10-25 01:45 - 000168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2018-11-14 12:14 - 2018-10-18 03:48 - 025737728 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-11-14 12:14 - 2018-10-18 03:17 - 020281344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-11-14 12:14 - 2018-10-16 04:46 - 007371720 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-11-14 12:14 - 2018-10-16 04:39 - 002171800 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2018-11-14 12:14 - 2018-10-16 04:39 - 001662504 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-11-14 12:14 - 2018-10-16 04:39 - 001063368 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2018-11-14 12:14 - 2018-10-16 04:18 - 001137472 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-11-14 12:14 - 2018-10-16 04:02 - 001563584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2018-11-14 12:14 - 2018-10-16 04:02 - 001214920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-11-14 12:14 - 2018-10-12 21:35 - 000862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-11-14 12:14 - 2018-10-12 21:26 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-11-14 12:14 - 2018-10-12 21:25 - 000189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2018-11-14 12:14 - 2018-10-12 21:22 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-11-14 12:14 - 2018-10-12 21:17 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-11-14 12:14 - 2018-10-12 21:16 - 000148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2018-11-14 12:14 - 2018-10-12 21:16 - 000131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2018-11-14 12:14 - 2018-10-12 21:03 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-11-14 12:14 - 2018-10-12 21:00 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-11-14 12:14 - 2018-10-12 20:59 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-11-14 12:14 - 2018-10-12 20:57 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-11-14 12:14 - 2018-10-12 20:56 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-11-14 12:14 - 2018-10-12 20:51 - 000267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2018-11-14 12:14 - 2018-10-12 20:47 - 001049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-11-14 12:14 - 2018-10-12 20:42 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-11-14 12:14 - 2018-10-12 20:38 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-11-14 12:14 - 2018-10-12 20:36 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-11-14 12:14 - 2018-10-12 03:16 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\dispex.dll
2018-11-14 12:14 - 2018-10-12 03:12 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-11-14 12:14 - 2018-10-12 03:10 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-11-14 12:14 - 2018-10-12 03:10 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2018-11-14 12:14 - 2018-10-12 03:01 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-11-14 12:14 - 2018-10-12 02:59 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-11-14 12:14 - 2018-10-12 02:59 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-11-14 12:14 - 2018-10-12 02:58 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2018-11-14 12:14 - 2018-10-12 02:58 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2018-11-14 12:14 - 2018-10-12 02:35 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-11-14 12:14 - 2018-10-12 02:30 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-11-14 12:14 - 2018-10-12 02:27 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-11-14 12:14 - 2018-10-12 02:27 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-11-14 12:14 - 2018-10-12 02:25 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-11-14 12:14 - 2018-10-12 02:19 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-11-14 12:14 - 2018-10-12 02:17 - 000809984 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-11-14 12:14 - 2018-10-12 02:12 - 002882048 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-11-14 12:14 - 2018-10-12 02:06 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-11-14 12:14 - 2018-10-12 01:55 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-11-14 12:14 - 2018-10-06 19:14 - 001547192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-11-14 12:14 - 2018-10-06 19:14 - 000388536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-11-14 12:14 - 2018-10-06 19:04 - 001308976 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-11-14 12:14 - 2018-10-06 19:03 - 000356288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-11-14 12:14 - 2018-10-06 17:48 - 004168192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-11-14 12:14 - 2018-10-06 16:41 - 002465792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2018-11-14 12:14 - 2018-10-06 16:34 - 002175488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2018-11-14 12:14 - 2018-10-06 16:32 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-11-14 12:14 - 2018-09-28 14:38 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2018-11-14 12:14 - 2018-09-28 14:34 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll
2018-11-14 12:14 - 2018-09-23 17:47 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-11-14 12:14 - 2018-09-23 17:45 - 000468992 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2018-11-14 12:14 - 2018-09-23 17:45 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2018-11-14 12:14 - 2018-09-23 17:37 - 000774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-11-14 12:14 - 2018-09-23 17:24 - 003631616 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-11-14 12:14 - 2018-09-23 17:23 - 000391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2018-11-14 12:14 - 2018-09-23 17:23 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2018-11-14 12:14 - 2018-09-23 17:20 - 002750464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2018-11-14 12:14 - 2018-09-23 17:17 - 000699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2018-11-14 12:14 - 2018-09-23 17:00 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2018-11-14 12:14 - 2018-09-23 17:00 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2018-11-14 12:14 - 2018-09-23 16:58 - 000904192 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-11-14 12:14 - 2018-09-23 16:56 - 002551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-11-14 12:14 - 2018-09-23 16:53 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2018-11-14 12:14 - 2018-09-23 16:51 - 001920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2018-11-14 12:14 - 2018-09-23 16:50 - 000709632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2018-11-14 12:14 - 2018-09-12 19:30 - 000137008 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-11-14 12:14 - 2018-09-11 16:30 - 003718144 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-11-14 12:14 - 2018-08-26 04:38 - 001200640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2018-11-14 12:14 - 2018-08-26 04:38 - 000323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2018-11-14 12:14 - 2018-08-26 04:21 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2018-11-14 12:14 - 2018-08-26 04:21 - 000200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2018-11-14 12:14 - 2018-08-26 02:45 - 000513448 _____ C:\Windows\SysWOW64\locale.nls
2018-11-14 12:14 - 2018-08-26 02:45 - 000513448 _____ C:\Windows\system32\locale.nls
2018-11-14 12:14 - 2018-08-21 14:39 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-11-14 12:14 - 2018-08-21 14:35 - 000358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-11-14 12:14 - 2018-08-19 17:22 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-11-14 12:14 - 2018-08-19 16:52 - 001436672 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-11-14 12:14 - 2018-08-19 16:43 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-11-12 22:23 - 2018-11-12 22:26 - 671317184 _____ C:\Users\oldřich\Downloads\31s.cz - Jízda.avi
2018-11-12 22:12 - 2018-11-12 22:22 - 1746258464 _____ C:\Users\oldřich\Downloads\31s.cz - Restart.mkv
2018-11-11 22:31 - 2018-11-11 23:50 - 876217726 _____ C:\Users\oldřich\Downloads\John Wick 1 - Akční 2014 CZdab (dublsoft).mp4
2018-11-07 01:30 - 2018-11-07 01:31 - 002425125 _____ C:\Users\oldřich\Downloads\videoplayback.m4a

