Zasekany, zamrzajuci NTB

Zpráva

peter1207 · #1 Příspěvek od **peter1207** » 27 led 2019 20:53

Caute borci, uz milion krat ste mi pomohli obraciam sa teda znova na vas.
Mam jeden win 10 spustil som FRST ale mam obavy, ze sa nam nepodari ani toto, z dovodu zamrzania-lagovania.
Mame nejaky postup pre takyto pripad?

#2 Příspěvek od **Rudy** » 27 led 2019 20:57

Zdravím!
Nastartujte do nouz. režimu a v něm zkuste spustit tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Pokud je ale problém v systému samotném (nikoliv v zaneseném disku) nebude ani toto nic platné.

peter1207 · #3 Příspěvek od **peter1207** » 27 led 2019 21:18

Dakujem, necham bezat frst do rana, tvari sa ze nieco robi, ak to nevyjde budem postupovat podla tohto postupu.
Vdaka.

#4 Příspěvek od **Rudy** » 27 led 2019 21:59

Zatím není zač!

peter1207 · #5 Příspěvek od **peter1207** » 28 led 2019 20:41

EDIT: Dnes teda logy pekne vysli.
Tu su:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2019
Ran by Natália (administrator) on LIUS (28-01-2019 20:48:01)
Running from C:\Users\Natália\Desktop
Loaded Profiles: Natália (Available Profiles: Natália & Administrator)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe
() C:\Users\Natália\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
() C:\Users\Natália\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvMon.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [170848 2013-01-29] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565472 2013-04-22] (TOSHIBA Corporation)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [5349120 2017-03-15] (Crawler Group, LLC)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [5585664 2017-03-15] (Crawler Group, LLC)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-07] (AVAST Software)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [374784 2013-04-19] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [467360 2013-03-08] (TOSHIBA)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-07] (AVAST Software)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Natália\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\...\MountPoints2: {94bb202f-c00e-11e8-8051-7c0507dee9b1} - "F:\autorun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-18] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\Installer\chrmstp.exe [2019-01-16] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Drive Manager Real-Time.lnk [2014-11-20]
ShortcutTarget: Samsung Drive Manager Real-Time.lnk -> C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe (Clarus, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-05-11]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orezávač obrazovky a spúšťač programu OneNote 2007.lnk [2013-12-20]
ShortcutTarget: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2017-08-22]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\webdataworker.hive.lnk [2017-12-08]
ShortcutTarget: webdataworker.hive.lnk -> C:\Users\Natália\AppData\Roaming\webdataworker.hive\ChromeLauncherConsole.bat (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{16510249-74d2-48d0-8e85-30c67c0c2e5c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f350500b-8e76-4ed4-bc90-c7b0b1392a87}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {21856A07-5E74-4354-BC92-A2912CE80CBB} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {33FB04F5-DDB3-43ED-BA8A-B2BE9EE3F766} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {4EE86BDB-6A0C-4F47-B7B5-77E065DB31EC} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {7148E46E-7812-4BB9-A5C7-2BC197BFC4EA} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {722FB13F-8CAC-4F4A-8C2C-FB1495E38532} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {A47320E9-4AFF-46C3-9848-71DBFDCB8994} URL =
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {C4B52922-9D49-43C7-81B9-04F8C212AA86} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {D3AAFF12-4A9F-4BA6-A276-4A3E296987DC} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {DCC8E55A-E88F-4E3F-B6AF-0BDA3651B69F} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {FC9024D8-776C-450D-9B51-9EF2E18F8340} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: No Name -> {82A76710-4F98-4957-92BE-99648A4E2475} -> No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: dilp2dry.default
FF ProfilePath: C:\Users\Natália\AppData\Roaming\Mozilla\Firefox\Profiles\dilp2dry.default [2019-01-27]
FF Homepage: Mozilla\Firefox\Profiles\dilp2dry.default -> hxxps://www.google.com/?bcutc=sp-006
FF NewTab: Mozilla\Firefox\Profiles\dilp2dry.default -> about:newtab
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Natália\AppData\Roaming\Mozilla\Firefox\Profiles\dilp2dry.default\Extensions\sko-extension@firma.seznam.cz [2017-11-01]
FF Extension: (Seznam lištička) - C:\Users\Natália\AppData\Roaming\Mozilla\Firefox\Profiles\dilp2dry.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-11-06] [Legacy]
FF SearchPlugin: C:\Users\Natália\AppData\Roaming\Mozilla\Firefox\Profiles\dilp2dry.default\searchplugins\google-avast.xml [2017-09-06]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3687511350-3683034353-1054481598-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Natália\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP","hxx ... google.sk/"
CHR NewTab: Default -> Not-active:"chrome-extension://bgjpfhpjcgdppjbgnpnjllokbmcdllig/speeddial/html/temporaryNewTab.html", Not-active:"chrome-extension://blmojkbhnkkphngknkmgccmlenfaelkd/speeddial/html/newTab.html"
CHR Profile: C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default [2019-01-28]
CHR Extension: (Crash Bandicoot Online HD) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\aamlbcjbejchalkkingolaibfgkkiinp [2013-11-28]
CHR Extension: (Podporte) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\amaegjccccajmhnbcbeagblpdccimoeh [2016-11-25]
CHR Extension: (Dokumenty) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-30]
CHR Extension: (American Racing 2) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfpfdjclhabpjncikdngdoldjjjegnbe [2014-07-17]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-11-22]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-11-22]
CHR Extension: (YouTube) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Cleanflight - Blackbox Explorer) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahpidddaimdojnddnahjpnefajpheep [2017-10-08]
CHR Extension: (Google Search) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (500px) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\egpociadnldbkfkjpmjoaibnbcoeplja [2014-09-27]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (Murder Files) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijfecbiladpinddbjfodaaiahggomhaf [2016-04-15]
CHR Extension: (Aero Trans Brushed Metal Theme) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkjdfchjlhkgnfjblhclgaliiccalckf [2017-10-25]
CHR Extension: (Eyes - The Horror Game) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\jojpkokphfnjlhbnbcilnhgnkkobkngd [2013-11-28]
CHR Extension: (Betaflight - Configurator) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdaghagfopacdngbohiknlhcocjccjao [2018-08-26]
CHR Extension: (BLHeli - Configurator) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\mejfjggmbnocnfibbibmoogocnjbcjnk [2017-12-27]
CHR Extension: (Video download helper) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkioblodjcgkdailhejgcocjkkoochj [2015-04-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-12]
CHR Extension: (Môj motív prehliadača Chrome) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2015-08-27]
CHR Extension: (Gmail) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-19]
CHR Profile: C:\Users\Natália\AppData\Local\Google\Chrome\User Data\System Profile [2017-07-14]
CHR HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-07] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-07] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-07] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-07] (AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\elevation_service.exe [390552 2019-01-09] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-01-07] (AVAST Software)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51504 2017-01-06] (Dropbox, Inc.)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-05-09] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-03-12] (WildTangent)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [3292416 2017-03-15] (Crawler Group, LLC)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-04-25] (IDT, Inc.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-05-04] (Synaptics Incorporated)
R2 SZDrvSvc; C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [18432 2013-12-18] (Clarus, Inc.) [File not signed]
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [118856 2015-12-01] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37304 2019-01-07] (AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [203488 2019-01-07] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [223056 2019-01-14] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196264 2019-01-07] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320888 2019-01-07] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [58160 2019-01-07] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-07] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239808 2019-01-07] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46584 2019-01-07] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42488 2019-01-07] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166792 2019-01-18] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111992 2019-01-07] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88144 2019-01-07] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034056 2019-01-07] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474648 2019-01-07] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [218056 2019-01-07] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380144 2019-01-07] (AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 mdf16; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [20400 2012-06-21] ()
R3 mvd23; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [99248 2012-06-21] ()
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
S3 qcusbnet; C:\WINDOWS\System32\drivers\qcusbnet.sys [428600 2017-03-15] (QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated)
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-08-13] (Synaptics Incorporated)
R2 sp_rsdrv2; C:\WINDOWS\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-28 20:48 - 2019-01-28 20:48 - 000029916 _____ C:\Users\Natália\Desktop\FRST.txt
2019-01-27 20:45 - 2019-01-27 20:45 - 000000000 ____D C:\FRST
2019-01-27 20:43 - 2019-01-27 20:41 - 002428416 _____ (Farbar) C:\Users\Natália\Desktop\FRST64.exe