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-06 16:44 - 2018-09-03 00:59 - 000000000 ____D C:\Users\oldřich\AppData\LocalLow\Mozilla
2018-12-06 15:00 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp
2018-12-06 14:34 - 2018-09-03 00:34 - 000003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D300AD43-1DAD-4CA1-BFE2-4610B487236A}
2018-12-06 14:13 - 2018-09-03 00:49 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-12-06 14:13 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\NDF
2018-12-06 13:59 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2018-12-06 02:26 - 2018-09-25 18:12 - 000000000 ____D C:\Users\oldřich\AppData\Roaming\vlc
2018-12-05 21:08 - 2018-09-10 22:23 - 000000000 ____D C:\Users\oldřich\AppData\Roaming\Seznam.cz
2018-12-05 16:02 - 2018-09-03 00:33 - 000000000 ___DO C:\Users\oldřich\OneDrive
2018-12-05 16:01 - 2018-09-06 09:40 - 000000000 ____D C:\Users\oldřich\AppData\Local\CrashDumps
2018-12-05 15:58 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-05 15:47 - 2018-09-03 00:27 - 000000000 ____D C:\Users\oldřich
2018-12-05 15:45 - 2018-09-27 09:30 - 000033792 ___SH C:\Users\oldřich\Desktop\Thumbs.db
2018-12-05 15:45 - 2018-09-05 09:51 - 000030352 _____ C:\Users\oldřich\Desktop\ZOO.ods_0.ods
2018-12-05 12:22 - 2018-09-25 17:47 - 597067036 _____ C:\Windows\MEMORY.DMP
2018-12-05 12:22 - 2018-09-03 14:58 - 000000000 ____D C:\Windows\Minidump
2018-12-04 16:51 - 2018-09-03 00:37 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3829940882-3502807747-84982314-1001
2018-12-04 16:02 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-12-03 16:00 - 2014-11-21 05:53 - 001661154 _____ C:\Windows\system32\PerfStringBackup.INI
2018-12-03 16:00 - 2014-11-21 05:10 - 000705162 _____ C:\Windows\system32\perfh005.dat
2018-12-03 16:00 - 2014-11-21 05:10 - 000143922 _____ C:\Windows\system32\perfc005.dat
2018-12-02 21:46 - 2018-09-03 00:37 - 000000000 ____D C:\Program Files (x86)\Google
2018-12-02 21:27 - 2018-09-08 16:36 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2018-12-01 00:43 - 2018-09-05 12:26 - 000835688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-12-01 00:43 - 2018-09-05 12:26 - 000179808 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-30 18:54 - 2018-09-03 00:34 - 000000000 __SHD C:\Users\oldřich\AppData\LocalLow\EmieUserList
2018-11-30 18:54 - 2018-09-03 00:34 - 000000000 __SHD C:\Users\oldřich\AppData\LocalLow\EmieSiteList
2018-11-30 18:54 - 2018-09-03 00:34 - 000000000 __SHD C:\Users\oldřich\AppData\Local\EmieUserList
2018-11-30 18:54 - 2018-09-03 00:34 - 000000000 __SHD C:\Users\oldřich\AppData\Local\EmieSiteList
2018-11-30 18:46 - 2018-09-03 00:49 - 000000000 ____D C:\Users\oldřich\AppData\Local\AVAST Software
2018-11-30 18:32 - 2018-09-19 14:15 - 000002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-11-30 18:32 - 2018-09-07 23:32 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-11-30 18:32 - 2018-09-04 20:48 - 000003176 _____ C:\Windows\System32\Tasks\{88BB4075-CDE1-4920-A443-5F07D09E1A1C}
2018-11-30 18:32 - 2018-09-04 20:45 - 000003176 _____ C:\Windows\System32\Tasks\{576B81E5-DBBC-464F-82A9-F59EE703EA65}
2018-11-30 18:32 - 2018-09-03 19:27 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-11-30 18:32 - 2018-09-03 01:06 - 000004524 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-11-30 18:32 - 2018-09-03 01:06 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-11-26 17:24 - 2018-09-03 00:48 - 000239840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-11-23 21:46 - 2018-09-03 00:59 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-11-23 21:46 - 2018-09-03 00:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-22 22:57 - 2018-09-03 00:51 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-11-22 22:57 - 2018-09-03 00:51 - 000002406 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-11-21 20:30 - 2018-09-03 00:59 - 000000924 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-11-21 13:22 - 2018-10-23 19:49 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 001028680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000469272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000380464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000346592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000230344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000208472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000201768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000201240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000163208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000111800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000087432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000059496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000046384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-11-20 14:05 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-11-20 14:05 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\Macromed
2018-11-17 23:26 - 2018-09-04 20:36 - 000019593 _____ C:\Users\oldřich\Desktop\POZNÁMKY.odt
2018-11-17 17:32 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\rescache
2018-11-16 18:16 - 2018-09-03 00:43 - 000001322 _____ C:\Users\Public\Desktop\Skype.lnk
2018-11-16 18:16 - 2018-09-03 00:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-11-16 18:14 - 2013-08-22 15:44 - 000387064 _____ C:\Windows\system32\FNTCACHE.DAT
2018-11-16 08:39 - 2018-09-07 23:32 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-11-14 14:41 - 2018-09-05 11:07 - 000000000 ____D C:\Windows\system32\MRT
2018-11-14 14:38 - 2018-09-05 11:07 - 137810048 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some files in TEMP:
====================
2018-09-29 22:28 - 2018-09-29 22:28 - 040094224 _____ (Ellora Assets Corporation ) C:\Users\oldřich\AppData\Local\Temp\FreemakeVideoConverterFull.exe
2018-11-16 18:23 - 2018-11-16 18:23 - 000192512 _____ () C:\Users\oldřich\AppData\Local\Temp\sfamcc00001.dll
2015-02-10 18:56 - 2015-02-10 18:56 - 000105984 _____ () C:\Users\oldřich\AppData\Local\Temp\sfextra.dll

Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\appidapi.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-12-03 08:14

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by oldřich (06-12-2018 19:03:03)
Running from C:\Users\oldřich\Desktop
Windows 8.1 (Update) (X64) (2018-09-02 23:27:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3829940882-3502807747-84982314-500 - Administrator - Disabled)
Guest (S-1-5-21-3829940882-3502807747-84982314-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3829940882-3502807747-84982314-1004 - Limited - Enabled)
oldřich (S-1-5-21-3829940882-3502807747-84982314-1001 - Administrator - Enabled) => C:\Users\oldřich