2019-01-22 15:18 - 2019-01-22 15:18 - 001552384 _____ C:\Users\Natália\Desktop\Untitled-1.indd
2019-01-14 21:35 - 2019-01-14 21:35 - 000265898 _____ C:\Users\Natália\Desktop\peticia-retaze.pdf
2019-01-14 20:43 - 2019-01-14 20:43 - 000223056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-01-10 21:35 - 2019-01-10 21:35 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsign6c0a9c2ac396e576
2019-01-10 21:34 - 2019-01-10 21:34 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsignc48ad8061161b8e3
2019-01-10 20:29 - 2019-01-10 20:29 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsign1da59be415b21b5a
2019-01-10 20:25 - 2019-01-10 20:25 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsign4e03be346a59b6b3
2019-01-10 20:22 - 2019-01-10 20:22 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsign30ff7eef88a1e4d2
2019-01-10 20:19 - 2019-01-10 20:19 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsigncf4036e74c7f1a9a
2019-01-10 20:19 - 2019-01-10 20:19 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsign4acae5b062d3a8ac
2019-01-10 20:12 - 2019-01-10 20:12 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsign760695021bda30ca
2019-01-10 20:03 - 2019-01-10 20:03 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsign920ff8ed8c70de38
2019-01-10 20:03 - 2019-01-10 20:03 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsign1ee4a82bacf8b79f
2019-01-10 18:43 - 2019-01-10 18:43 - 000010179 _____ C:\Users\Natália\Downloads\ASPSA4 – kópia (2).pdf
2019-01-10 18:42 - 2019-01-10 18:42 - 000010179 _____ C:\Users\Natália\Downloads\ASPSA4 – kópia (1).pdf
2019-01-10 18:40 - 2019-01-10 18:40 - 000010180 _____ C:\Users\Natália\Downloads\ASPSA4 – kópia.pdf
2019-01-10 18:38 - 2019-01-10 18:38 - 000010138 _____ C:\Users\Natália\Downloads\ASPSA4.pdf
2019-01-10 17:27 - 2019-01-10 17:27 - 000213627 _____ C:\Users\Natália\Downloads\blšák2.pdf
2019-01-10 15:54 - 2019-01-10 15:54 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsigncdc8eb3dff9663f1
2019-01-10 15:52 - 2019-01-10 15:52 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsigne151a44481c79052
2019-01-10 15:52 - 2019-01-10 15:52 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsign321047f832ec2617
2019-01-10 15:49 - 2019-01-10 15:49 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsign3cb4cc67d9743ebb
2019-01-10 15:43 - 2019-01-10 15:43 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsign454a5e9ee6fcfb1d
2019-01-10 15:43 - 2019-01-10 15:43 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsign2a410a90c835b1ef
2019-01-10 15:14 - 2019-01-10 15:14 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsigne7d3da6c324b3943
2019-01-10 15:14 - 2019-01-10 15:14 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsignbcdbaec960042db2
2019-01-09 18:22 - 2019-01-09 18:22 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsign554e300f530328d3
2019-01-09 18:08 - 2019-01-09 18:08 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsign8e0e6446a5d000db
2019-01-09 18:04 - 2019-01-09 18:04 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsign6faffb7adc92a313
2019-01-09 18:03 - 2019-01-09 18:03 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsignf1843d17637f0484
2019-01-09 18:03 - 2019-01-09 18:03 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsign8650187960bba091
2019-01-09 17:57 - 2019-01-09 17:57 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsign345a5b219f89e69b
2019-01-09 17:50 - 2019-01-09 17:50 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsignd4b82208ee4e1a89
2019-01-09 17:50 - 2019-01-09 17:50 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsign5581885e720f77c8
2019-01-09 17:50 - 2019-01-09 17:50 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsign3520a537fb0a057e
2019-01-09 17:47 - 2019-01-09 17:47 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsignf3e98159c1166065
2019-01-09 17:47 - 2019-01-09 17:47 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsignb80212aee187c013
2019-01-09 17:47 - 2019-01-09 17:47 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsign6cd5f94efffc22db
2019-01-09 17:44 - 2019-01-09 17:44 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsignbf71fe8c426a6f54
2019-01-09 17:42 - 2019-01-09 17:42 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsignc0da1d0cc924e586
2019-01-09 17:42 - 2019-01-09 17:42 - 000000000 ____D C:\Users\Natália\AppData\Local\Tempzxpsign12163429ac3f3384
2019-01-09 15:24 - 2019-01-07 18:25 - 000361352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-01-09 15:12 - 2019-01-09 15:12 - 000012814 _____ C:\Users\Natália\Downloads\ASPSA4 (1).pdf
2019-01-09 15:07 - 2019-01-09 15:07 - 000030502 _____ C:\Users\Natália\Downloads\blšák2 (1).pdf
2019-01-09 14:24 - 2019-01-09 14:24 - 000012556 _____ C:\Users\Natália\Downloads\ASPSA (2).pdf
2019-01-09 14:10 - 2019-01-09 14:10 - 000009952 _____ C:\Users\Natália\Downloads\ASPSA (1).pdf
2019-01-09 13:32 - 2019-01-27 21:07 - 000000000 _____ C:\WINDOWS\system32\last.dump
2019-01-08 21:14 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-08 21:14 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-08 21:14 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-08 21:14 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-08 21:14 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-08 21:14 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-08 21:14 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-08 21:13 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-08 21:13 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-08 21:13 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-08 21:13 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-08 21:13 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-08 21:13 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-08 21:13 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-08 21:13 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-08 21:13 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-08 21:13 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-08 21:13 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-08 21:13 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-08 21:13 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-08 21:13 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-08 21:13 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-08 21:13 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-08 21:13 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-08 21:13 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-08 21:13 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-08 21:13 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-08 21:13 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-08 21:13 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-08 21:13 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-08 21:13 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-08 21:13 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-08 21:13 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-08 21:13 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-08 21:13 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-08 21:13 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-08 21:13 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-08 21:13 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-08 21:13 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-08 21:13 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-08 21:13 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-08 21:13 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-08 21:13 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-08 21:13 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-08 21:13 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-08 21:13 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-08 21:13 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-08 21:13 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-08 21:13 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-08 21:13 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-08 21:13 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-08 21:13 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-08 21:13 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-08 21:13 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-08 21:13 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-08 21:13 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-08 21:13 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-08 21:13 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-08 21:13 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-08 21:13 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-08 21:13 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-08 21:13 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-08 21:13 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-08 21:13 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-08 21:13 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-08 21:12 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-08 21:12 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-08 21:12 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-08 21:12 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-08 21:12 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-08 21:12 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-08 21:12 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-08 21:12 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-08 21:12 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-08 21:12 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-08 21:12 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-08 21:12 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-08 21:12 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-08 21:12 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-08 21:12 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-08 21:12 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-08 21:12 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-08 21:12 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-08 21:12 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-08 21:12 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-08 21:12 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-08 21:12 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-07 18:27 - 2019-01-07 18:25 - 000320888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-01-07 18:27 - 2019-01-07 18:25 - 000196264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-01-07 18:27 - 2019-01-07 18:25 - 000058160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-01-07 18:27 - 2019-01-07 18:25 - 000037304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-01-06 22:18 - 2019-01-06 22:18 - 000000000 ____D C:\Users\Natália\AppData\Local\Clarus

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-28 20:34 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-28 20:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-28 20:33 - 2018-06-12 21:05 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-01-28 20:32 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-28 20:32 - 2016-03-30 23:52 - 000000000 ____D C:\Users\Natália\AppData\Local\CrashDumps
2019-01-28 20:30 - 2018-06-12 20:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-28 20:30 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-28 02:17 - 2018-07-09 19:57 - 000000000 ____D C:\ProgramData\Packages
2019-01-28 01:48 - 2015-05-12 00:18 - 000000000 ____D C:\Users\Natália\AppData\Local\ElevatedDiagnostics
2019-01-27 20:40 - 2018-06-12 20:43 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-27 20:40 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-27 20:38 - 2017-12-13 11:56 - 000000000 ____D C:\Users\Natália\AppData\Local\AVAST Software
2019-01-27 20:36 - 2015-08-13 11:27 - 000000000 __SHD C:\Users\Natália\IntelGraphicsProfiles
2019-01-27 20:35 - 2018-06-12 21:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-27 12:57 - 2018-06-12 21:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-01-27 12:56 - 2018-06-12 21:05 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-27 12:56 - 2018-06-12 21:05 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-27 12:54 - 2018-06-12 21:05 - 000002862 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-rechtorikovalia@gmail.com
2019-01-27 12:27 - 2014-12-03 20:40 - 000000000 ____D C:\Users\Natália\AppData\Local\Adobe
2019-01-21 16:46 - 2016-03-14 22:54 - 000000020 ____H C:\ProgramData\PKP_DLet.DAT
2019-01-18 19:28 - 2015-01-06 01:09 - 000166792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-01-18 14:18 - 2018-11-15 23:54 - 000000000 ____D C:\Program Files\rempl
2019-01-16 16:45 - 2018-06-07 14:17 - 000002509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-01-16 16:45 - 2018-06-07 14:17 - 000002474 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-01-10 16:06 - 2013-10-11 19:25 - 000000000 ____D C:\Users\Natália\Documents\SavedGames
2019-01-10 15:33 - 2018-06-12 20:23 - 000000000 ____D C:\Users\Natália
2019-01-10 15:02 - 2018-06-12 20:23 - 000000000 ____D C:\Users\Administrator
2019-01-09 15:26 - 2018-07-14 22:11 - 000002099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-01-09 15:26 - 2018-07-14 22:11 - 000002087 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-01-09 15:24 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-01-09 15:19 - 2018-04-11 22:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2019-01-09 12:57 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-09 12:57 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-08 23:09 - 2013-11-20 19:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-08 23:01 - 2013-11-20 19:07 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-07 18:25 - 2018-10-29 10:29 - 000042488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-01-07 18:25 - 2018-07-14 22:09 - 000239808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-01-07 18:25 - 2018-07-14 22:09 - 000015488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-01-07 18:25 - 2017-11-17 17:14 - 000203488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-01-07 18:25 - 2015-01-06 18:58 - 000046584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2019-01-07 18:25 - 2015-01-06 01:09 - 001034056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-01-07 18:25 - 2015-01-06 01:09 - 000474648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-01-07 18:25 - 2015-01-06 01:09 - 000380144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-01-07 18:25 - 2015-01-06 01:09 - 000218056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-01-07 18:25 - 2015-01-06 01:09 - 000111992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-01-07 18:25 - 2015-01-06 01:09 - 000088144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-01-06 11:39 - 2014-04-18 20:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-01-04 00:01 - 2017-12-14 20:23 - 000000000 ____D C:\Users\Natália\AppData\Local\Packages
2019-01-03 23:50 - 2015-06-16 22:11 - 000000000 ____D C:\Users\Natália\EasternGraphics
2019-01-03 23:50 - 2015-06-16 22:11 - 000000000 ____D C:\Program Files (x86)\EasternGraphics
2019-01-02 20:41 - 2018-09-22 12:12 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-09-22 12:12 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-30 19:28 - 2018-06-12 20:16 - 005177400 _____ C:\WINDOWS\system32\FNTCACHE.DAT