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Airflow 1.0.0-beta6 (HKLM-x32\...\Airflow) (Version: 1.0.0-beta6 - InMethod, s.r.o.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 70.0.917.103 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Eusing Free MP3 Cutter (HKLM-x32\...\Eusing Free MP3 Cutter) (Version: - )
Free AVI to MP4 Converter (32-bit) 1.2 (HKLM-x32\...\{55F62293-FD7F-4CF0-8097-8DE29EF66DC8}_is1) (Version: 1.2 - Jacek Pazera)
Free AVI to MP4 Converter 1.0 (HKLM-x32\...\{756DF96D-E40E-4B52-A53D-036E3D6AAB44}_is1) (Version: - PolySoft Solutions)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 63.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 63.0.3 (x64 cs)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.2 - Mozilla)
MP4 Converter 3 (HKLM-x32\...\MP4 Converter_is1) (Version: - Tomabo)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Seznam Software (HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Skype verze 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Wondershare AllMyTube(Build 5.0.0.3) (HKLM-x32\...\AllMyTube_is1) (Version: 5.0.0.3 - Wondershare)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
World of Tanks (HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-21] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-21] (AVAST Software)
ContextMenuHandlers1: [Tomabo.MP4Converter] -> {67A979E9-C5A6-4C0F-B0B7-FB516406FA9E} => C:\Program Files (x86)\Tomabo\MP4 Converter\MP4C_WS.dll [2015-07-21] (Tomabo)
ContextMenuHandlers1: [Tomabo.MP4Player] -> {DA4F8B8B-91CF-43AD-BB0B-B52BF770DA3E} => C:\Program Files (x86)\Tomabo\MP4 Converter\MP4P_WS.dll [2015-07-21] (Tomabo)
ContextMenuHandlers1: [TVCShellExt] -> {4E33A7F5-8083-4C08-9D45-C5CED88F5C04} => C:\PROGRA~2\TOTALV~1\TVCShellExtx64.dll -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-21] (AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-07-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-21] (AVAST Software)
ContextMenuHandlers6: [Tomabo.MP4Converter] -> {67A979E9-C5A6-4C0F-B0B7-FB516406FA9E} => C:\Program Files (x86)\Tomabo\MP4 Converter\MP4C_WS.dll [2015-07-21] (Tomabo)
ContextMenuHandlers6: [Tomabo.MP4Player] -> {DA4F8B8B-91CF-43AD-BB0B-B52BF770DA3E} => C:\Program Files (x86)\Tomabo\MP4 Converter\MP4P_WS.dll [2015-07-21] (Tomabo)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {27A13939-3712-41D3-8559-A2164FE2D9BD} - System32\Tasks\{576B81E5-DBBC-464F-82A9-F59EE703EA65} => C:\Windows\system32\pcalua.exe -a G:\instalace\manažéry\TotalComander650\tcmdr650.exe -d G:\instalace\manažéry\TotalComander650
Task: {3EF9DA0A-9CB7-44EA-BC3A-1A4E9D6EBC5E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [2018-11-20] (Adobe Systems Incorporated)
Task: {52A2BA6F-2218-4C6C-B2A2-917B2361A4C2} - System32\Tasks\{88BB4075-CDE1-4920-A443-5F07D09E1A1C} => C:\Windows\system32\pcalua.exe -a G:\instalace\manažéry\TotalComander652\tcmdr652.exe -d G:\instalace\manažéry\TotalComander652
Task: {70AB7D3F-CA75-40E0-87CD-035CD8ECEB6A} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-03] (AVAST Software)
Task: {80023563-0D15-4461-9B93-FD382C561ECE} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-21] (AVAST Software)
Task: {861C0CEB-00BE-48AC-A7B2-6E1746ED8606} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-02] (Google Inc.)
Task: {9464F744-C473-4B5D-B9B0-6F70B184CB1B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-20] (Adobe Systems Incorporated)
Task: {C06E9B50-1A3E-421B-BDB6-7D11164A26EA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {D0F27F2C-EB1C-4A58-B3E2-529DC8E8F6EC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-08-24] ()
Task: {D570BF3C-6F3F-4F22-94AD-212CBDE67FA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-02] (Google Inc.)
Task: {D7225496-DC29-4F0E-8781-25F0F4D9A7C2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-11-02] (AVAST Software)
Task: {DC4FABA5-1000-4126-B19A-648985510B44} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-03] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2014-07-04 20:33 - 2014-07-04 20:33 - 000214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 000814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 003650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-07-04 20:33 - 2014-07-04 20:33 - 000102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2018-12-02 21:46 - 2018-11-16 06:43 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libglesv2.dll
2018-12-02 21:46 - 2018-11-16 06:43 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libegl.dll
2018-11-20 14:05 - 2018-11-20 14:05 - 026871808 _____ () C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_153.dll
2018-12-03 18:04 - 2018-12-03 18:04 - 031311872 _____ () C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\PepperFlash\32.0.0.101\pepflashplayer.dll
2018-09-03 00:49 - 2018-09-03 00:49 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-11-21 13:22 - 2018-11-21 13:22 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-09-03 00:43 - 2018-11-09 19:57 - 001790592 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2018-11-16 18:16 - 2018-11-09 19:57 - 002381152 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\slimcore\bin\skypert.dll
2018-11-16 18:16 - 2018-11-09 19:57 - 000097224 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2018-11-16 18:16 - 2018-11-09 19:57 - 000219080 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\electron-ssid\build\Release\electron-ssid.node
2018-11-16 18:16 - 2018-11-09 19:57 - 000081864 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\desktop-idle\build\Release\desktopIdle.node
2018-09-25 20:41 - 2017-03-23 08:49 - 001506304 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2018-09-25 20:41 - 2016-07-21 09:54 - 000137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2018-09-03 00:43 - 2018-11-09 19:57 - 002723872 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2018-09-03 00:43 - 2018-11-09 19:57 - 000031776 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2018-11-16 18:16 - 2018-11-09 19:57 - 000409544 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
2018-11-16 18:16 - 2018-11-09 19:57 - 000138696 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2018-11-15 18:48 - 000000826 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3829940882-3502807747-84982314-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\oldřich\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img_20160830_155631.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{47C5AFD7-7C06-43C8-AFD3-AEC87A077AA8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{CFF794E6-7114-4EB4-BB0B-8D5BA85C7D62}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1F53F198-0E1B-4497-9449-D048C374D171}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{52506540-54AF-4F52-B705-45AAC61EE65E}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{AF7941E1-8CC3-4CA9-8F8A-A98CC2F26114}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{4CBA44BB-913E-4A62-9437-34AEB2435E27}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{E07B31D8-A8CC-447D-BB5E-1AB61F44B563}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{FCD6E1CD-1C88-4DCC-906C-D4AFAC13DCBD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{1FCF9EC1-0F5E-4CC5-A195-0E653FA1383A}C:\users\oldřich\downloads\odorik.exe] => (Allow) C:\users\oldřich\downloads\odorik.exe
FirewallRules: [UDP Query User{88026E05-3FAF-43EA-A9E4-0B72BE5A23A6}C:\users\oldřich\downloads\odorik.exe] => (Allow) C:\users\oldřich\downloads\odorik.exe
FirewallRules: [TCP Query User{A70CA720-6A6C-49C6-BF6E-1B5E873F48CE}C:\users\oldřich\desktop\odorik.exe] => (Allow) C:\users\oldřich\desktop\odorik.exe
FirewallRules: [UDP Query User{EC0CE601-BECB-4BEA-BD96-54255AA8B2E3}C:\users\oldřich\desktop\odorik.exe] => (Allow) C:\users\oldřich\desktop\odorik.exe
FirewallRules: [TCP Query User{1C3CB269-E00B-4AEB-8443-488241435E57}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{FA8BC68D-75D5-47C4-84B2-41A8F2AEADE0}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{E886934A-CB4A-46CE-91F2-40715C6BF21E}C:\program files (x86)\airflow\airflow.exe] => (Allow) C:\program files (x86)\airflow\airflow.exe
FirewallRules: [UDP Query User{D813C402-7206-4BB8-8D46-741C5CAE19CB}C:\program files (x86)\airflow\airflow.exe] => (Allow) C:\program files (x86)\airflow\airflow.exe
FirewallRules: [{2ECBB3F1-43A8-43C1-A7AA-672DF1295244}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{762DCA34-D993-4D76-98DE-8BF9A97E6592}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{DCB28BAC-2318-4572-A2DC-BC93890F9211}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{6A8F7677-FF92-46A2-B744-CB74C04E1405}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{1208D8A3-A9C1-48AF-B70C-22AF809194FE}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{BD0DE790-3E5E-431E-8E1E-AF96F9A7364B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Tomabo\MP4 Converter\MP4Downloader.exe] => Enabled:MP4 Downloader

==================== Restore Points =========================

27-11-2018 12:59:45 Naplánovaný kontrolní bod
05-12-2018 13:38:13 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/06/2018 06:52:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OLDA)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (12/06/2018 06:52:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OLDA)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (12/06/2018 06:36:23 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost (3664) Instance: Při zotavení či obnovení databáze došlo k neočekávané chybě -501.

Error: (12/06/2018 06:36:23 PM) (Source: ESENT) (EventID: 465) (User: )
Description: svchost (3664) Instance: Při částečném obnovení byl zjištěn poškozený soubor protokolu C:\ProgramData\Microsoft\Windows\AppRepository\edb.log. Záznam s chybou kontrolního součtu je umístěn na pozici END. Data neodpovídající záznamům protokolu se poprvé vyskytla v sektoru 201 (0x000000C9). Soubor je poškozený a nelze jej použít.

Error: (12/06/2018 06:36:23 PM) (Source: ESENT) (EventID: 477) (User: )
Description: svchost (3664) Instance: Ověření načtení rozsahu protokolu ze souboru C:\ProgramData\Microsoft\Windows\AppRepository\edb.log s posunem 823296 (0x00000000000c9000) o 4096 (0x00001000) bajtů se nezdařilo. Došlo k neshodě kontrolního součtu rozsahu. Byl očekáván kontrolní součet 9145967595214551246 (0x7eed011207ff38ce), ale skutečný kontrolní součet byl 9145967595214551246 (0x7eed011207ff38ce). Operace čtení se nezdaří a dojde k chybě -501 (0xfffffe0b). Pokud tento stav potrvá, obnovte soubor protokolu z předchozí zálohy.

Error: (12/06/2018 06:36:23 PM) (Source: ESENT) (EventID: 465) (User: )
Description: svchost (3664) Instance: Při částečném obnovení byl zjištěn poškozený soubor protokolu C:\ProgramData\Microsoft\Windows\AppRepository\edb.log. Záznam s chybou kontrolního součtu je umístěn na pozici END. Data neodpovídající záznamům protokolu se poprvé vyskytla v sektoru 201 (0x000000C9). Soubor je poškozený a nelze jej použít.

Error: (12/06/2018 06:36:23 PM) (Source: ESENT) (EventID: 477) (User: )
Description: svchost (3664) Instance: Ověření načtení rozsahu protokolu ze souboru C:\ProgramData\Microsoft\Windows\AppRepository\edb.log s posunem 823296 (0x00000000000c9000) o 4096 (0x00001000) bajtů se nezdařilo. Došlo k neshodě kontrolního součtu rozsahu. Byl očekáván kontrolní součet 9145967595214551246 (0x7eed011207ff38ce), ale skutečný kontrolní součet byl 9145967595214551246 (0x7eed011207ff38ce). Operace čtení se nezdaří a dojde k chybě -501 (0xfffffe0b). Pokud tento stav potrvá, obnovte soubor protokolu z předchozí zálohy.

Error: (12/06/2018 06:36:23 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost (3664) Instance: Při zotavení či obnovení databáze došlo k neočekávané chybě -501.


System errors:
=============
Error: (12/06/2018 06:59:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba Windows Store (WSService) byla neočekávaně ukončena. Tento stav nastal již 3krát.

Error: (12/06/2018 06:54:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Store (WSService) byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 300000 milisekund: Restartovat službu.

Error: (12/06/2018 06:52:08 PM) (Source: DCOM) (EventID: 10001) (User: OLDA)
Description: Nelze spustit server DCOM: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
15612
při provádění příkazu:
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server

Error: (12/06/2018 06:52:08 PM) (Source: DCOM) (EventID: 10001) (User: OLDA)
Description: Nelze spustit server DCOM: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
15612
při provádění příkazu:
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server

Error: (12/06/2018 06:52:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Store (WSService) byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (12/06/2018 06:41:21 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby AppX Deployment Service (AppXSVC), ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (12/06/2018 06:38:20 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby AppX Deployment Service (AppXSVC), ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (12/06/2018 06:36:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba Windows Store (WSService) byla neočekávaně ukončena. Tento stav nastal již 7krát.


Windows Defender:
===================================
Date: 2018-09-03 01:49:17.541
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

CodeIntegrity:
===================================

Date: 2018-12-01 11:34:18.327
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 11:34:18.023
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 11:34:17.755
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 11:34:17.487
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 11:34:17.222
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 11:34:16.925
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 11:34:16.643
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 11:34:16.378
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 74%
Total physical RAM: 8191.18 MB
Available physical RAM: 2108.45 MB
Total Virtual: 16383.18 MB
Available Virtual: 8909.09 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.17 GB) (Free:806.85 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:0.34 GB) (Free:0.31 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: C0B93A2A)
Partition 1: (Not Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=931.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: PC podezření na zavirování.

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
C:\Windows\System32\Tasks\{88BB4075-CDE1-4920-A443-5F07D09E1A1C}
C:\Windows\System32\Tasks\{576B81E5-DBBC-464F-82A9-F59EE703EA65}
C:\Users\oldřich\AppData\Local\Temp
C:\Windows\SysWOW64\appidapi.dll
ContextMenuHandlers1: [TVCShellExt] -> {4E33A7F5-8083-4C08-9D45-C5CED88F5C04} => C:\PROGRA~2\TOTALV~1\TVCShellExtx64.dll -> No File
Task: {52A2BA6F-2218-4C6C-B2A2-917B2361A4C2} - System32\Tasks\{88BB4075-CDE1-4920-A443-5F07D09E1A1C} => C:\Windows\system32\pcalua.exe -a G:\instalace\manažéry\TotalComander652\tcmdr652.exe -d G:\instalace\manažéry\TotalComander652
Task: {861C0CEB-00BE-48AC-A7B2-6E1746ED8606} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-02] (Google Inc.)
Task: {D570BF3C-6F3F-4F22-94AD-212CBDE67FA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-02] (Google Inc.)

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

gold
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 15 srp 2018 11:28

Re: PC podezření na zavirování.

#7 Příspěvek od gold »

Fix result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by oldřich (06-12-2018 20:46:24) Run:1
Running from C:\Users\oldřich\Desktop
Loaded Profiles: oldřich (Available Profiles: oldřich)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
C:\Windows\System32\Tasks\{88BB4075-CDE1-4920-A443-5F07D09E1A1C}
C:\Windows\System32\Tasks\{576B81E5-DBBC-464F-82A9-F59EE703EA65}
C:\Users\old�ich\AppData\Local\Temp
C:\Windows\SysWOW64\appidapi.dll
ContextMenuHandlers1: [TVCShellExt] -> {4E33A7F5-8083-4C08-9D45-C5CED88F5C04} => C:\PROGRA~2\TOTALV~1\TVCShellExtx64.dll -> No File
Task: {52A2BA6F-2218-4C6C-B2A2-917B2361A4C2} - System32\Tasks\{88BB4075-CDE1-4920-A443-5F07D09E1A1C} => C:\Windows\system32\pcalua.exe -a G:\instalace\mana��ry\TotalComander652\tcmdr652.exe -d G:\instalace\mana��ry\TotalComander652
Task: {861C0CEB-00BE-48AC-A7B2-6E1746ED8606} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-02] (Google Inc.)
Task: {D570BF3C-6F3F-4F22-94AD-212CBDE67FA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-02] (Google Inc.)

EmptyTemp:
End
*****************

Processes closed successfully.
C:\Windows\System32\Tasks\{88BB4075-CDE1-4920-A443-5F07D09E1A1C} => moved successfully
C:\Windows\System32\Tasks\{576B81E5-DBBC-464F-82A9-F59EE703EA65} => moved successfully
"C:\Users\old�ich\AppData\Local\Temp" => not found
C:\Windows\SysWOW64\appidapi.dll => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\TVCShellExt => removed successfully
HKLM\Software\Classes\CLSID\{4E33A7F5-8083-4C08-9D45-C5CED88F5C04} => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{52A2BA6F-2218-4C6C-B2A2-917B2361A4C2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52A2BA6F-2218-4C6C-B2A2-917B2361A4C2}" => removed successfully
"C:\Windows\System32\Tasks\{88BB4075-CDE1-4920-A443-5F07D09E1A1C}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{88BB4075-CDE1-4920-A443-5F07D09E1A1C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{861C0CEB-00BE-48AC-A7B2-6E1746ED8606}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{861C0CEB-00BE-48AC-A7B2-6E1746ED8606}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D570BF3C-6F3F-4F22-94AD-212CBDE67FA1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D570BF3C-6F3F-4F22-94AD-212CBDE67FA1}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15545235 B
Java, Flash, Steam htmlcache => 2363 B
Windows/system/drivers => 12865291 B
Edge => 0 B
Chrome => 625655479 B
Firefox => 1077404498 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 249229 B
systemprofile32 => 0 B
LocalService => 110036 B
NetworkService => 0 B
oldřich => 479270815 B

RecycleBin => 52080813136 B
EmptyTemp: => 50.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:49:31 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: PC podezření na zavirování.

#8 Příspěvek od Rudy »

Smazáno, log již by měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

gold
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 15 srp 2018 11:28

Re: PC podezření na zavirování.

#9 Příspěvek od gold »

Ok děkuji, přeji hezký večer.

gold
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 15 srp 2018 11:28

Re: PC podezření na zavirování.

#10 Příspěvek od gold »

mám poslat ještě log?

gold
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 15 srp 2018 11:28

Re: PC podezření na zavirování.