==================== Files in the root of some directories =======

2014-12-04 00:27 - 2015-03-27 14:33 - 000000033 _____ () C:\Users\Natália\AppData\Roaming\AdobeWLCMCache.dat
2016-03-14 22:54 - 2016-03-14 22:54 - 000000268 ___RH () C:\Users\Natália\AppData\Roaming\Application Support
2016-03-14 22:56 - 2016-03-14 22:56 - 000000268 ___RH () C:\Users\Natália\AppData\Roaming\Applications
2016-03-14 22:54 - 2016-03-14 22:54 - 000000268 ___RH () C:\Users\Natália\AppData\Roaming\Audio
2016-03-14 22:53 - 2016-03-14 22:53 - 000000268 ___RH () C:\Users\Natália\AppData\Roaming\Bass Amp

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-12 20:16

==================== End of FRST.txt ============================

A ADITION:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2019
Ran by Natália (28-01-2019 20:49:33)
Running from C:\Users\Natália\Desktop
Windows 10 Home Version 1803 17134.523 (X64) (2018-06-12 20:07:36)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3687511350-3683034353-1054481598-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3687511350-3683034353-1054481598-503 - Limited - Disabled)
Guest (S-1-5-21-3687511350-3683034353-1054481598-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3687511350-3683034353-1054481598-1005 - Limited - Enabled)
Natália (S-1-5-21-3687511350-3683034353-1054481598-1001 - Administrator - Enabled) => C:\Users\Natália
WDAGUtilityAccount (S-1-5-21-3687511350-3683034353-1054481598-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

«The Sims 3 Deluxe Edition» (build 10.2) (HKLM-x32\...\«The Sims 3 Deluxe Edition»_is1) (Version: - R.G. Catalyst)
4Media MP4 to MP3 Converter 6 (HKLM-x32\...\4Media MP4 to MP3 Converter 6) (Version: 6.8.0.1101 - 4Media)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2014 (HKLM-x32\...\{CCDCB9C4-72BA-1014-A3F8-D123F2F18BC2}) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.0.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_HOMESTUDENTR_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_HOMESTUDENTR_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_HOMESTUDENTR_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
Alcor Micro USB Card Reader (HKLM-x32\...\{C90340A9-F592-4164-9480-FCE488C4BFF6}) (Version: 4.7.1245.73473 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.7.1245.73473 - Alcor Micro Corp.)
Aloha TriPeaks (HKLM-x32\...\WTA-3e72695b-94c9-4644-a97a-0a1db8920f9b) (Version: 2.2.0.98 - WildTangent) Hidden
Atheros Bluetooth Filter Driver Package (HKLM\...\{026B819B-4D60-4C8B-892D-33A0D8666F60}) (Version: 2.0.0.9 - Qualcomm Atheros)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 71.0.1037.98 - AVAST Software)
Bejeweled 3 (HKLM-x32\...\WTA-f38e5aac-e7d9-46ef-af66-e45e00661019) (Version: 2.2.0.98 - WildTangent) Hidden
DTS Sound (HKLM-x32\...\{F8EB8FFC-C535-49A1-A84D-CC75CB2D6ADA}) (Version: 1.00.0071 - DTS, Inc.)
EGR-ShellExtension (HKLM-x32\...\EGR-ShellExtension) (Version: 1.2.0.100 - EasternGraphics)
Empress of the Deep - The Darkest Secret (HKLM-x32\...\WTA-05294dd7-2c72-489e-ba5c-822303442f93) (Version: 2.2.0.98 - WildTangent) Hidden
Free YouTube Download version 3.2.49.1122 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.49.1122 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Chuzzle Deluxe (HKLM-x32\...\WTA-635d8579-5188-4815-9c6d-0a14089f01f5) (Version: 2.2.0.95 - WildTangent) Hidden
IDT Audio Driver (HKLM\...\{11424B27-C16B-4505-9667-82A10AD1B1DC}) (Version: 6.10.6472.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Island Tribe (HKLM-x32\...\WTA-fefc7e9a-150e-4ff2-af5f-f0f90cae1dd8) (Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Solitaire 2 (HKLM-x32\...\WTA-4ec7defd-ddea-4d88-988a-825db86c6672) (Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-76fa82c9-9fa7-462a-bfb5-95c3e1a842d1) (Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\...\OneDriveSetup.exe) (Version: 18.212.1021.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.6.0 - Nikon)
OpenOffice 4.0.1 (HKLM-x32\...\{A00F439C-600D-4220-96CF-C6F1F8C32633}) (Version: 4.01.9714 - Apache Software Foundation)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Peggle Nights (HKLM-x32\...\WTA-cff5d533-792e-4307-a1a9-f5164c681c8e) (Version: 2.2.0.98 - WildTangent) Hidden
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.7 - Nikon)
Pixie 1.4.1 (HKLM-x32\...\Pixie_is1) (Version: 1.4.1 - Pixie Developers)
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-01834b92-7f96-4fd5-ace4-01a6e82d464e) (Version: 2.2.0.98 - WildTangent) Hidden
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Polar Bowler (HKLM-x32\...\WTA-e2a37025-f909-4fc7-80cd-c790eeb2699c) (Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Samplitude 11 (HKLM-x32\...\{AE0009FD-8F50-4565-835D-4432BD18D792}) (Version: 11.0.1.0 - MAGIX AG)
Samsung Drive Manager (HKLM-x32\...\{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}) (Version: 1.0.172 - Clarus, Inc.)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\...\SeznamInstall) (Version: - Seznam.cz)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.101 - Crawler Group)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.63.4 - Electronic Arts)
The Sims™ 3 Diesel Каталог (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Katy Perry Сладкие радости (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
The Sims™ 3 В сумерках (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
The Sims™ 3 Вперед в будущее (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Времена года (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Все возрасты (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Городская жизнь Каталог (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 Изысканная спальня Каталог (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Карьера (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.10.1 - Electronic Arts)
The Sims™ 3 Кино Каталог (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
The Sims™ 3 Мир приключений (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.9.10 - Electronic Arts)
The Sims™ 3 Отдых на природе Каталог (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.3.2 - Electronic Arts)
The Sims™ 3 Питомцы (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Райские острова (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Сверхъестественное (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Скоростной режим Каталог (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.8.1 - Electronic Arts)
The Sims™ 3 Современная роскошь Каталог (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.9.6 - Electronic Arts)
The Sims™ 3 Стильные 70-е, 80-е, 90-е Каталог (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims™ 3 Студенческая жизнь (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 Шоу-бизнес (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
TOSHIBA Battery Check Utility (HKLM-x32\...\{5468E297-7EF8-4CB3-A091-F8714147793F}) (Version: 1.00.01.01 - Toshiba Corporation)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.01.02.6405 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{B6619F14-F766-4000-BC8A-522D4CC4E44F}) (Version: 1.0.4.5 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.3.6403 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6630.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.342 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.02.6402 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.0.01.55004008 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.6.0 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{6499E894-43F8-458B-AE35-724F4732BCDE}) (Version: 2.5.6 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0020 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0007.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.9.2 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.5.59 - Toshiba Corporation)
Unity Web Player (HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
UpdateChecker (HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\...\Popajar, inc UpdateChecker) (Version: - Popajar, inc) <==== ATTENTION
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.6.0 - Nikon)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WTA-b68d28f6-a11d-4ef9-807b-1aab299f9e21) (Version: 2.2.0.98 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba) (Version: 4.0.11.7 - WildTangent) Hidden
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-84A32220054A}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001_Classes\CLSID\{DEDBE4C9-9E87-40C5-B437-9AAB7EB9C667}\InprocServer32 -> C:\Program Files (x86)\EasternGraphics\EGR-ShellExtension\Win64\egr_se.dll (EasternGraphics)
CustomCLSID: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software)
ContextMenuHandlers1: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2015-01-26] (Crawler Group)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software)
ContextMenuHandlers3: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2015-01-26] (Crawler Group)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software)
ContextMenuHandlers6: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2015-01-26] (Crawler Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04C572CF-9A6D-432C-9804-1C6ABC41EE5D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-07] (AVAST Software)
Task: {0B1D1EB1-0280-491D-85A2-2170ADD846C2} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-rechtorikovalia@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13] (Adobe Systems, Incorporated)
Task: {0C0F79AC-4E9A-4F4E-8D44-70339C138943} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {1023B62F-BD69-428C-89DE-4F9DE56A039D} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2015-12-01] (Toshiba Europe GmbH)
Task: {1CB61E57-2609-4F2D-A7D9-73D578405BAE} - \WPD\SqmUpload_S-1-5-21-3687511350-3683034353-1054481598-1001 -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {37829A2A-3A45-476F-A636-D86135FCBC61} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-07] (AVAST Software)
Task: {37C1E869-8C79-4117-B9B7-9CB2C7FA100D} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {40E7FF5B-A5D8-4FCA-8CEE-D99DD764730A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4631E4B4-731A-46CC-A9ED-E0E6DCDFB515} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {5A644B9A-4259-4EB3-9463-72F463949207} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5CBBB79A-E7D4-415E-9AE3-134C672389B2} - System32\Tasks\CLARUS_DRIVE_MANAGER\Clarus_Drive_Manager => C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe [2013-12-18] (Clarus, Inc.)
Task: {5E9FFA19-86F8-4FB5-96A5-E02600388853} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-07] (AVAST Software)
Task: {610AC0F9-04D6-4793-9AF6-E097B6BCFB73} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6665E335-FB06-473C-9D35-A1A231466632} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {789D730C-E5C6-4ACF-8C5F-F3F93FD0D2AF} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-03-19] (TOSHIBA Corporation)
Task: {8528FDDA-34F3-4692-B64E-0E100E1CBA1A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-16] (AVAST Software)
Task: {8D4699A5-46A8-4444-B799-ED1115869F02} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {A454920A-978E-4EA1-9175-94B5D6014A30} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A57BA5D7-4C6F-4BC0-8D74-5D54A4606BFB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A82CA6E3-05F8-4A59-9679-15B2F1F0EB28} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B280BDB0-A1ED-49F2-B980-B0D5AC45A88F} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe
Task: {B62D5352-9491-464A-AFD9-E7263304ECCD} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {B6A3A57C-80FC-4440-A94A-799BFEE18B47} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3687511350-3683034353-1054481598-1001 -> No File <==== ATTENTION
Task: {BC5ECA5C-31F9-4B6C-A6E8-6B6A4A4AAA3E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C0E218EA-F4C9-43A1-B6FF-D85C5B6ACA0A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2019-01-08] (Microsoft Corporation)
Task: {D529C7A5-80F6-40A7-9AD3-984F30A1D770} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2017-05-04] (Synaptics Incorporated)
Task: {DA5EE912-C40F-48C3-B3EF-6A5C6B7F2310} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-rechtorikovalia@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {E3055C20-FB41-4611-8E3E-DB6EAE2CF43D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {EAFB8C92-A0BA-4B30-A4AF-B2CFA608B88F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F402F299-360A-4CFC-9FDA-43FF9B6DCFEE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F484DE14-2523-4437-A79D-04C424BAFAAA} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {F83EE903-6B97-4415-9FE5-F317842DC44F} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {FCE4FD6E-2EAC-48B8-B6C0-E77320286CE8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\webdataworker.hive.lnk -> C:\Users\Natália\AppData\Roaming\webdataworker.hive\ChromeLauncherConsole.bat (No File)
Shortcut: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com

ShortcutWithArgument: C:\Users\Natália\Documents\dokument\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\500px.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=egpociadnldbkfkjpmjoaibnbcoeplja
ShortcutWithArgument: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Betaflight - Configurator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kdaghagfopacdngbohiknlhcocjccjao
ShortcutWithArgument: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\BLHeli - Configurator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=mejfjggmbnocnfibbibmoogocnjbcjnk
ShortcutWithArgument: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Cleanflight - Blackbox Explorer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cahpidddaimdojnddnahjpnefajpheep
ShortcutWithArgument: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Murder Files.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ijfecbiladpinddbjfodaaiahggomhaf