#11 Příspěvek od gold »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.12.2018 01
Ran by oldřich (administrator) on OLDA (06-12-2018 21:49:18)
Running from C:\Users\oldřich\Desktop
Loaded Profiles: oldřich (Available Profiles: oldřich)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Wargaming.net) C:\Games\World_of_Tanks\WargamingGameUpdater.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(C. Ghisler & Co.) C:\totalcmd\TOTALCMD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-21] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] ()
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare)
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49805160 2018-11-09] (Skype Technologies S.A.)
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [AvastBrowserAutoLaunch_D94630ADFD9E294522375000616C5DA7] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1819312 2018-11-16] (AVAST Software)
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net)
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [McAfeeSafeConnect] => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\oldřich\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\oldřich\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-08-24] (Piriform Ltd)
HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\Run: [GoogleChromeAutoLaunch_FE6A20CA7E40AA098E515C3A3E39A34B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1589080 2018-11-16] (Google Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2B5E2A4C-36C6-4596-B56D-BC3F15599931}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================

FireFox:
========
FF DefaultProfile: hac9qjf3.default
FF ProfilePath: C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\hac9qjf3.default [2018-12-06]
FF Homepage: Mozilla\Firefox\Profiles\hac9qjf3.default -> hxxps://cz2.herozerogame.com/|hxxps://s1-cz.tanoth.gameforge.com/
FF NewTab: Mozilla\Firefox\Profiles\hac9qjf3.default -> about:newtab
FF NewTabOverride: Mozilla\Firefox\Profiles\hac9qjf3.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\hac9qjf3.default\Extensions\sp@avast.com.xpi [2018-11-15]
FF Extension: (Avast Online Security) - C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\hac9qjf3.default\Extensions\wrc@avast.com.xpi [2018-11-21]
FF SearchPlugin: C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\hac9qjf3.default\searchplugins\google-avast.xml [2018-09-19]
FF HKLM-x32\...\Firefox\Extensions: [{8B1E27AE-119E-456b-B22E-08C61FACB097}] - C:\Program Files (x86)\Tomabo\MP4 Converter\MP4D_FF.xpi
FF Extension: (MP4 Downloader Extension) - C:\Program Files (x86)\Tomabo\MP4 Converter\MP4D_FF.xpi [2016-07-26] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_153.dll [2018-11-20] ()
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_153.dll [2018-11-20] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-12-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.myfreezoo.cz/game/","hxxps://s1-cz. ... ogame.com/"
CHR Profile: C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default [2018-12-06]
CHR Extension: (Překladač Google) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-09-03]
CHR Extension: (Prezentace) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-03]
CHR Extension: (Dokumenty) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-03]
CHR Extension: (Disk Google) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-03]
CHR Extension: (YouTube) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-03]
CHR Extension: (Adblock Plus) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-04]
CHR Extension: (Aliexpress SuperStar) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2018-11-30]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2018-09-27]
CHR Extension: (Adobe Acrobat) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-09-07]
CHR Extension: (Spyware Terminator Internet Guard) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\elbjpfdfllhaioofjgmiaekihidancnc [2018-09-03]
CHR Extension: (uBlock) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2018-11-23]
CHR Extension: (Tabulky) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-03]
CHR Extension: (CastBuddy) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghagedffjalchgcgdgfindabkpnmalel [2018-10-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-03]
CHR Extension: (Reklamy blokátor pro YouTube ™) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2018-09-03]
CHR Extension: (FormApps Extension) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2018-09-03]
CHR Extension: (PlayTo for Chromecast™) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\jngkenaoceimiimeokpdbmejeonaaami [2018-09-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-03]
CHR Extension: (Gmail) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-09-03]
CHR Extension: (Chrome Media Router) - C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-03]
CHR Profile: C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\System Profile [2018-12-06]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-11-21] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-03] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-11-21] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-03] (AVAST Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
S3 WSService; C:\Windows\System32\WSService.dll [3460472 2014-11-21] (Microsoft Corporation) [File not signed]
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Ultimate(CPC)\Transfer\DriverInstall.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\Windows\system32\DRIVERS\aftap0901.sys [48624 2018-03-06] (The OpenVPN Project)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201240 2018-11-21] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230344 2018-11-21] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201768 2018-11-21] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346592 2018-11-21] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59496 2018-11-21] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239840 2018-11-26] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46384 2018-11-21] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2018-11-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163208 2018-11-21] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111800 2018-11-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87432 2018-11-21] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028680 2018-11-21] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469272 2018-11-21] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208472 2018-11-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380464 2018-11-21] (AVAST Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-06 20:46 - 2018-12-06 20:49 - 000004011 _____ C:\Users\oldřich\Desktop\Fixlog.txt
2018-12-06 19:03 - 2018-12-06 19:04 - 000026978 _____ C:\Users\oldřich\Desktop\Addition.txt
2018-12-06 19:02 - 2018-12-06 21:50 - 000016293 _____ C:\Users\oldřich\Desktop\FRST.txt
2018-12-06 01:21 - 2018-12-06 01:39 - 336434972 _____ C:\Users\oldřich\Downloads\Kriminálka Miami 03x07 - Vlna zločinu.avi
2018-12-05 22:49 - 2018-12-05 23:11 - 389404528 _____ C:\Users\oldřich\Downloads\Kriminálka Miami 03x06 - Pekelná noc.avi
2018-12-05 22:36 - 2018-12-05 22:40 - 974273526 _____ C:\Users\oldřich\Downloads\857 Ordinace v růžové zahradě 2 - 857.mkv
2018-12-05 22:34 - 2018-12-05 22:49 - 256114422 _____ C:\Users\oldřich\Downloads\Kriminálka Miami 03x05 - Nezákonně.avi
2018-12-05 22:10 - 2018-12-05 22:14 - 434652027 _____ C:\Users\oldřich\Downloads\857 Ordinace v růžové zahradě 2 - 857.mkv.crdownload
2018-12-05 15:46 - 2018-12-05 15:46 - 000000000 ____D C:\AdwCleaner
2018-12-05 15:44 - 2018-12-05 15:44 - 007321808 _____ (Malwarebytes) C:\Users\oldřich\Downloads\adwcleaner_7.2.5.0.exe
2018-12-05 15:44 - 2018-12-05 15:44 - 007321808 _____ (Malwarebytes) C:\Users\oldřich\Desktop\adwcleaner_7.2.5.0.exe
2018-12-05 13:38 - 2018-12-05 13:38 - 000000000 __SHD C:\found.003
2018-12-05 12:34 - 2018-12-05 12:34 - 000025752 _____ C:\Users\oldřich\Downloads\Addition.txt
2018-12-05 12:33 - 2018-12-06 21:49 - 000000000 ____D C:\FRST
2018-12-05 12:33 - 2018-12-05 12:34 - 000037867 _____ C:\Users\oldřich\Downloads\FRST.txt
2018-12-05 12:29 - 2018-12-05 12:29 - 002417152 _____ (Farbar) C:\Users\oldřich\Desktop\FRST64.exe
2018-12-05 12:22 - 2018-12-05 12:22 - 000287904 _____ C:\Windows\Minidump\120518-15578-01.dmp
2018-12-03 19:49 - 2018-12-03 20:10 - 387909423 _____ C:\Users\oldřich\Downloads\Kriminálka Miami 03x04 - Blesková vražda.avi
2018-12-02 23:10 - 2018-12-02 23:39 - 313053114 _____ C:\Users\oldřich\Downloads\Kriminálka Miami 03x03 - Pod vlivem.avi
2018-12-02 21:46 - 2018-12-02 21:46 - 000002316 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-02 21:46 - 2018-12-02 21:46 - 000002275 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-12-02 21:29 - 2018-12-02 21:33 - 880199389 _____ C:\Users\oldřich\Downloads\856 Ordinace v růžové zahradě 2 - 856.mp4
2018-12-01 21:40 - 2018-12-01 21:40 - 000279656 _____ C:\Windows\Minidump\120118-16343-01.dmp
2018-12-01 15:26 - 2018-12-01 15:26 - 001130840 _____ (Google Inc.) C:\Users\oldřich\Downloads\ChromeSetup.exe
2018-11-30 18:42 - 2018-11-30 18:42 - 000287736 _____ C:\Windows\Minidump\113018-15250-01.dmp
2018-11-29 22:38 - 2018-11-29 22:44 - 1305274092 _____ C:\Users\oldřich\Downloads\Ready Player One - Hra zacina (2018 BluRay 720p AC3 - CZ dabing).mkv