==================== Loaded Modules (Whitelisted) ==============

2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2013-03-27 22:53 - 2013-03-27 22:53 - 000163168 _____ () C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
2013-05-09 17:49 - 2013-05-09 17:49 - 000016720 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2018-04-12 11:31 - 2017-11-13 15:46 - 000092368 _____ () C:\Users\Natália\AppData\Roaming\Seznam.cz\bin\6825libfoxloader-x64.dll
2018-11-20 04:46 - 2018-11-20 04:46 - 004310296 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-13 10:45 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-08 21:13 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-01-22 22:24 - 2019-01-22 22:24 - 028012544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-01-22 22:24 - 2019-01-22 22:24 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-01 11:54 - 2017-12-01 11:54 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-28 20:28 - 2018-11-28 20:29 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-22 22:24 - 2019-01-22 22:24 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-01-22 22:24 - 2019-01-22 22:24 - 009388544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2012-07-19 02:38 - 2012-07-19 02:38 - 000020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2019-01-07 18:25 - 2019-01-07 18:25 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-07 18:25 - 2019-01-07 18:25 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-11-01 10:56 - 2017-11-13 15:38 - 000506064 _____ () C:\Users\Natália\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2016-03-24 18:39 - 2017-02-08 12:39 - 000080576 _____ () C:\Users\Natália\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2019-01-15 19:04 - 2019-01-15 19:04 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-01-15 19:04 - 2019-01-15 19:04 - 065903104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-04 12:01 - 2017-10-04 12:02 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-01-15 19:04 - 2019-01-15 19:04 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-11-18 01:05 - 2018-11-18 01:06 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-11-18 01:05 - 2018-11-18 01:06 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-18 23:49 - 2018-08-18 23:50 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-18 23:49 - 2018-08-18 23:50 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-04-05 08:52 - 2018-04-05 08:53 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2019-01-15 19:04 - 2019-01-15 19:04 - 014186496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-18 01:05 - 2018-11-18 01:06 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2019-01-15 19:04 - 2019-01-15 19:04 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-28 22:43 - 2018-08-28 22:44 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-26 23:12 - 2018-07-26 23:13 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-04 11:50 - 2018-10-04 11:51 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-12-13 01:00 - 2018-12-13 01:00 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-12-13 01:00 - 2018-12-13 01:00 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-12-13 01:00 - 2018-12-13 01:00 - 010927616 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-12-13 01:00 - 2018-12-13 01:00 - 002916864 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\skypert.dll
2018-12-13 01:00 - 2018-12-13 01:00 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-07-10 22:35 - 2018-06-15 18:30 - 001308672 _____ () C:\WINDOWS\system32\FaceProcessor.dll
2018-07-10 22:34 - 2018-06-15 18:55 - 000542888 _____ () C:\WINDOWS\system32\FaceProcessorCore.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 001348664 _____ () C:\WINDOWS\system32\FaceTrackerInternal.dll
2017-11-24 12:31 - 2017-11-13 15:49 - 000085200 _____ () C:\Users\Natália\AppData\Roaming\Seznam.cz\bin\23518libfoxloader.dll
2016-03-24 18:39 - 2018-02-21 10:36 - 000869584 _____ () C:\Users\Natália\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2013-07-09 09:10 - 2012-07-18 14:55 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2019-01-06 00:40 - 000000832 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;%PIXIEHOME%\bin;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Natália\Pictures\Saved Pictures\Untitled Export\DSC_0077.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A9153843-0F95-414C-A481-2C5919788E5C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe No File
FirewallRules: [{3554E0CF-2A0A-42E5-BEF5-2AC4471A2E23}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe No File
FirewallRules: [{CB41DAB7-AE40-4A15-8D55-9B634C55041F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe No File
FirewallRules: [{083A824B-A3C8-432D-A5E0-81A0C2B18E1B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe No File
FirewallRules: [{BE4955AB-4E76-4643-99FC-311507109EDC}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe (Crawler Group, LLC)
FirewallRules: [{E5DD4BB3-14F7-4795-9DF4-0742B094361D}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe (Crawler Group, LLC)
FirewallRules: [{19D1FF24-128C-4CCC-9420-03040436C141}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler Group, LLC)
FirewallRules: [{D2306DFC-DAF0-4564-AC50-38481F4CE732}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler Group, LLC)
FirewallRules: [{9E781068-6C43-45DA-8FDB-871ADFABE0EA}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File
FirewallRules: [{A5E26967-D3A8-4FC6-8D2E-B916AF314C30}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File
FirewallRules: [TCP Query User{60EF2F82-FE44-4764-A296-D2BC60B9F638}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Allow) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe (Crawler Group, LLC)
FirewallRules: [UDP Query User{0C33FF42-6F4C-4912-B053-5BD32FB6DE2B}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Allow) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe (Crawler Group, LLC)
FirewallRules: [{C99BE42F-8F63-4E98-B75C-4B13BCC8B802}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{5D5DB7EA-ED7C-4CF9-BABA-D944A7C19D55}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{3E433523-E8A9-41ED-B590-77A5253E0E9D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{4EE87C2A-6B10-4B95-A330-75912F33243D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{A94335A6-F81D-49D1-8136-05D61E25915C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{EA8D03D3-2A4E-4452-B366-6E4B7B8877AD}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{9EFC4D99-0037-4A46-AAD1-B7B439007968}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software)

==================== Restore Points =========================

09-01-2019 13:32:15 Windows Update
18-01-2019 14:15:22 Windows Update
28-01-2019 02:19:15 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/28/2019 08:42:44 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (01/28/2019 08:33:43 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (01/28/2019 08:32:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.17134.1, time stamp: 0xcb43d9c5
Faulting module name: twinapi.appcore.dll, version: 10.0.17134.137, time stamp: 0xb5d50228
Exception code: 0xc000027b
Fault offset: 0x000000000009cad5
Faulting process id: 0x2c2c
Faulting application start time: 0x01d4b73ff097c0be
Faulting application path: C:\WINDOWS\system32\backgroundTaskHost.exe
Faulting module path: C:\Windows\System32\twinapi.appcore.dll
Report Id: a1815121-b7d7-41ef-94d0-e7eac86ced69
Faulting package full name: 39976Virblue.MyStudyLife_4.0.7.0_x64__pa3njxwv09jym
Faulting package-relative application ID: App

Error: (01/28/2019 08:32:38 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (01/28/2019 07:21:35 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (01/28/2019 06:42:05 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (01/28/2019 06:21:35 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (01/28/2019 05:42:06 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

System errors:
=============
Error: (01/28/2019 08:43:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/28/2019 08:41:28 PM) (Source: DCOM) (EventID: 10016) (User: LIUS)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LIUS\Natália SID (S-1-5-21-3687511350-3683034353-1054481598-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/28/2019 08:35:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.