2018-11-29 19:52 - 2018-11-29 19:53 - 476377286 _____ C:\Users\oldřich\Downloads\Modrý kód 139-Polibek brouka-28.11.18.avi
2018-11-21 17:59 - 2018-11-21 17:59 - 000279600 _____ C:\Windows\Minidump\112118-22843-01.dmp
2018-11-21 13:23 - 2018-11-21 13:22 - 000378584 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-11-16 18:23 - 2018-11-16 18:24 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2018-11-16 18:23 - 2018-11-16 18:23 - 000001019 _____ C:\Users\oldřich\Desktop\SpeedFan.lnk
2018-11-16 18:23 - 2018-11-16 18:23 - 000000045 _____ C:\Windows\SysWOW64\initdebug.nfo
2018-11-16 18:23 - 2018-11-16 18:23 - 000000000 ____D C:\Users\oldřich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2018-11-16 18:18 - 2018-11-16 18:18 - 000009216 ___SH C:\Users\oldřich\Downloads\Thumbs.db
2018-11-14 12:14 - 2018-10-25 01:54 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2018-11-14 12:14 - 2018-10-25 01:51 - 000121344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2018-11-14 12:14 - 2018-10-25 01:46 - 000205824 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2018-11-14 12:14 - 2018-10-25 01:45 - 000168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2018-11-14 12:14 - 2018-10-18 03:48 - 025737728 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-11-14 12:14 - 2018-10-18 03:17 - 020281344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-11-14 12:14 - 2018-10-16 04:46 - 007371720 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-11-14 12:14 - 2018-10-16 04:39 - 002171800 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2018-11-14 12:14 - 2018-10-16 04:39 - 001662504 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-11-14 12:14 - 2018-10-16 04:39 - 001063368 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2018-11-14 12:14 - 2018-10-16 04:18 - 001137472 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-11-14 12:14 - 2018-10-16 04:02 - 001563584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2018-11-14 12:14 - 2018-10-16 04:02 - 001214920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-11-14 12:14 - 2018-10-12 21:35 - 000862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-11-14 12:14 - 2018-10-12 21:26 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-11-14 12:14 - 2018-10-12 21:25 - 000189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2018-11-14 12:14 - 2018-10-12 21:22 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-11-14 12:14 - 2018-10-12 21:17 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-11-14 12:14 - 2018-10-12 21:16 - 000148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2018-11-14 12:14 - 2018-10-12 21:16 - 000131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2018-11-14 12:14 - 2018-10-12 21:03 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-11-14 12:14 - 2018-10-12 21:00 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-11-14 12:14 - 2018-10-12 20:59 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-11-14 12:14 - 2018-10-12 20:57 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-11-14 12:14 - 2018-10-12 20:56 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-11-14 12:14 - 2018-10-12 20:51 - 000267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2018-11-14 12:14 - 2018-10-12 20:47 - 001049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-11-14 12:14 - 2018-10-12 20:42 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-11-14 12:14 - 2018-10-12 20:38 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-11-14 12:14 - 2018-10-12 20:36 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-11-14 12:14 - 2018-10-12 03:16 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\dispex.dll
2018-11-14 12:14 - 2018-10-12 03:12 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-11-14 12:14 - 2018-10-12 03:10 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-11-14 12:14 - 2018-10-12 03:10 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2018-11-14 12:14 - 2018-10-12 03:01 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-11-14 12:14 - 2018-10-12 02:59 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-11-14 12:14 - 2018-10-12 02:59 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-11-14 12:14 - 2018-10-12 02:58 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2018-11-14 12:14 - 2018-10-12 02:58 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2018-11-14 12:14 - 2018-10-12 02:35 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-11-14 12:14 - 2018-10-12 02:30 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-11-14 12:14 - 2018-10-12 02:27 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-11-14 12:14 - 2018-10-12 02:27 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-11-14 12:14 - 2018-10-12 02:25 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-11-14 12:14 - 2018-10-12 02:19 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-11-14 12:14 - 2018-10-12 02:17 - 000809984 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-11-14 12:14 - 2018-10-12 02:12 - 002882048 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-11-14 12:14 - 2018-10-12 02:06 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-11-14 12:14 - 2018-10-12 01:55 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-11-14 12:14 - 2018-10-06 19:14 - 001547192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-11-14 12:14 - 2018-10-06 19:14 - 000388536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-11-14 12:14 - 2018-10-06 19:04 - 001308976 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-11-14 12:14 - 2018-10-06 19:03 - 000356288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-11-14 12:14 - 2018-10-06 17:48 - 004168192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-11-14 12:14 - 2018-10-06 16:41 - 002465792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2018-11-14 12:14 - 2018-10-06 16:34 - 002175488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2018-11-14 12:14 - 2018-10-06 16:32 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-11-14 12:14 - 2018-09-28 14:38 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2018-11-14 12:14 - 2018-09-28 14:34 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll
2018-11-14 12:14 - 2018-09-23 17:47 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-11-14 12:14 - 2018-09-23 17:45 - 000468992 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2018-11-14 12:14 - 2018-09-23 17:45 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2018-11-14 12:14 - 2018-09-23 17:37 - 000774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-11-14 12:14 - 2018-09-23 17:24 - 003631616 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-11-14 12:14 - 2018-09-23 17:23 - 000391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2018-11-14 12:14 - 2018-09-23 17:23 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2018-11-14 12:14 - 2018-09-23 17:20 - 002750464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2018-11-14 12:14 - 2018-09-23 17:17 - 000699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2018-11-14 12:14 - 2018-09-23 17:00 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2018-11-14 12:14 - 2018-09-23 17:00 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2018-11-14 12:14 - 2018-09-23 16:58 - 000904192 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-11-14 12:14 - 2018-09-23 16:56 - 002551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-11-14 12:14 - 2018-09-23 16:53 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2018-11-14 12:14 - 2018-09-23 16:51 - 001920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2018-11-14 12:14 - 2018-09-23 16:50 - 000709632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2018-11-14 12:14 - 2018-09-12 19:30 - 000137008 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-11-14 12:14 - 2018-09-11 16:30 - 003718144 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-11-14 12:14 - 2018-08-26 04:38 - 001200640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2018-11-14 12:14 - 2018-08-26 04:38 - 000323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2018-11-14 12:14 - 2018-08-26 04:21 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2018-11-14 12:14 - 2018-08-26 04:21 - 000200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2018-11-14 12:14 - 2018-08-26 02:45 - 000513448 _____ C:\Windows\SysWOW64\locale.nls
2018-11-14 12:14 - 2018-08-26 02:45 - 000513448 _____ C:\Windows\system32\locale.nls
2018-11-14 12:14 - 2018-08-21 14:39 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-11-14 12:14 - 2018-08-21 14:35 - 000358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-11-14 12:14 - 2018-08-19 17:22 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-11-14 12:14 - 2018-08-19 16:52 - 001436672 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-11-14 12:14 - 2018-08-19 16:43 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-11-12 22:23 - 2018-11-12 22:26 - 671317184 _____ C:\Users\oldřich\Downloads\31s.cz - Jízda.avi
2018-11-12 22:12 - 2018-11-12 22:22 - 1746258464 _____ C:\Users\oldřich\Downloads\31s.cz - Restart.mkv
2018-11-11 22:31 - 2018-11-11 23:50 - 876217726 _____ C:\Users\oldřich\Downloads\John Wick 1 - Akční 2014 CZdab (dublsoft).mp4
2018-11-07 01:30 - 2018-11-07 01:31 - 002425125 _____ C:\Users\oldřich\Downloads\videoplayback.m4a

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-06 21:47 - 2018-09-03 00:34 - 000003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D300AD43-1DAD-4CA1-BFE2-4610B487236A}
2018-12-06 21:02 - 2018-09-10 22:23 - 000000000 ____D C:\Users\oldřich\AppData\Roaming\Seznam.cz
2018-12-06 20:58 - 2018-09-03 00:33 - 000000000 ___DO C:\Users\oldřich\OneDrive
2018-12-06 20:57 - 2018-09-06 09:40 - 000000000 ____D C:\Users\oldřich\AppData\Local\CrashDumps
2018-12-06 20:56 - 2018-09-27 09:30 - 000033792 ___SH C:\Users\oldřich\Desktop\Thumbs.db
2018-12-06 20:54 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-06 20:52 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-12-06 16:44 - 2018-09-03 00:59 - 000000000 ____D C:\Users\oldřich\AppData\LocalLow\Mozilla
2018-12-06 15:00 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp
2018-12-06 14:13 - 2018-09-03 00:49 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-12-06 14:13 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\NDF
2018-12-06 13:59 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2018-12-06 02:26 - 2018-09-25 18:12 - 000000000 ____D C:\Users\oldřich\AppData\Roaming\vlc
2018-12-05 15:47 - 2018-09-03 00:27 - 000000000 ____D C:\Users\oldřich
2018-12-05 15:45 - 2018-09-05 09:51 - 000030352 _____ C:\Users\oldřich\Desktop\ZOO.ods_0.ods
2018-12-05 12:22 - 2018-09-25 17:47 - 597067036 _____ C:\Windows\MEMORY.DMP
2018-12-05 12:22 - 2018-09-03 14:58 - 000000000 ____D C:\Windows\Minidump
2018-12-04 16:51 - 2018-09-03 00:37 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3829940882-3502807747-84982314-1001
2018-12-03 16:00 - 2014-11-21 05:53 - 001661154 _____ C:\Windows\system32\PerfStringBackup.INI
2018-12-03 16:00 - 2014-11-21 05:10 - 000705162 _____ C:\Windows\system32\perfh005.dat
2018-12-03 16:00 - 2014-11-21 05:10 - 000143922 _____ C:\Windows\system32\perfc005.dat
2018-12-02 21:46 - 2018-09-03 00:37 - 000000000 ____D C:\Program Files (x86)\Google
2018-12-02 21:27 - 2018-09-08 16:36 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2018-12-01 00:43 - 2018-09-05 12:26 - 000835688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-12-01 00:43 - 2018-09-05 12:26 - 000179808 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-30 18:54 - 2018-09-03 00:34 - 000000000 __SHD C:\Users\oldřich\AppData\LocalLow\EmieUserList
2018-11-30 18:54 - 2018-09-03 00:34 - 000000000 __SHD C:\Users\oldřich\AppData\LocalLow\EmieSiteList
2018-11-30 18:54 - 2018-09-03 00:34 - 000000000 __SHD C:\Users\oldřich\AppData\Local\EmieUserList
2018-11-30 18:54 - 2018-09-03 00:34 - 000000000 __SHD C:\Users\oldřich\AppData\Local\EmieSiteList
2018-11-30 18:46 - 2018-09-03 00:49 - 000000000 ____D C:\Users\oldřich\AppData\Local\AVAST Software
2018-11-30 18:32 - 2018-09-19 14:15 - 000002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-11-30 18:32 - 2018-09-07 23:32 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-11-30 18:32 - 2018-09-03 19:27 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-11-30 18:32 - 2018-09-03 01:06 - 000004524 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-11-30 18:32 - 2018-09-03 01:06 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-11-26 17:24 - 2018-09-03 00:48 - 000239840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-11-23 21:46 - 2018-09-03 00:59 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-11-23 21:46 - 2018-09-03 00:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-22 22:57 - 2018-09-03 00:51 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-11-22 22:57 - 2018-09-03 00:51 - 000002406 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-11-21 20:30 - 2018-09-03 00:59 - 000000924 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-11-21 13:22 - 2018-10-23 19:49 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 001028680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000469272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000380464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000346592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000230344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000208472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000201768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000201240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000163208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000111800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000087432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000059496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-11-21 13:22 - 2018-09-03 00:48 - 000046384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-11-20 14:05 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-11-20 14:05 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\Macromed
2018-11-17 23:26 - 2018-09-04 20:36 - 000019593 _____ C:\Users\oldřich\Desktop\POZNÁMKY.odt
2018-11-17 17:32 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\rescache
2018-11-16 18:16 - 2018-09-03 00:43 - 000001322 _____ C:\Users\Public\Desktop\Skype.lnk
2018-11-16 18:16 - 2018-09-03 00:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-11-16 18:14 - 2013-08-22 15:44 - 000387064 _____ C:\Windows\system32\FNTCACHE.DAT
2018-11-16 08:39 - 2018-09-07 23:32 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-11-14 14:41 - 2018-09-05 11:07 - 000000000 ____D C:\Windows\system32\MRT
2018-11-14 14:38 - 2018-09-05 11:07 - 137810048 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-12-03 08:14