Error: (01/28/2019 03:35:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/28/2019 02:17:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.

Error: (01/28/2019 01:48:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/28/2019 12:37:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Client License Service (ClipSVC) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (01/28/2019 12:37:58 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Client License Service (ClipSVC) service to connect.

Windows Defender:
===================================
Date: 2019-01-09 13:39:14.459
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.267.1067.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14800.3
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:
===================================

Date: 2019-01-27 20:35:33.062
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-01-27 20:35:31.687
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-01-27 20:35:31.421
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-01-27 12:23:58.158
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-01-27 12:23:57.474
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-01-27 12:23:57.200
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-01-23 17:34:37.344
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-01-23 17:34:35.440
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 53%
Total physical RAM: 3971.27 MB
Available physical RAM: 1855.07 MB
Total Virtual: 7727.98 MB
Available Virtual: 5032.27 MB

==================== Drives ================================

Drive c: (TI31126000A) (Fixed) (Total:452.43 GB) (Free:49.45 GB) NTFS
Drive d: () (Fixed) (Total:0.83 GB) (Free:0.3 GB) NTFS

\\?\Volume{6783c945-cecb-11e2-ba98-c9bc3f2b6557}\ (System) (Fixed) (Total:1 GB) (Free:0.64 GB) NTFS
\\?\Volume{2c265cf9-98f4-4f9a-bac5-d45a4d9b75d5}\ () (Fixed) (Total:0.34 GB) (Free:0.31 GB) NTFS
\\?\Volume{5bec1266-371c-4bab-9694-e507fbe12fa5}\ (Recovery) (Fixed) (Total:10.78 GB) (Free:0.85 GB) NTFS
\\?\Volume{6783c94d-cecb-11e2-ba98-c9bc3f2b6557}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

#6 Příspěvek od **Rudy** » 28 led 2019 21:19

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\...\MountPoints2: {94bb202f-c00e-11e8-8051-7c0507dee9b1} - "F:\autorun.exe"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {82A76710-4F98-4957-92BE-99648A4E2475} -> No File
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP","hxx ... google.sk/"
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {1CB61E57-2609-4F2D-A7D9-73D578405BAE} - \WPD\SqmUpload_S-1-5-21-3687511350-3683034353-1054481598-1001 -> No File <==== ATTENTION
Task: {40E7FF5B-A5D8-4FCA-8CEE-D99DD764730A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4631E4B4-731A-46CC-A9ED-E0E6DCDFB515} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {5A644B9A-4259-4EB3-9463-72F463949207} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {610AC0F9-04D6-4793-9AF6-E097B6BCFB73} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6665E335-FB06-473C-9D35-A1A231466632} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8D4699A5-46A8-4444-B799-ED1115869F02} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {A454920A-978E-4EA1-9175-94B5D6014A30} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A57BA5D7-4C6F-4BC0-8D74-5D54A4606BFB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A82CA6E3-05F8-4A59-9679-15B2F1F0EB28} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B62D5352-9491-464A-AFD9-E7263304ECCD} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {B6A3A57C-80FC-4440-A94A-799BFEE18B47} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3687511350-3683034353-1054481598-1001 -> No File <==== ATTENTION
Task: {BC5ECA5C-31F9-4B6C-A6E8-6B6A4A4AAA3E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E3055C20-FB41-4611-8E3E-DB6EAE2CF43D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {EAFB8C92-A0BA-4B30-A4AF-B2CFA608B88F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F402F299-360A-4CFC-9FDA-43FF9B6DCFEE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F83EE903-6B97-4415-9FE5-F317842DC44F} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {FCE4FD6E-2EAC-48B8-B6C0-E77320286CE8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{A9153843-0F95-414C-A481-2C5919788E5C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe No File
FirewallRules: [{3554E0CF-2A0A-42E5-BEF5-2AC4471A2E23}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe No File
FirewallRules: [{CB41DAB7-AE40-4A15-8D55-9B634C55041F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe No File
FirewallRules: [{083A824B-A3C8-432D-A5E0-81A0C2B18E1B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe No File
FirewallRules: [{9E781068-6C43-45DA-8FDB-871ADFABE0EA}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File
FirewallRules: [{A5E26967-D3A8-4FC6-8D2E-B916AF314C30}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

peter1207 · #7 Příspěvek od **peter1207** » 28 led 2019 22:05

Fix result of Farbar Recovery Scan Tool (x64) Version: 27.01.2019
Ran by Natália (28-01-2019 21:51:12) Run:1
Running from C:\Users\Natália\Desktop
Loaded Profiles: Natália (Available Profiles: Natália & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\...\MountPoints2: {94bb202f-c00e-11e8-8051-7c0507dee9b1} - "F:\autorun.exe"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {82A76710-4F98-4957-92BE-99648A4E2475} -> No File
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP","hxx ... google.sk/"
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {1CB61E57-2609-4F2D-A7D9-73D578405BAE} - \WPD\SqmUpload_S-1-5-21-3687511350-3683034353-1054481598-1001 -> No File <==== ATTENTION
Task: {40E7FF5B-A5D8-4FCA-8CEE-D99DD764730A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4631E4B4-731A-46CC-A9ED-E0E6DCDFB515} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {5A644B9A-4259-4EB3-9463-72F463949207} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {610AC0F9-04D6-4793-9AF6-E097B6BCFB73} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6665E335-FB06-473C-9D35-A1A231466632} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8D4699A5-46A8-4444-B799-ED1115869F02} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {A454920A-978E-4EA1-9175-94B5D6014A30} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A57BA5D7-4C6F-4BC0-8D74-5D54A4606BFB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A82CA6E3-05F8-4A59-9679-15B2F1F0EB28} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B62D5352-9491-464A-AFD9-E7263304ECCD} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {B6A3A57C-80FC-4440-A94A-799BFEE18B47} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3687511350-3683034353-1054481598-1001 -> No File <==== ATTENTION
Task: {BC5ECA5C-31F9-4B6C-A6E8-6B6A4A4AAA3E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E3055C20-FB41-4611-8E3E-DB6EAE2CF43D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {EAFB8C92-A0BA-4B30-A4AF-B2CFA608B88F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F402F299-360A-4CFC-9FDA-43FF9B6DCFEE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F83EE903-6B97-4415-9FE5-F317842DC44F} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {FCE4FD6E-2EAC-48B8-B6C0-E77320286CE8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{A9153843-0F95-414C-A481-2C5919788E5C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe No File
FirewallRules: [{3554E0CF-2A0A-42E5-BEF5-2AC4471A2E23}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe No File
FirewallRules: [{CB41DAB7-AE40-4A15-8D55-9B634C55041F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe No File
FirewallRules: [{083A824B-A3C8-432D-A5E0-81A0C2B18E1B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe No File
FirewallRules: [{9E781068-6C43-45DA-8FDB-871ADFABE0EA}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File
FirewallRules: [{A5E26967-D3A8-4FC6-8D2E-B916AF314C30}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94bb202f-c00e-11e8-8051-7c0507dee9b1} => removed successfully
HKLM\Software\Classes\CLSID\{94bb202f-c00e-11e8-8051-7c0507dee9b1} => not found
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475} => removed successfully
HKLM\Software\Classes\CLSID\{82A76710-4F98-4957-92BE-99648A4E2475} => not found
"Chrome StartupUrls" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1CB61E57-2609-4F2D-A7D9-73D578405BAE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1CB61E57-2609-4F2D-A7D9-73D578405BAE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3687511350-3683034353-1054481598-1001" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{40E7FF5B-A5D8-4FCA-8CEE-D99DD764730A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40E7FF5B-A5D8-4FCA-8CEE-D99DD764730A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4631E4B4-731A-46CC-A9ED-E0E6DCDFB515}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4631E4B4-731A-46CC-A9ED-E0E6DCDFB515}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A644B9A-4259-4EB3-9463-72F463949207}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A644B9A-4259-4EB3-9463-72F463949207}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{610AC0F9-04D6-4793-9AF6-E097B6BCFB73}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{610AC0F9-04D6-4793-9AF6-E097B6BCFB73}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6665E335-FB06-473C-9D35-A1A231466632}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6665E335-FB06-473C-9D35-A1A231466632}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D4699A5-46A8-4444-B799-ED1115869F02}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D4699A5-46A8-4444-B799-ED1115869F02}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A454920A-978E-4EA1-9175-94B5D6014A30}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A454920A-978E-4EA1-9175-94B5D6014A30}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A57BA5D7-4C6F-4BC0-8D74-5D54A4606BFB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A57BA5D7-4C6F-4BC0-8D74-5D54A4606BFB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A82CA6E3-05F8-4A59-9679-15B2F1F0EB28}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A82CA6E3-05F8-4A59-9679-15B2F1F0EB28}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B62D5352-9491-464A-AFD9-E7263304ECCD}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B62D5352-9491-464A-AFD9-E7263304ECCD}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B6A3A57C-80FC-4440-A94A-799BFEE18B47}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6A3A57C-80FC-4440-A94A-799BFEE18B47}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3687511350-3683034353-1054481598-1001" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BC5ECA5C-31F9-4B6C-A6E8-6B6A4A4AAA3E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC5ECA5C-31F9-4B6C-A6E8-6B6A4A4AAA3E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3055C20-FB41-4611-8E3E-DB6EAE2CF43D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3055C20-FB41-4611-8E3E-DB6EAE2CF43D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EAFB8C92-A0BA-4B30-A4AF-B2CFA608B88F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EAFB8C92-A0BA-4B30-A4AF-B2CFA608B88F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F402F299-360A-4CFC-9FDA-43FF9B6DCFEE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F402F299-360A-4CFC-9FDA-43FF9B6DCFEE}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F83EE903-6B97-4415-9FE5-F317842DC44F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F83EE903-6B97-4415-9FE5-F317842DC44F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCE4FD6E-2EAC-48B8-B6C0-E77320286CE8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCE4FD6E-2EAC-48B8-B6C0-E77320286CE8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A9153843-0F95-414C-A481-2C5919788E5C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3554E0CF-2A0A-42E5-BEF5-2AC4471A2E23}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CB41DAB7-AE40-4A15-8D55-9B634C55041F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{083A824B-A3C8-432D-A5E0-81A0C2B18E1B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9E781068-6C43-45DA-8FDB-871ADFABE0EA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A5E26967-D3A8-4FC6-8D2E-B916AF314C30}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 154916378 B
Java, Flash, Steam htmlcache => 1270 B
Windows/system/drivers => 21253022 B
Edge => 2152774 B
Chrome => 305316846 B
Firefox => 11762822 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 10524 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 117874 B
LocalService => 0 B
NetworkService => 39214 B
NetworkService => 0 B
Natália => 40034751 B
Administrator => 22722 B

RecycleBin => 0 B
EmptyTemp: => 520.8 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 21:52:56 ====

#8 Příspěvek od **Rudy** » 28 led 2019 22:06

Smazáno. Nastala nějaká změna?

peter1207 · #9 Příspěvek od **peter1207** » 28 led 2019 22:36

Ano, je to velky rozdiel, pc ide ako pred tym.
Dakujeme vela kraat.

#10 Příspěvek od **Rudy** » 29 led 2019 10:15

Nemáte zač!

VIRY.CZ

Zasekany, zamrzajuci NTB

Zasekany, zamrzajuci NTB

Re: Zasekany, zamrzajuci NTB

Re: Zasekany, zamrzajuci NTB

Re: Zasekany, zamrzajuci NTB

Re: Zasekany, zamrzajuci NTB

Re: Zasekany, zamrzajuci NTB

Re: Zasekany, zamrzajuci NTB

Re: Zasekany, zamrzajuci NTB

Re: Zasekany, zamrzajuci NTB

Re: Zasekany, zamrzajuci NTB