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by oldřich (06-12-2018 21:52:09)
Running from C:\Users\oldřich\Desktop
Windows 8.1 (Update) (X64) (2018-09-02 23:27:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3829940882-3502807747-84982314-500 - Administrator - Disabled)
Guest (S-1-5-21-3829940882-3502807747-84982314-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3829940882-3502807747-84982314-1004 - Limited - Enabled)
oldřich (S-1-5-21-3829940882-3502807747-84982314-1001 - Administrator - Enabled) => C:\Users\oldřich

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Airflow 1.0.0-beta6 (HKLM-x32\...\Airflow) (Version: 1.0.0-beta6 - InMethod, s.r.o.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 70.0.917.103 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Eusing Free MP3 Cutter (HKLM-x32\...\Eusing Free MP3 Cutter) (Version: - )
Free AVI to MP4 Converter (32-bit) 1.2 (HKLM-x32\...\{55F62293-FD7F-4CF0-8097-8DE29EF66DC8}_is1) (Version: 1.2 - Jacek Pazera)
Free AVI to MP4 Converter 1.0 (HKLM-x32\...\{756DF96D-E40E-4B52-A53D-036E3D6AAB44}_is1) (Version: - PolySoft Solutions)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 63.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 63.0.3 (x64 cs)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.2 - Mozilla)
MP4 Converter 3 (HKLM-x32\...\MP4 Converter_is1) (Version: - Tomabo)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
Seznam Software (HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Skype verze 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Wondershare AllMyTube(Build 5.0.0.3) (HKLM-x32\...\AllMyTube_is1) (Version: 5.0.0.3 - Wondershare)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
World of Tanks (HKU\S-1-5-21-3829940882-3502807747-84982314-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-21] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-21] (AVAST Software)
ContextMenuHandlers1: [Tomabo.MP4Converter] -> {67A979E9-C5A6-4C0F-B0B7-FB516406FA9E} => C:\Program Files (x86)\Tomabo\MP4 Converter\MP4C_WS.dll [2015-07-21] (Tomabo)
ContextMenuHandlers1: [Tomabo.MP4Player] -> {DA4F8B8B-91CF-43AD-BB0B-B52BF770DA3E} => C:\Program Files (x86)\Tomabo\MP4 Converter\MP4P_WS.dll [2015-07-21] (Tomabo)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-21] (AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-07-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-21] (AVAST Software)
ContextMenuHandlers6: [Tomabo.MP4Converter] -> {67A979E9-C5A6-4C0F-B0B7-FB516406FA9E} => C:\Program Files (x86)\Tomabo\MP4 Converter\MP4C_WS.dll [2015-07-21] (Tomabo)
ContextMenuHandlers6: [Tomabo.MP4Player] -> {DA4F8B8B-91CF-43AD-BB0B-B52BF770DA3E} => C:\Program Files (x86)\Tomabo\MP4 Converter\MP4P_WS.dll [2015-07-21] (Tomabo)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {27A13939-3712-41D3-8559-A2164FE2D9BD} - \{576B81E5-DBBC-464F-82A9-F59EE703EA65} -> No File <==== ATTENTION
Task: {3EF9DA0A-9CB7-44EA-BC3A-1A4E9D6EBC5E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [2018-11-20] (Adobe Systems Incorporated)
Task: {70AB7D3F-CA75-40E0-87CD-035CD8ECEB6A} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-03] (AVAST Software)
Task: {80023563-0D15-4461-9B93-FD382C561ECE} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-21] (AVAST Software)
Task: {9464F744-C473-4B5D-B9B0-6F70B184CB1B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-20] (Adobe Systems Incorporated)
Task: {C06E9B50-1A3E-421B-BDB6-7D11164A26EA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {D0F27F2C-EB1C-4A58-B3E2-529DC8E8F6EC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-08-24] ()
Task: {D7225496-DC29-4F0E-8781-25F0F4D9A7C2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-11-02] (AVAST Software)
Task: {DC4FABA5-1000-4126-B19A-648985510B44} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-03] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2014-07-04 20:33 - 2014-07-04 20:33 - 000214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 000814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 003650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2018-12-02 21:46 - 2018-11-16 06:43 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libglesv2.dll
2018-12-02 21:46 - 2018-11-16 06:43 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libegl.dll
2018-12-03 18:04 - 2018-12-03 18:04 - 031311872 _____ () C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\PepperFlash\32.0.0.101\pepflashplayer.dll
2014-07-04 20:33 - 2014-07-04 20:33 - 000102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2018-09-03 00:49 - 2018-09-03 00:49 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-11-21 13:22 - 2018-11-21 13:22 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-09-03 00:43 - 2018-11-09 19:57 - 001790592 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2018-11-16 18:16 - 2018-11-09 19:57 - 002381152 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\slimcore\bin\skypert.dll
2018-11-16 18:16 - 2018-11-09 19:57 - 000097224 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2018-11-16 18:16 - 2018-11-09 19:57 - 000219080 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\electron-ssid\build\Release\electron-ssid.node
2018-11-16 18:16 - 2018-11-09 19:57 - 000081864 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\desktop-idle\build\Release\desktopIdle.node
2018-09-25 20:41 - 2017-03-23 08:49 - 001506304 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2018-09-25 20:41 - 2016-07-21 09:54 - 000137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2018-09-03 00:43 - 2018-11-09 19:57 - 002723872 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2018-09-03 00:43 - 2018-11-09 19:57 - 000031776 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2018-11-16 18:16 - 2018-11-09 19:57 - 000409544 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
2018-11-16 18:16 - 2018-11-09 19:57 - 000138696 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2018-11-15 18:48 - 000000826 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3829940882-3502807747-84982314-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\oldřich\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img_20160830_155631.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{47C5AFD7-7C06-43C8-AFD3-AEC87A077AA8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{CFF794E6-7114-4EB4-BB0B-8D5BA85C7D62}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1F53F198-0E1B-4497-9449-D048C374D171}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{52506540-54AF-4F52-B705-45AAC61EE65E}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{AF7941E1-8CC3-4CA9-8F8A-A98CC2F26114}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{4CBA44BB-913E-4A62-9437-34AEB2435E27}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{E07B31D8-A8CC-447D-BB5E-1AB61F44B563}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{FCD6E1CD-1C88-4DCC-906C-D4AFAC13DCBD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{1FCF9EC1-0F5E-4CC5-A195-0E653FA1383A}C:\users\oldřich\downloads\odorik.exe] => (Allow) C:\users\oldřich\downloads\odorik.exe
FirewallRules: [UDP Query User{88026E05-3FAF-43EA-A9E4-0B72BE5A23A6}C:\users\oldřich\downloads\odorik.exe] => (Allow) C:\users\oldřich\downloads\odorik.exe
FirewallRules: [TCP Query User{A70CA720-6A6C-49C6-BF6E-1B5E873F48CE}C:\users\oldřich\desktop\odorik.exe] => (Allow) C:\users\oldřich\desktop\odorik.exe
FirewallRules: [UDP Query User{EC0CE601-BECB-4BEA-BD96-54255AA8B2E3}C:\users\oldřich\desktop\odorik.exe] => (Allow) C:\users\oldřich\desktop\odorik.exe
FirewallRules: [TCP Query User{1C3CB269-E00B-4AEB-8443-488241435E57}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{FA8BC68D-75D5-47C4-84B2-41A8F2AEADE0}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{E886934A-CB4A-46CE-91F2-40715C6BF21E}C:\program files (x86)\airflow\airflow.exe] => (Allow) C:\program files (x86)\airflow\airflow.exe
FirewallRules: [UDP Query User{D813C402-7206-4BB8-8D46-741C5CAE19CB}C:\program files (x86)\airflow\airflow.exe] => (Allow) C:\program files (x86)\airflow\airflow.exe
FirewallRules: [{2ECBB3F1-43A8-43C1-A7AA-672DF1295244}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{762DCA34-D993-4D76-98DE-8BF9A97E6592}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{DCB28BAC-2318-4572-A2DC-BC93890F9211}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{6A8F7677-FF92-46A2-B744-CB74C04E1405}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{1208D8A3-A9C1-48AF-B70C-22AF809194FE}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{BD0DE790-3E5E-431E-8E1E-AF96F9A7364B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Tomabo\MP4 Converter\MP4Downloader.exe] => Enabled:MP4 Downloader

==================== Restore Points =========================

27-11-2018 12:59:45 Naplánovaný kontrolní bod
05-12-2018 13:38:13 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/06/2018 09:19:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OLDA)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (12/06/2018 09:19:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OLDA)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (12/06/2018 09:08:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OLDA)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (12/06/2018 09:08:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OLDA)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (12/06/2018 09:08:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OLDA)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (12/06/2018 08:57:35 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program wszndesktop.exe.

Program: wszndesktop.exe
Soubor:

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: 00000000
Typ disku: 0

Error: (12/06/2018 08:57:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wszndesktop.exe, verze: 0.0.0.0, časové razítko: 0x55645b41
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.18895, časové razítko: 0x5a4b127e
Kód výjimky: 0xc000012f
Posun chyby: 0x0009d4e2
ID chybujícího procesu: 0x12e0
Čas spuštění chybující aplikace: 0x01d48d9ddd80098b
Cesta k chybující aplikaci: C:\Users\oldřich\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 2c23b68e-f991-11e8-827f-d43d7e5271ef
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/06/2018 08:55:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OLDA)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (12/06/2018 09:19:31 PM) (Source: DCOM) (EventID: 10001) (User: OLDA)
Description: Nelze spustit server DCOM: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
15612
při provádění příkazu:
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server

Error: (12/06/2018 09:19:31 PM) (Source: DCOM) (EventID: 10001) (User: OLDA)
Description: Nelze spustit server DCOM: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
15612
při provádění příkazu:
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server

Error: (12/06/2018 09:19:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba Windows Store (WSService) byla neočekávaně ukončena. Tento stav nastal již 8krát.

Error: (12/06/2018 09:08:04 PM) (Source: DCOM) (EventID: 10001) (User: OLDA)
Description: Nelze spustit server DCOM: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
15612
při provádění příkazu:
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server

Error: (12/06/2018 09:08:04 PM) (Source: DCOM) (EventID: 10001) (User: OLDA)
Description: Nelze spustit server DCOM: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
15612
při provádění příkazu:
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server

Error: (12/06/2018 09:08:04 PM) (Source: DCOM) (EventID: 10001) (User: OLDA)
Description: Nelze spustit server DCOM: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
15612
při provádění příkazu:
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server

Error: (12/06/2018 09:08:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba Windows Store (WSService) byla neočekávaně ukončena. Tento stav nastal již 7krát.

Error: (12/06/2018 09:01:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba Windows Store (WSService) byla neočekávaně ukončena. Tento stav nastal již 6krát.


Windows Defender:
===================================
Date: 2018-09-03 01:49:17.541
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

CodeIntegrity:
===================================

Date: 2018-12-01 11:34:18.327
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 11:34:18.023
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 11:34:17.755
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 11:34:17.487
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 11:34:17.222
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 11:34:16.925
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 11:34:16.643
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 11:34:16.378
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 55%
Total physical RAM: 8191.18 MB
Available physical RAM: 3671.64 MB
Total Virtual: 16383.18 MB
Available Virtual: 11311.26 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.17 GB) (Free:857.16 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:0.34 GB) (Free:0.31 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: C0B93A2A)
Partition 1: (Not Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=931.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: PC podezření na zavirování.

#12 Příspěvek od Rudy »

Nemusel jste, ale vidím, že je opravdu OK. Nemáte zač a hezký den! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

gold
Návštěvník
Návštěvník
Příspěvky: 36
Registrován: 15 srp 2018 11:28

Re: PC podezření na zavirování.

#13 Příspěvek od gold »

Děkuji za perfektní pomoc.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: PC podezření na zavirování.

#14 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět