Prosim o kontrolu, dakujem :)

Zpráva

peter1207 · #1 Příspěvek od **peter1207** » 14 úno 2019 19:49

PC je pomaly...
Po pripade skuste napisat co tam je alebo odkial sa to sem mohlo dostat, za posledny mesiac uz druhy krat na tomto pc...
DAKUJEM.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13.02.2019
Ran by Natália (administrator) on LIUS (14-02-2019 19:35:24)
Running from C:\Users\Natália\Desktop
Loaded Profiles: Natália (Available Profiles: Natália & Administrator)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxTsr.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe
() C:\Users\Natália\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Natália\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvLaunch.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvMon.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] (TOSHIBA CORPORATION -> )
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [170848 2013-01-29] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565472 2013-04-22] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [5349120 2017-03-15] (Crawler Group, LLC -> Crawler Group, LLC)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [5585664 2017-03-15] (Crawler Group, LLC -> Crawler Group, LLC)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [374784 2013-04-19] (Alcor Micro Corp.) [File not signed]
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA CORPORATION -> TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [467360 2013-03-08] (TOSHIBA CORPORATION -> TOSHIBA)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation) [File not signed]
HKLM-x32\...\Run: [seznam-listicka-distribuce] => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Natália\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-18] (Google Inc -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\Installer\chrmstp.exe [2019-01-16] (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Drive Manager Real-Time.lnk [2014-11-20]
ShortcutTarget: Samsung Drive Manager Real-Time.lnk -> C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe (Clarus, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-05-11]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orezávač obrazovky a spúšťač programu OneNote 2007.lnk [2013-12-20]
ShortcutTarget: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2017-08-22]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\webdataworker.hive.lnk [2017-12-08]
ShortcutTarget: webdataworker.hive.lnk -> C:\Users\Natália\AppData\Roaming\webdataworker.hive\ChromeLauncherConsole.bat (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{16510249-74d2-48d0-8e85-30c67c0c2e5c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f350500b-8e76-4ed4-bc90-c7b0b1392a87}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {21856A07-5E74-4354-BC92-A2912CE80CBB} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {33FB04F5-DDB3-43ED-BA8A-B2BE9EE3F766} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {4EE86BDB-6A0C-4F47-B7B5-77E065DB31EC} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {7148E46E-7812-4BB9-A5C7-2BC197BFC4EA} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {722FB13F-8CAC-4F4A-8C2C-FB1495E38532} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {A47320E9-4AFF-46C3-9848-71DBFDCB8994} URL =
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {C4B52922-9D49-43C7-81B9-04F8C212AA86} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {D3AAFF12-4A9F-4BA6-A276-4A3E296987DC} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {DCC8E55A-E88F-4E3F-B6AF-0BDA3651B69F} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {FC9024D8-776C-450D-9B51-9EF2E18F8340} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: dilp2dry.default
FF ProfilePath: C:\Users\Natália\AppData\Roaming\Mozilla\Firefox\Profiles\dilp2dry.default [2019-01-28]
FF Homepage: Mozilla\Firefox\Profiles\dilp2dry.default -> hxxps://www.google.com/?bcutc=sp-006
FF NewTab: Mozilla\Firefox\Profiles\dilp2dry.default -> about:newtab
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Natália\AppData\Roaming\Mozilla\Firefox\Profiles\dilp2dry.default\Extensions\sko-extension@firma.seznam.cz [2017-11-01]
FF Extension: (Seznam lištička) - C:\Users\Natália\AppData\Roaming\Mozilla\Firefox\Profiles\dilp2dry.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-11-06] [Legacy]
FF SearchPlugin: C:\Users\Natália\AppData\Roaming\Mozilla\Firefox\Profiles\dilp2dry.default\searchplugins\google-avast.xml [2017-09-06]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3687511350-3683034353-1054481598-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Natália\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP","hxx ... google.sk/"
CHR NewTab: Default -> Not-active:"chrome-extension://bgjpfhpjcgdppjbgnpnjllokbmcdllig/speeddial/html/temporaryNewTab.html", Not-active:"chrome-extension://blmojkbhnkkphngknkmgccmlenfaelkd/speeddial/html/newTab.html"
CHR Profile: C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default [2019-02-14]
CHR Extension: (Crash Bandicoot Online HD) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\aamlbcjbejchalkkingolaibfgkkiinp [2013-11-28]
CHR Extension: (Podporte) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\amaegjccccajmhnbcbeagblpdccimoeh [2016-11-25]
CHR Extension: (Dokumenty) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-30]
CHR Extension: (American Racing 2) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfpfdjclhabpjncikdngdoldjjjegnbe [2014-07-17]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-02-13]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-02-13]
CHR Extension: (YouTube) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Cleanflight - Blackbox Explorer) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahpidddaimdojnddnahjpnefajpheep [2017-10-08]
CHR Extension: (Google Search) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (500px) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\egpociadnldbkfkjpmjoaibnbcoeplja [2014-09-27]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (Murder Files) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijfecbiladpinddbjfodaaiahggomhaf [2016-04-15]
CHR Extension: (Aero Trans Brushed Metal Theme) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkjdfchjlhkgnfjblhclgaliiccalckf [2017-10-25]
CHR Extension: (Eyes - The Horror Game) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\jojpkokphfnjlhbnbcilnhgnkkobkngd [2013-11-28]
CHR Extension: (Betaflight - Configurator) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdaghagfopacdngbohiknlhcocjccjao [2018-08-26]
CHR Extension: (BLHeli - Configurator) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\mejfjggmbnocnfibbibmoogocnjbcjnk [2017-12-27]
CHR Extension: (Video download helper) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkioblodjcgkdailhejgcocjkkoochj [2015-04-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-12]
CHR Extension: (Môj motív prehliadača Chrome) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2015-08-27]
CHR Extension: (Gmail) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-19]
CHR Profile: C:\Users\Natália\AppData\Local\Google\Chrome\User Data\System Profile [2019-01-28]
CHR HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-07] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-07] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\elevation_service.exe [390552 2019-01-09] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51504 2017-01-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-05-09] (DTS, Inc. -> )
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-03-12] (WildTangent Inc -> WildTangent)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] (TOSHIBA CORPORATION -> )
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation -> Intel Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia -> Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia -> Secunia)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [3292416 2017-03-15] (Crawler Group, LLC -> Crawler Group, LLC)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-04-25] (IDT, Inc.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-05-04] (Synaptics Incorporated -> Synaptics Incorporated)
R2 SZDrvSvc; C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [18432 2013-12-18] (Clarus, Inc.) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [118856 2015-12-01] (Toshiba Europe Gmbh -> Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37304 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [203488 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [223056 2019-01-14] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196264 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320888 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [58160 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239808 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46584 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42488 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166792 2019-01-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111992 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88144 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034056 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474648 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [218056 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380144 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4251160 2016-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
R3 dc3d; C:\WINDOWS\System32\drivers\dc3d.sys [47616 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [121344 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Co., Ltd.)
R3 mdf16; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [20400 2012-06-21] (Clarus, Inc. -> )
R3 mvd23; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [99248 2012-06-21] (Clarus, Inc. -> )
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON CORPORATION -> PEGATRON)
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia -> Secunia)
S3 qcusbnet; C:\WINDOWS\System32\drivers\qcusbnet.sys [428600 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-08-13] (Synaptics Incorporated -> Synaptics Incorporated)
R2 sp_rsdrv2; C:\WINDOWS\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Crawler, LLC -> Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [546304 2013-04-25] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (TOSHIBA CORPORATION -> Toshiba Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-14 19:31 - 2019-02-14 19:31 - 550852702 _____ C:\WINDOWS\MEMORY.DMP
2019-02-14 19:31 - 2019-02-14 19:31 - 000000000 ____D C:\WINDOWS\Minidump
2019-02-14 19:31 - 2019-02-14 19:31 - 000000000 _____ C:\WINDOWS\Minidump\021419-38234-01.dmp
2019-02-14 19:27 - 2019-02-14 19:37 - 000031242 _____ C:\Users\Natália\Desktop\FRST.txt
2019-02-14 19:23 - 2019-02-14 19:25 - 002433536 _____ (Farbar) C:\Users\Natália\Desktop\FRST64.exe
2019-02-04 15:57 - 2019-02-04 17:55 - 1088016212 _____ C:\Users\Natália\Documents\ŠKOLA.rar
2019-01-28 20:35 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-27 20:45 - 2019-02-14 19:27 - 000000000 ____D C:\FRST

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-14 19:39 - 2016-03-30 23:52 - 000000000 ____D C:\Users\Natália\AppData\Local\CrashDumps
2019-02-14 19:38 - 2018-06-12 20:43 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-14 19:36 - 2017-12-13 11:56 - 000000000 ____D C:\Users\Natália\AppData\Local\AVAST Software
2019-02-14 19:33 - 2018-06-12 20:23 - 000000000 ____D C:\Users\Natália
2019-02-14 19:33 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-14 19:33 - 2015-08-13 11:27 - 000000000 __SHD C:\Users\Natália\IntelGraphicsProfiles
2019-02-14 19:31 - 2018-06-12 21:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-02-14 19:31 - 2018-06-12 20:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-14 19:15 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-14 19:11 - 2018-06-12 21:05 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-02-14 19:10 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-02-14 12:33 - 2014-12-03 20:40 - 000000000 ____D C:\Users\Natália\AppData\Local\Adobe
2019-02-14 12:31 - 2015-05-11 21:52 - 000000000 ____D C:\ProgramData\Spyware Terminator
2019-02-14 12:30 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-14 12:26 - 2018-06-12 21:05 - 000002862 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-rechtorikovalia@gmail.com
2019-02-13 22:47 - 2018-06-12 21:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-02-13 20:36 - 2018-08-28 17:17 - 000000000 ____D C:\Users\Natália\Documents\MOJE DOKUMENTY
2019-02-13 20:04 - 2017-02-25 13:35 - 000000000 ____D C:\Users\Natália\Documents\Soubory aplikace Outlook
2019-02-13 19:01 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-13 01:10 - 2018-04-11 22:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2019-02-12 23:15 - 2018-06-12 20:16 - 005189752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-12 16:30 - 2018-06-12 21:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2019-02-08 10:58 - 2018-07-09 19:57 - 000000000 ____D C:\ProgramData\Packages
2019-02-06 19:13 - 2013-11-19 21:41 - 000000000 ____D C:\Users\Natália\AppData\Local\Toshiba
2019-02-04 18:14 - 2013-06-04 19:25 - 000000000 ____D C:\Users\Natália\Documents\životopis atd
2019-02-04 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-02-04 15:56 - 2016-04-02 19:45 - 000000000 ___RD C:\Users\Natália\Dropbox
2019-02-04 14:32 - 2016-03-14 22:54 - 000000020 ____H C:\ProgramData\PKP_DLet.DAT
2019-02-02 17:39 - 2018-08-05 14:03 - 000000000 ____D C:\Users\Natália\AppData\Local\D3DSCache
2019-01-28 21:52 - 2013-11-25 19:08 - 000000000 ____D C:\Users\Natália\AppData\LocalLow\Temp
2019-01-28 01:48 - 2015-05-12 00:18 - 000000000 ____D C:\Users\Natália\AppData\Local\ElevatedDiagnostics
2019-01-27 21:07 - 2019-01-09 13:32 - 000000000 _____ C:\WINDOWS\system32\last.dump
2019-01-18 19:28 - 2015-01-06 01:09 - 000166792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-01-18 14:18 - 2018-11-15 23:54 - 000000000 ____D C:\Program Files\rempl
2019-01-16 16:45 - 2018-06-07 14:17 - 000002509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-01-16 16:45 - 2018-06-07 14:17 - 000002474 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk

==================== Files in the root of some directories =======

2014-12-04 00:27 - 2015-03-27 14:33 - 000000033 _____ () C:\Users\Natália\AppData\Roaming\AdobeWLCMCache.dat
2016-03-14 22:54 - 2016-03-14 22:54 - 000000268 ___RH () C:\Users\Natália\AppData\Roaming\Application Support
2016-03-14 22:56 - 2016-03-14 22:56 - 000000268 ___RH () C:\Users\Natália\AppData\Roaming\Applications
2016-03-14 22:54 - 2016-03-14 22:54 - 000000268 ___RH () C:\Users\Natália\AppData\Roaming\Audio
2016-03-14 22:53 - 2016-03-14 22:53 - 000000268 ___RH () C:\Users\Natália\AppData\Roaming\Bass Amp

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-12 20:16

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13.02.2019
Ran by Natália (14-02-2019 19:39:35)
Running from C:\Users\Natália\Desktop
Windows 10 Home Version 1803 17134.523 (X64) (2018-06-12 20:07:36)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3687511350-3683034353-1054481598-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3687511350-3683034353-1054481598-503 - Limited - Disabled)
Guest (S-1-5-21-3687511350-3683034353-1054481598-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3687511350-3683034353-1054481598-1005 - Limited - Enabled)
Natália (S-1-5-21-3687511350-3683034353-1054481598-1001 - Administrator - Enabled) => C:\Users\Natália
WDAGUtilityAccount (S-1-5-21-3687511350-3683034353-1054481598-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

«The Sims 3 Deluxe Edition» (build 10.2) (HKLM-x32\...\«The Sims 3 Deluxe Edition»_is1) (Version: - R.G. Catalyst)
4Media MP4 to MP3 Converter 6 (HKLM-x32\...\4Media MP4 to MP3 Converter 6) (Version: 6.8.0.1101 - 4Media)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2014 (HKLM-x32\...\{CCDCB9C4-72BA-1014-A3F8-D123F2F18BC2}) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.0.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_HOMESTUDENTR_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_HOMESTUDENTR_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_HOMESTUDENTR_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
Alcor Micro USB Card Reader (HKLM-x32\...\{C90340A9-F592-4164-9480-FCE488C4BFF6}) (Version: 4.7.1245.73473 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.7.1245.73473 - Alcor Micro Corp.)
Aloha TriPeaks (HKLM-x32\...\WTA-3e72695b-94c9-4644-a97a-0a1db8920f9b) (Version: 2.2.0.98 - WildTangent) Hidden
Atheros Bluetooth Filter Driver Package (HKLM\...\{026B819B-4D60-4C8B-892D-33A0D8666F60}) (Version: 2.0.0.9 - Qualcomm Atheros)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 71.0.1037.98 - AVAST Software)
Bejeweled 3 (HKLM-x32\...\WTA-f38e5aac-e7d9-46ef-af66-e45e00661019) (Version: 2.2.0.98 - WildTangent) Hidden
DTS Sound (HKLM-x32\...\{F8EB8FFC-C535-49A1-A84D-CC75CB2D6ADA}) (Version: 1.00.0071 - DTS, Inc.)
EGR-ShellExtension (HKLM-x32\...\EGR-ShellExtension) (Version: 1.2.0.100 - EasternGraphics)
Empress of the Deep - The Darkest Secret (HKLM-x32\...\WTA-05294dd7-2c72-489e-ba5c-822303442f93) (Version: 2.2.0.98 - WildTangent) Hidden
Free YouTube Download version 3.2.49.1122 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.49.1122 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Chuzzle Deluxe (HKLM-x32\...\WTA-635d8579-5188-4815-9c6d-0a14089f01f5) (Version: 2.2.0.95 - WildTangent) Hidden
IDT Audio Driver (HKLM\...\{11424B27-C16B-4505-9667-82A10AD1B1DC}) (Version: 6.10.6472.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Island Tribe (HKLM-x32\...\WTA-fefc7e9a-150e-4ff2-af5f-f0f90cae1dd8) (Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Solitaire 2 (HKLM-x32\...\WTA-4ec7defd-ddea-4d88-988a-825db86c6672) (Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-76fa82c9-9fa7-462a-bfb5-95c3e1a842d1) (Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\...\OneDriveSetup.exe) (Version: 18.212.1021.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.6.0 - Nikon)
OpenOffice 4.0.1 (HKLM-x32\...\{A00F439C-600D-4220-96CF-C6F1F8C32633}) (Version: 4.01.9714 - Apache Software Foundation)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Peggle Nights (HKLM-x32\...\WTA-cff5d533-792e-4307-a1a9-f5164c681c8e) (Version: 2.2.0.98 - WildTangent) Hidden
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.7 - Nikon)
Pixie 1.4.1 (HKLM-x32\...\Pixie_is1) (Version: 1.4.1 - Pixie Developers)
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-01834b92-7f96-4fd5-ace4-01a6e82d464e) (Version: 2.2.0.98 - WildTangent) Hidden
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Polar Bowler (HKLM-x32\...\WTA-e2a37025-f909-4fc7-80cd-c790eeb2699c) (Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Samplitude 11 (HKLM-x32\...\{AE0009FD-8F50-4565-835D-4432BD18D792}) (Version: 11.0.1.0 - MAGIX AG)
Samsung Drive Manager (HKLM-x32\...\{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}) (Version: 1.0.172 - Clarus, Inc.)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\...\SeznamInstall) (Version: - Seznam.cz)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.101 - Crawler Group)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.63.4 - Electronic Arts)
The Sims™ 3 Diesel Каталог (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Katy Perry Сладкие радости (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
The Sims™ 3 В сумерках (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
The Sims™ 3 Вперед в будущее (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Времена года (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Все возрасты (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Городская жизнь Каталог (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 Изысканная спальня Каталог (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Карьера (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.10.1 - Electronic Arts)
The Sims™ 3 Кино Каталог (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
The Sims™ 3 Мир приключений (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.9.10 - Electronic Arts)
The Sims™ 3 Отдых на природе Каталог (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.3.2 - Electronic Arts)
The Sims™ 3 Питомцы (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Райские острова (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Сверхъестественное (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Скоростной режим Каталог (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.8.1 - Electronic Arts)
The Sims™ 3 Современная роскошь Каталог (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.9.6 - Electronic Arts)
The Sims™ 3 Стильные 70-е, 80-е, 90-е Каталог (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims™ 3 Студенческая жизнь (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 Шоу-бизнес (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
TOSHIBA Battery Check Utility (HKLM-x32\...\{5468E297-7EF8-4CB3-A091-F8714147793F}) (Version: 1.00.01.01 - Toshiba Corporation)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.01.02.6405 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{B6619F14-F766-4000-BC8A-522D4CC4E44F}) (Version: 1.0.4.5 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.3.6403 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6630.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.342 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.02.6402 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.0.01.55004008 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.6.0 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{6499E894-43F8-458B-AE35-724F4732BCDE}) (Version: 2.5.6 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0020 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0007.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.9.2 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.5.59 - Toshiba Corporation)
Unity Web Player (HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
UpdateChecker (HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\...\Popajar, inc UpdateChecker) (Version: - Popajar, inc) <==== ATTENTION
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.6.0 - Nikon)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WTA-b68d28f6-a11d-4ef9-807b-1aab299f9e21) (Version: 2.2.0.98 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba) (Version: 4.0.11.7 - WildTangent) Hidden
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-84A32220054A}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001_Classes\CLSID\{DEDBE4C9-9E87-40C5-B437-9AAB7EB9C667}\InprocServer32 -> C:\Program Files (x86)\EasternGraphics\EGR-ShellExtension\Win64\egr_se.dll (EasternGraphics GmbH -> EasternGraphics)
CustomCLSID: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2015-01-26] (Crawler Group, LLC -> Crawler Group)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2015-01-26] (Crawler Group, LLC -> Crawler Group)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2015-01-26] (Crawler Group, LLC -> Crawler Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04C572CF-9A6D-432C-9804-1C6ABC41EE5D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {0B1D1EB1-0280-491D-85A2-2170ADD846C2} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-rechtorikovalia@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {0C0F79AC-4E9A-4F4E-8D44-70339C138943} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {1023B62F-BD69-428C-89DE-4F9DE56A039D} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe (Toshiba Europe Gmbh -> Toshiba Europe GmbH)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {37829A2A-3A45-476F-A636-D86135FCBC61} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {37C1E869-8C79-4117-B9B7-9CB2C7FA100D} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {3906FDFC-7C4B-43E4-A1D3-C05B1ACB6D91} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\AdobeGCInvoker-1.0-MicrosoftAccount-rechtorikovalia@gmail.com" /ENABLE
Task: {3906FDFC-7C4B-43E4-A1D3-C05B1ACB6D91} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {5CBBB79A-E7D4-415E-9AE3-134C672389B2} - System32\Tasks\CLARUS_DRIVE_MANAGER\Clarus_Drive_Manager => C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe (Clarus, Inc. -> Clarus, Inc.)
Task: {5E9FFA19-86F8-4FB5-96A5-E02600388853} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {789D730C-E5C6-4ACF-8C5F-F3F93FD0D2AF} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {8528FDDA-34F3-4692-B64E-0E100E1CBA1A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {B280BDB0-A1ED-49F2-B980-B0D5AC45A88F} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe
Task: {C0E218EA-F4C9-43A1-B6FF-D85C5B6ACA0A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {D529C7A5-80F6-40A7-9AD3-984F30A1D770} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated)
Task: {DA5EE912-C40F-48C3-B3EF-6A5C6B7F2310} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-rechtorikovalia@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F484DE14-2523-4437-A79D-04C424BAFAAA} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\webdataworker.hive.lnk -> C:\Users\Natália\AppData\Roaming\webdataworker.hive\ChromeLauncherConsole.bat (No File)
Shortcut: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com

ShortcutWithArgument: C:\Users\Natália\Documents\dokument\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\500px.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=egpociadnldbkfkjpmjoaibnbcoeplja
ShortcutWithArgument: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Betaflight - Configurator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kdaghagfopacdngbohiknlhcocjccjao
ShortcutWithArgument: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\BLHeli - Configurator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=mejfjggmbnocnfibbibmoogocnjbcjnk
ShortcutWithArgument: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Cleanflight - Blackbox Explorer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cahpidddaimdojnddnahjpnefajpheep
ShortcutWithArgument: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Murder Files.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ijfecbiladpinddbjfodaaiahggomhaf

==================== Loaded Modules (Whitelisted) ==============

2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2013-03-27 22:53 - 2013-03-27 22:53 - 000163168 _____ () C:\PROGRAM FILES (X86)\TOSHIBA\PASSWORDUTILITY\GFNEXSRV.EXE
2013-05-09 17:49 - 2013-05-09 17:49 - 000016720 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2018-11-20 04:46 - 2018-11-20 04:46 - 004310296 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-13 10:45 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-04-12 11:31 - 2017-11-13 15:46 - 000092368 _____ () C:\USERS\NATÁLIA\APPDATA\ROAMING\SEZNAM.CZ\BIN\6825libfoxloader-x64.dll
2019-01-08 21:13 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-01-10 16:37 - 2019-01-10 16:37 - 000039936 _____ () C:\Users\Natália\AppData\Local\Packages\39976Virblue.MyStudyLife_pa3njxwv09jym\AC\Microsoft\CLR_v4.0\NativeImages\MyStudyLife313228e7#\3714fea35172e01870b110817dfeb125\MyStudyLife.W8.BackgroundTasks.ni.dll
2018-04-05 08:42 - 2018-04-05 08:42 - 004734464 _____ () C:\Program Files\WindowsApps\Microsoft.Wallet_2.2.18065.0_x64__8wekyb3d8bbwe\Microsoft.Wallet.dll
2019-01-04 22:54 - 2019-01-04 22:54 - 002834944 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.1811.3343.0_x64__8wekyb3d8bbwe\People.BackgroundTasks.dll
2019-01-04 22:54 - 2019-01-04 22:54 - 000120320 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.1811.3343.0_x64__8wekyb3d8bbwe\PeopleUtilRT.dll
2019-01-04 22:54 - 2019-01-04 22:54 - 009032704 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.1811.3343.0_x64__8wekyb3d8bbwe\Microsoft.People.NativeComponents.dll
2019-01-30 22:32 - 2019-01-30 22:33 - 000182272 _____ () C:\PROGRAM FILES\WINDOWSAPPS\MICROSOFT.SKYPEAPP_14.38.138.0_X64__KZF8QXF38ZG5C\SKYPEBACKGROUNDHOST.EXE
2019-01-30 22:33 - 2019-01-30 22:34 - 000070144 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2019-02-12 13:57 - 2019-02-12 13:57 - 008562688 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1901.311.0_x64__8wekyb3d8bbwe\OneConnect.dll
2019-02-08 10:57 - 2019-02-08 10:57 - 028028416 _____ () C:\PROGRAM FILES\WINDOWSAPPS\MICROSOFT.ZUNEVIDEO_10.19011.11311.0_X64__8WEKYB3D8BBWE\VIDEO.UI.EXE
2019-02-08 10:57 - 2019-02-08 10:57 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-01 11:54 - 2017-12-01 11:54 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-28 20:28 - 2018-11-28 20:29 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-02-08 10:57 - 2019-02-08 10:57 - 006033408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-02-08 10:57 - 2019-02-08 10:57 - 009338368 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2012-07-19 02:38 - 2012-07-19 02:38 - 000020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2017-11-01 10:56 - 2017-11-13 15:38 - 000506064 _____ () C:\USERS\NATÁLIA\APPDATA\ROAMING\SEZNAM.CZ\BIN\SZNDESKTOP.EXE
2016-03-24 18:39 - 2017-02-08 12:39 - 000080576 _____ () C:\USERS\NATÁLIA\APPDATA\ROAMING\SEZNAM.CZ\BIN\LISTICKA-X64.EXE
2017-11-24 12:31 - 2017-11-13 15:49 - 000085200 _____ () C:\Users\Natália\AppData\Roaming\Seznam.cz\bin\23518libfoxloader.dll
2016-03-24 18:39 - 2018-02-21 10:36 - 000869584 _____ () C:\Users\Natália\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2013-07-09 09:10 - 2012-07-18 14:55 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2019-01-06 00:40 - 000000832 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;%PIXIEHOME%\bin;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Natália\Desktop\STRINGArt+Plátno\DSC_0001 (2).jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BE4955AB-4E76-4643-99FC-311507109EDC}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe (Crawler Group, LLC -> Crawler Group, LLC)
FirewallRules: [{E5DD4BB3-14F7-4795-9DF4-0742B094361D}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe (Crawler Group, LLC -> Crawler Group, LLC)
FirewallRules: [{19D1FF24-128C-4CCC-9420-03040436C141}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler Group, LLC -> Crawler Group, LLC)
FirewallRules: [{D2306DFC-DAF0-4564-AC50-38481F4CE732}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler Group, LLC -> Crawler Group, LLC)
FirewallRules: [TCP Query User{60EF2F82-FE44-4764-A296-D2BC60B9F638}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Allow) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe (Crawler Group, LLC -> Crawler Group, LLC)
FirewallRules: [UDP Query User{0C33FF42-6F4C-4912-B053-5BD32FB6DE2B}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Allow) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe (Crawler Group, LLC -> Crawler Group, LLC)
FirewallRules: [{C99BE42F-8F63-4E98-B75C-4B13BCC8B802}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5D5DB7EA-ED7C-4CF9-BABA-D944A7C19D55}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{3E433523-E8A9-41ED-B590-77A5253E0E9D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{4EE87C2A-6B10-4B95-A330-75912F33243D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{A94335A6-F81D-49D1-8136-05D61E25915C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{EA8D03D3-2A4E-4452-B366-6E4B7B8877AD}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{9EFC4D99-0037-4A46-AAD1-B7B439007968}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

28-01-2019 02:19:15 Scheduled Checkpoint
02-02-2019 15:30:52 Windows Update
10-02-2019 02:31:03 Scheduled Checkpoint
14-02-2019 19:27:01 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (02/14/2019 07:38:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BACKGROUNDTASKHOST.EXE, version: 10.0.17134.1, time stamp: 0xcb43d9c5
Faulting module name: twinapi.appcore.dll, version: 10.0.17134.137, time stamp: 0xb5d50228
Exception code: 0xc000027b
Fault offset: 0x000000000009cad5
Faulting process id: 0x1e34
Faulting application start time: 0x01d4c493d6a3917e
Faulting application path: C:\WINDOWS\SYSTEM32\BACKGROUNDTASKHOST.EXE
Faulting module path: C:\Windows\System32\twinapi.appcore.dll
Report Id: ed8ec3c0-4e49-4cf9-8872-ff1a38b9fedc
Faulting package full name: 39976Virblue.MyStudyLife_4.0.7.0_x64__pa3njxwv09jym
Faulting package-relative application ID: App

Error: (02/14/2019 07:31:44 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.

Error: (02/14/2019 07:24:07 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (02/14/2019 07:10:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BACKGROUNDTASKHOST.EXE, version: 10.0.17134.1, time stamp: 0xcb43d9c5
Faulting module name: twinapi.appcore.dll, version: 10.0.17134.137, time stamp: 0xb5d50228
Exception code: 0xc000027b
Fault offset: 0x000000000009cad5
Faulting process id: 0x1ba0
Faulting application start time: 0x01d4c48fdf37ec40
Faulting application path: C:\WINDOWS\SYSTEM32\BACKGROUNDTASKHOST.EXE
Faulting module path: C:\Windows\System32\twinapi.appcore.dll
Report Id: e4a6a398-e11f-4909-af22-3aeaa043d78c
Faulting package full name: 39976Virblue.MyStudyLife_4.0.7.0_x64__pa3njxwv09jym
Faulting package-relative application ID: App

Error: (02/14/2019 07:09:04 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (02/14/2019 07:02:48 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.

Error: (02/14/2019 12:26:33 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.

Error: (02/13/2019 11:43:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BACKGROUNDTASKHOST.EXE, version: 10.0.17134.1, time stamp: 0xcb43d9c5
Faulting module name: twinapi.appcore.dll, version: 10.0.17134.137, time stamp: 0xb5d50228
Exception code: 0xc000027b
Fault offset: 0x000000000009cad5
Faulting process id: 0x70c
Faulting application start time: 0x01d4c3ed2fd00a57
Faulting application path: C:\WINDOWS\SYSTEM32\BACKGROUNDTASKHOST.EXE
Faulting module path: C:\Windows\System32\twinapi.appcore.dll
Report Id: 271a17b1-4687-4bd8-9c20-fd1eb725ccc4
Faulting package full name: 39976Virblue.MyStudyLife_4.0.7.0_x64__pa3njxwv09jym
Faulting package-relative application ID: App

System errors:
=============
Error: (02/14/2019 07:36:21 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Error: (02/14/2019 07:33:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/14/2019 07:31:41 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:02:45 PM on ‎2/‎14/‎2019 was unexpected.

Error: (02/14/2019 07:18:12 PM) (Source: DCOM) (EventID: 10016) (User: LIUS)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LIUS\Natália SID (S-1-5-21-3687511350-3683034353-1054481598-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/14/2019 07:08:08 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Error: (02/14/2019 07:07:18 PM) (Source: DCOM) (EventID: 10005) (User: LIUS)
Description: DCOM got error "1053" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (02/14/2019 07:07:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (02/14/2019 07:07:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Windows Defender:
===================================
Date: 2019-01-09 13:39:14.459
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.267.1067.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14800.3
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:
===================================

Date: 2019-02-14 19:32:11.094
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-14 19:32:09.741
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-14 19:32:05.008
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-14 19:03:09.343
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-14 19:03:08.628
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-14 19:03:06.831
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-14 12:27:06.417
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-14 12:27:06.116
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 62%
Total physical RAM: 3971.27 MB
Available physical RAM: 1491.52 MB
Total Virtual: 5827.27 MB
Available Virtual: 3555.93 MB

==================== Drives ================================

Drive c: (TI31126000A) (Fixed) (Total:452.43 GB) (Free:173.16 GB) NTFS
Drive d: () (Fixed) (Total:0.83 GB) (Free:0.3 GB) NTFS

\\?\Volume{6783c945-cecb-11e2-ba98-c9bc3f2b6557}\ (System) (Fixed) (Total:1 GB) (Free:0.64 GB) NTFS
\\?\Volume{2c265cf9-98f4-4f9a-bac5-d45a4d9b75d5}\ () (Fixed) (Total:0.34 GB) (Free:0.31 GB) NTFS
\\?\Volume{5bec1266-371c-4bab-9694-e507fbe12fa5}\ (Recovery) (Fixed) (Total:10.78 GB) (Free:0.85 GB) NTFS
\\?\Volume{6783c94d-cecb-11e2-ba98-c9bc3f2b6557}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

#2 Příspěvek od **Diallix** » 14 úno 2019 19:56

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

#3 Příspěvek od **Rudy** » 14 úno 2019 20:03

Omluva za vstup. Proč sem dáváte stejné téma 5x? Jednou nám to stačí.

peter1207 · #4 Příspěvek od **peter1207** » 14 úno 2019 20:21

Rudy píše:Omluva za vstup. Proč sem dáváte stejné téma 5x? Jednou nám to stačí.

Ospravedlňujem sa. Chápal som to tak, že po vyriešení problému sa vlákno zamnke a treba tak založiť nové, v prípade nového problému.
Nabudúce napíšem o odomknutie vlákna

peter1207 · #5 Příspěvek od **peter1207** » 14 úno 2019 20:29

Log po ADW

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-02-12.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-14-2019
# Duration: 00:00:57
# OS: Windows 10 Home
# Cleaned: 22
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Natália\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|UpdateChecker
Deleted HKLM\Software\Wow6432Node\Google\Chrome\NativeMessagingHosts\avgsh
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
Deleted HKCU\Software\AppDataLow\Software\Mail.Ru
Deleted HKCU\Software\Mail.Ru
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com

***** [ Chromium (and derivatives) ] *****

Deleted Video download helper
Deleted Seznam doplnek - Email
Deleted Seznam Lišticka - Rychlá volba

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3330 octets] - [14/02/2019 20:18:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-02-12.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-14-2019
# Duration: 00:00:39
# OS: Windows 10 Home
# Scanned: 31898
# Detected: 22

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Seznam.cz C:\Users\Natália\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|UpdateChecker
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Google\Chrome\NativeMessagingHosts\avgsh
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
PUP.Optional.Mail.Ru HKCU\Software\AppDataLow\Software\Mail.Ru
PUP.Optional.Mail.Ru HKCU\Software\Mail.Ru
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
PUP.Optional.Seznam.cz HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
PUP.Optional.Seznam.cz HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
PUP.Optional.SlimCleanerPlus HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
PUP.Optional.SlimCleanerPlus HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy Video download helper
PUP.Optional.Seznam.cz Seznam doplnek - Email
PUP.Optional.Seznam.cz Seznam Lišticka - Rychlá volba

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

#6 Příspěvek od **Diallix** » 14 úno 2019 20:32

Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.

#7 Příspěvek od **Rudy** » 14 úno 2019 21:01

peter1207 píše:
Rudy píše:Omluva za vstup. Proč sem dáváte stejné téma 5x? Jednou nám to stačí.
Ospravedlňujem sa. Chápal som to tak, že po vyriešení problému sa vlákno zamnke a treba tak založiť nové, v prípade nového problému.
Nabudúce napíšem o odomknutie vlákna

Nikoliv, toto vlákno zde bylo 5x. Nějaké minulé se týkalo jiného problému. U zprávy, kterou jsem vložíte vy vpravo dole je křížek. Když na něj kliknete zpráva se smaže. To pro příště. Může se stát, že když vícekrát kliknete na odeslání, zpráva se odešlě vícekrát.

peter1207 · #8 Příspěvek od **peter1207** » 15 úno 2019 00:47

Rudy píše:
peter1207 píše:
Rudy píše:Omluva za vstup. Proč sem dáváte stejné téma 5x? Jednou nám to stačí.
Ospravedlňujem sa. Chápal som to tak, že po vyriešení problému sa vlákno zamnke a treba tak založiť nové, v prípade nového problému.
Nabudúce napíšem o odomknutie vlákna
Nikoliv, toto vlákno zde bylo 5x. Nějaké minulé se týkalo jiného problému. U zprávy, kterou jsem vložíte vy vpravo dole je křížek. Když na něj kliknete zpráva se smaže. To pro příště. Může se stát, že když vícekrát kliknete na odeslání, zpráva se odešlě vícekrát.

A ták, to bude asi tým, že som to zakladal na chorom PC a bol som naňho moc netrpezlivý, takže som na to klikol viac krát ako píšete, pretože som si nebol istý či Pc klik zachytil. Vďaka za upozornenie

.

#9 Příspěvek od **Diallix** » 15 úno 2019 04:52

Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.

#10 Příspěvek od **Rudy** » 15 úno 2019 10:19

peter1207 píše:
Rudy píše:
peter1207 píše:
Rudy píše:Omluva za vstup. Proč sem dáváte stejné téma 5x? Jednou nám to stačí.
Ospravedlňujem sa. Chápal som to tak, že po vyriešení problému sa vlákno zamnke a treba tak založiť nové, v prípade nového problému.
Nabudúce napíšem o odomknutie vlákna
Nikoliv, toto vlákno zde bylo 5x. Nějaké minulé se týkalo jiného problému. U zprávy, kterou jsem vložíte vy vpravo dole je křížek. Když na něj kliknete zpráva se smaže. To pro příště. Může se stát, že když vícekrát kliknete na odeslání, zpráva se odešlě vícekrát.
A ták, to bude asi tým, že som to zakladal na chorom PC a bol som naňho moc netrpezlivý, takže som na to klikol viac krát ako píšete, pretože som si nebol istý či Pc klik zachytil. Vďaka za upozornenie .

OK. Teď už předávám slovo kolegovi a dál už je toto vlákno jeho.

peter1207 · #11 Příspěvek od **peter1207** » 16 úno 2019 21:45

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.02.2019 01
Ran by Natália (administrator) on LIUS (16-02-2019 21:38:54)
Running from C:\Users\Natália\Desktop
Loaded Profiles: Natália (Available Profiles: Natália & Administrator)
Platform: Windows 10 Home Version 1803 17134.590 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.180.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.180.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvMon.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvMon.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.180.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] (TOSHIBA CORPORATION -> )
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [170848 2013-01-29] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565472 2013-04-22] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [5349120 2017-03-15] (Crawler Group, LLC -> Crawler Group, LLC)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [5585664 2017-03-15] (Crawler Group, LLC -> Crawler Group, LLC)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [374784 2013-04-19] (Alcor Micro Corp.) [File not signed]
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA CORPORATION -> TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [467360 2013-03-08] (TOSHIBA CORPORATION -> TOSHIBA)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Winlogon: [Userinit]
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.109\Installer\chrmstp.exe [2019-02-15] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\Installer\chrmstp.exe [2019-01-16] (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Drive Manager Real-Time.lnk [2014-11-20]
ShortcutTarget: Samsung Drive Manager Real-Time.lnk -> C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe (Clarus, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-05-11]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orezávač obrazovky a spúšťač programu OneNote 2007.lnk [2013-12-20]
ShortcutTarget: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2017-08-22]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\webdataworker.hive.lnk [2017-12-08]
ShortcutTarget: webdataworker.hive.lnk -> C:\Users\Natália\AppData\Roaming\webdataworker.hive\ChromeLauncherConsole.bat (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{16510249-74d2-48d0-8e85-30c67c0c2e5c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f350500b-8e76-4ed4-bc90-c7b0b1392a87}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {21856A07-5E74-4354-BC92-A2912CE80CBB} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {33FB04F5-DDB3-43ED-BA8A-B2BE9EE3F766} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {4EE86BDB-6A0C-4F47-B7B5-77E065DB31EC} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {7148E46E-7812-4BB9-A5C7-2BC197BFC4EA} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {722FB13F-8CAC-4F4A-8C2C-FB1495E38532} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {A47320E9-4AFF-46C3-9848-71DBFDCB8994} URL =
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {C4B52922-9D49-43C7-81B9-04F8C212AA86} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {D3AAFF12-4A9F-4BA6-A276-4A3E296987DC} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {DCC8E55A-E88F-4E3F-B6AF-0BDA3651B69F} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {FC9024D8-776C-450D-9B51-9EF2E18F8340} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: dilp2dry.default
FF ProfilePath: C:\Users\Natália\AppData\Roaming\Mozilla\Firefox\Profiles\dilp2dry.default [2019-01-28]
FF Homepage: Mozilla\Firefox\Profiles\dilp2dry.default -> hxxps://www.google.com/?bcutc=sp-006
FF NewTab: Mozilla\Firefox\Profiles\dilp2dry.default -> about:newtab
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Natália\AppData\Roaming\Mozilla\Firefox\Profiles\dilp2dry.default\Extensions\sko-extension@firma.seznam.cz [2017-11-01]
FF Extension: (Seznam lištička) - C:\Users\Natália\AppData\Roaming\Mozilla\Firefox\Profiles\dilp2dry.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-11-06] [Legacy]
FF SearchPlugin: C:\Users\Natália\AppData\Roaming\Mozilla\Firefox\Profiles\dilp2dry.default\searchplugins\google-avast.xml [2017-09-06]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3687511350-3683034353-1054481598-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Natália\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP","hxx ... google.sk/"
CHR NewTab: Default -> Not-active:"chrome-extension://blmojkbhnkkphngknkmgccmlenfaelkd/speeddial/html/newTab.html"
CHR Profile: C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default [2019-02-16]
CHR Extension: (Crash Bandicoot Online HD) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\aamlbcjbejchalkkingolaibfgkkiinp [2013-11-28]
CHR Extension: (Podporte) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\amaegjccccajmhnbcbeagblpdccimoeh [2016-11-25]
CHR Extension: (Dokumenty) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-30]
CHR Extension: (American Racing 2) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfpfdjclhabpjncikdngdoldjjjegnbe [2014-07-17]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-02-13]
CHR Extension: (YouTube) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Cleanflight - Blackbox Explorer) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahpidddaimdojnddnahjpnefajpheep [2017-10-08]
CHR Extension: (Google Search) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (500px) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\egpociadnldbkfkjpmjoaibnbcoeplja [2014-09-27]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (Murder Files) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijfecbiladpinddbjfodaaiahggomhaf [2016-04-15]
CHR Extension: (Aero Trans Brushed Metal Theme) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkjdfchjlhkgnfjblhclgaliiccalckf [2017-10-25]
CHR Extension: (Eyes - The Horror Game) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\jojpkokphfnjlhbnbcilnhgnkkobkngd [2013-11-28]
CHR Extension: (Betaflight - Configurator) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdaghagfopacdngbohiknlhcocjccjao [2018-08-26]
CHR Extension: (BLHeli - Configurator) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\mejfjggmbnocnfibbibmoogocnjbcjnk [2017-12-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-12]
CHR Extension: (Môj motív prehliadača Chrome) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2015-08-27]
CHR Extension: (Gmail) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-16]
CHR Profile: C:\Users\Natália\AppData\Local\Google\Chrome\User Data\System Profile [2019-01-28]
CHR HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-07] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-07] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\elevation_service.exe [390552 2019-01-09] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51504 2017-01-06] (Dropbox, Inc -> Dropbox, Inc.)
S2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-05-09] (DTS, Inc. -> )
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] (TOSHIBA CORPORATION -> )
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation -> Intel Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia -> Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia -> Secunia)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [3292416 2017-03-15] (Crawler Group, LLC -> Crawler Group, LLC)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-04-25] (IDT, Inc.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-05-04] (Synaptics Incorporated -> Synaptics Incorporated)
R2 SZDrvSvc; C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [18432 2013-12-18] (Clarus, Inc.) [File not signed]
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [118856 2015-12-01] (Toshiba Europe Gmbh -> Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4403496 2019-01-09] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37304 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [203488 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [223056 2019-01-14] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196264 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320888 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [58160 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239808 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46584 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42488 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166792 2019-01-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111992 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88144 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034056 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474648 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [218056 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380144 2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4251160 2016-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
R3 dc3d; C:\WINDOWS\System32\drivers\dc3d.sys [47616 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [121344 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Co., Ltd.)
R3 mdf16; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [20400 2012-06-21] (Clarus, Inc. -> )
R3 mvd23; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [99248 2012-06-21] (Clarus, Inc. -> )
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON CORPORATION -> PEGATRON)
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia -> Secunia)
S3 qcusbnet; C:\WINDOWS\System32\drivers\qcusbnet.sys [428600 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-08-13] (Synaptics Incorporated -> Synaptics Incorporated)
R2 sp_rsdrv2; C:\WINDOWS\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Crawler, LLC -> Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [546304 2013-04-25] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (TOSHIBA CORPORATION -> Toshiba Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-16 21:38 - 2019-02-16 21:38 - 000000000 ____D C:\Users\Natália\Desktop\FRST-OlderVersion
2019-02-16 20:29 - 2019-02-16 20:32 - 000000000 ____D C:\Users\Natália\AppData\Local\PlaceholderTileLogoFolder
2019-02-14 20:15 - 2019-02-14 20:15 - 007316688 _____ (Malwarebytes) C:\Users\Natália\Desktop\adwcleaner_7.2.7.0.exe
2019-02-14 19:47 - 2019-02-06 08:54 - 004527584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-14 19:47 - 2019-02-06 08:30 - 004052992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-14 19:47 - 2019-02-06 07:52 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-14 19:47 - 2019-02-06 04:00 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-14 19:47 - 2019-02-06 04:00 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-14 19:47 - 2019-02-06 04:00 - 006572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-14 19:47 - 2019-02-06 04:00 - 000945680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-14 19:47 - 2019-02-06 03:59 - 001922064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-14 19:47 - 2019-02-06 03:52 - 022014464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-14 19:47 - 2019-02-06 03:45 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-14 19:47 - 2019-02-06 03:41 - 025853952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-14 19:47 - 2019-02-06 03:37 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-14 19:47 - 2019-02-06 03:33 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-14 19:47 - 2019-02-06 03:26 - 007599616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-14 19:47 - 2019-02-06 03:24 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-14 19:47 - 2019-02-06 03:22 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-14 19:47 - 2019-02-06 03:22 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-14 19:47 - 2019-01-09 18:35 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-02-14 19:47 - 2019-01-09 06:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-14 19:47 - 2019-01-09 06:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-14 19:47 - 2019-01-09 06:39 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-02-14 19:47 - 2019-01-09 06:39 - 000789696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-14 19:47 - 2019-01-09 06:39 - 000349656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-14 19:47 - 2019-01-09 06:33 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-14 19:47 - 2019-01-09 06:29 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-02-14 19:47 - 2019-01-09 06:29 - 002500096 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-02-14 19:47 - 2019-01-09 06:27 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-02-14 19:47 - 2019-01-09 06:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-02-14 19:47 - 2019-01-09 06:21 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-02-14 19:47 - 2019-01-08 04:06 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-14 19:46 - 2019-02-06 08:53 - 001634704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-14 19:46 - 2019-02-06 08:35 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-14 19:46 - 2019-02-06 08:32 - 003648512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-14 19:46 - 2019-02-06 08:30 - 001662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-14 19:46 - 2019-02-06 08:30 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-14 19:46 - 2019-02-06 08:11 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-14 19:46 - 2019-02-06 07:57 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-14 19:46 - 2019-02-06 07:52 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-14 19:46 - 2019-02-06 07:52 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-14 19:46 - 2019-02-06 04:01 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-14 19:46 - 2019-02-06 04:01 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-14 19:46 - 2019-02-06 04:01 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-14 19:46 - 2019-02-06 04:01 - 000720480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-14 19:46 - 2019-02-06 04:01 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-02-14 19:46 - 2019-02-06 04:00 - 002719760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-14 19:46 - 2019-02-06 04:00 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-14 19:46 - 2019-02-06 04:00 - 002421264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-14 19:46 - 2019-02-06 04:00 - 001257904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-14 19:46 - 2019-02-06 04:00 - 001140680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-14 19:46 - 2019-02-06 04:00 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-02-14 19:46 - 2019-02-06 04:00 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-02-14 19:46 - 2019-02-06 04:00 - 000899728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-14 19:46 - 2019-02-06 03:59 - 001457248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-14 19:46 - 2019-02-06 03:59 - 000983128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-14 19:46 - 2019-02-06 03:42 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-14 19:46 - 2019-02-06 03:41 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-02-14 19:46 - 2019-02-06 03:40 - 005792256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-14 19:46 - 2019-02-06 03:38 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-14 19:46 - 2019-02-06 03:29 - 004865536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-14 19:46 - 2019-02-06 03:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-14 19:46 - 2019-02-06 03:27 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-14 19:46 - 2019-02-06 03:27 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-14 19:46 - 2019-02-06 03:27 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-14 19:46 - 2019-02-06 03:25 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-14 19:46 - 2019-02-06 03:25 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-14 19:46 - 2019-02-06 03:23 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-14 19:46 - 2019-01-12 03:28 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-14 19:46 - 2019-01-09 19:08 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-02-14 19:46 - 2019-01-09 18:57 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-14 19:46 - 2019-01-09 18:42 - 004716032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-14 19:46 - 2019-01-09 18:41 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-02-14 19:46 - 2019-01-09 18:36 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-02-14 19:46 - 2019-01-09 11:14 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-14 19:46 - 2019-01-09 10:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-02-14 19:46 - 2019-01-09 09:55 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-02-14 19:46 - 2019-01-09 06:59 - 000611848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-14 19:46 - 2019-01-09 06:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-02-14 19:46 - 2019-01-09 06:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-02-14 19:46 - 2019-01-09 06:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-14 19:46 - 2019-01-09 06:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-14 19:46 - 2019-01-09 06:43 - 001981280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-14 19:46 - 2019-01-09 06:43 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-14 19:46 - 2019-01-09 06:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-02-14 19:46 - 2019-01-09 06:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
2019-02-14 19:46 - 2019-01-09 06:42 - 001035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-14 19:46 - 2019-01-09 06:40 - 002765336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-14 19:46 - 2019-01-09 06:40 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-02-14 19:46 - 2019-01-09 06:40 - 000090872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-02-14 19:46 - 2019-01-09 06:39 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-14 19:46 - 2019-01-09 06:39 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-14 19:46 - 2019-01-09 06:39 - 001943128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-14 19:46 - 2019-01-09 06:39 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-02-14 19:46 - 2019-01-09 06:39 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-14 19:46 - 2019-01-09 06:39 - 000164192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-02-14 19:46 - 2019-01-09 06:39 - 000085472 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2019-02-14 19:46 - 2019-01-09 06:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-14 19:46 - 2019-01-09 06:27 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-14 19:46 - 2019-01-09 06:27 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-14 19:46 - 2019-01-09 06:26 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-02-14 19:46 - 2019-01-09 06:26 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-14 19:46 - 2019-01-09 06:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-02-14 19:46 - 2019-01-09 06:23 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-14 19:46 - 2019-01-09 06:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-14 19:46 - 2019-01-09 06:23 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-14 19:46 - 2019-01-09 06:23 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-02-14 19:46 - 2019-01-09 06:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-14 19:46 - 2019-01-09 06:22 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-14 19:46 - 2019-01-09 06:22 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-14 19:46 - 2019-01-09 06:22 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-02-14 19:46 - 2019-01-09 06:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-14 19:46 - 2019-01-09 06:21 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-14 19:46 - 2019-01-09 06:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-14 19:46 - 2019-01-09 06:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-14 19:46 - 2019-01-09 06:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-14 19:46 - 2019-01-09 06:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-14 19:46 - 2019-01-09 06:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-02-14 19:46 - 2019-01-09 06:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-14 19:46 - 2019-01-09 06:19 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-02-14 19:46 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-02-14 19:46 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-02-14 19:46 - 2019-01-08 04:06 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-14 19:45 - 2019-02-06 04:01 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-14 19:45 - 2019-02-06 04:01 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-02-14 19:45 - 2019-02-06 04:01 - 000033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-14 19:45 - 2019-02-06 04:00 - 000466960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-14 19:45 - 2019-02-06 04:00 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-14 19:45 - 2019-02-06 04:00 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-14 19:45 - 2019-02-06 04:00 - 000038792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-14 19:45 - 2019-02-06 03:59 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-14 19:45 - 2019-02-06 03:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-14 19:45 - 2019-02-06 03:38 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-02-14 19:45 - 2019-02-06 03:37 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-14 19:45 - 2019-02-06 03:28 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-14 19:45 - 2019-02-06 03:27 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-14 19:45 - 2019-02-06 03:26 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-02-14 19:45 - 2019-02-06 03:26 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-14 19:45 - 2019-02-06 03:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-14 19:45 - 2019-02-06 03:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-02-14 19:45 - 2019-02-06 03:24 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-02-14 19:45 - 2019-02-06 03:21 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-14 19:45 - 2019-02-06 02:04 - 000001314 _____ C:\WINDOWS\system32\tcbres.wim
2019-02-14 19:45 - 2019-01-12 09:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-14 19:45 - 2019-01-09 18:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-02-14 19:45 - 2019-01-09 18:40 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-02-14 19:45 - 2019-01-09 10:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-02-14 19:45 - 2019-01-09 09:48 - 000527368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-02-14 19:45 - 2019-01-09 06:43 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-02-14 19:45 - 2019-01-09 06:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-02-14 19:45 - 2019-01-09 06:42 - 000092704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-02-14 19:45 - 2019-01-09 06:40 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-14 19:45 - 2019-01-09 06:40 - 000226104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-14 19:45 - 2019-01-09 06:39 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-02-14 19:45 - 2019-01-09 06:39 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-14 19:45 - 2019-01-09 06:25 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-14 19:45 - 2019-01-09 06:24 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-02-14 19:45 - 2019-01-09 06:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-02-14 19:45 - 2019-01-09 06:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-14 19:45 - 2019-01-09 06:23 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-02-14 19:45 - 2019-01-09 06:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-02-14 19:45 - 2019-01-09 06:23 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-02-14 19:45 - 2019-01-09 06:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-02-14 19:45 - 2019-01-09 06:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-02-14 19:45 - 2019-01-09 06:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-02-14 19:45 - 2019-01-09 06:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-02-14 19:45 - 2019-01-09 06:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-02-14 19:45 - 2019-01-09 06:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2019-02-14 19:45 - 2019-01-08 10:08 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-14 19:45 - 2019-01-08 04:06 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-14 19:39 - 2019-02-14 19:43 - 000048288 _____ C:\Users\Natália\Desktop\Addition.txt
2019-02-14 19:31 - 2019-02-14 20:40 - 000000000 ____D C:\WINDOWS\Minidump
2019-02-14 19:27 - 2019-02-16 21:40 - 000031116 _____ C:\Users\Natália\Desktop\FRST.txt
2019-02-14 19:23 - 2019-02-16 21:38 - 002434560 _____ (Farbar) C:\Users\Natália\Desktop\FRST64.exe
2019-02-04 15:57 - 2019-02-04 17:55 - 1088016212 _____ C:\Users\Natália\Documents\ŠKOLA.rar
2019-01-28 20:35 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-27 20:45 - 2019-02-16 21:38 - 000000000 ____D C:\FRST

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-16 21:26 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-16 21:20 - 2013-07-09 10:03 - 000000000 ____D C:\Program Files (x86)\TOSHIBA Games
2019-02-16 21:19 - 2013-12-06 15:35 - 000000000 ____D C:\Users\Natália\AppData\Roaming\WildTangent
2019-02-16 21:19 - 2013-07-09 09:41 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-02-16 21:19 - 2013-07-09 09:41 - 000000000 ____D C:\ProgramData\WildTangent
2019-02-16 21:18 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-16 21:18 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-16 21:18 - 2017-12-14 20:23 - 000000000 ____D C:\Users\Natália\AppData\Local\Packages
2019-02-16 20:33 - 2015-05-11 21:52 - 000000000 ____D C:\ProgramData\Spyware Terminator
2019-02-16 20:30 - 2016-03-30 23:52 - 000000000 ____D C:\Users\Natália\AppData\Local\CrashDumps
2019-02-16 19:47 - 2018-06-12 20:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-16 16:38 - 2018-06-12 21:05 - 000002862 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-rechtorikovalia@gmail.com
2019-02-16 16:38 - 2018-06-12 21:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-02-16 16:35 - 2018-08-28 17:17 - 000000000 ____D C:\Users\Natália\Documents\MOJE DOKUMENTY
2019-02-16 10:30 - 2018-06-12 21:05 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-02-16 02:16 - 2018-06-12 20:43 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-16 02:16 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-02-16 02:16 - 2017-12-13 11:56 - 000000000 ____D C:\Users\Natália\AppData\Local\AVAST Software
2019-02-16 02:12 - 2015-08-13 11:27 - 000000000 __SHD C:\Users\Natália\IntelGraphicsProfiles
2019-02-16 02:09 - 2018-06-12 21:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-02-16 02:09 - 2018-06-12 20:16 - 005189752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-16 02:08 - 2018-06-12 20:23 - 000000000 ____D C:\Users\Administrator
2019-02-16 02:08 - 2018-04-11 22:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2019-02-16 02:07 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-16 02:07 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-16 02:07 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-16 02:06 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-02-16 02:06 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-16 02:06 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-16 01:46 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-15 21:15 - 2018-11-15 23:54 - 000000000 ____D C:\Program Files\rempl
2019-02-15 18:17 - 2014-12-03 20:40 - 000000000 ____D C:\Users\Natália\AppData\Local\Adobe
2019-02-15 01:54 - 2013-11-21 01:11 - 000002324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-15 00:04 - 2013-11-20 19:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-14 23:59 - 2013-11-20 19:07 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-14 20:18 - 2015-04-27 21:18 - 000000000 ____D C:\AdwCleaner
2019-02-14 19:33 - 2018-06-12 20:23 - 000000000 ____D C:\Users\Natália
2019-02-13 20:04 - 2017-02-25 13:35 - 000000000 ____D C:\Users\Natália\Documents\Soubory aplikace Outlook
2019-02-12 16:30 - 2018-06-12 21:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2019-02-08 10:58 - 2018-07-09 19:57 - 000000000 ____D C:\ProgramData\Packages
2019-02-06 19:13 - 2013-11-19 21:41 - 000000000 ____D C:\Users\Natália\AppData\Local\Toshiba
2019-02-04 18:14 - 2013-06-04 19:25 - 000000000 ____D C:\Users\Natália\Documents\životopis atd
2019-02-04 17:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-02-04 15:56 - 2016-04-02 19:45 - 000000000 ___RD C:\Users\Natália\Dropbox
2019-02-04 14:32 - 2016-03-14 22:54 - 000000020 ____H C:\ProgramData\PKP_DLet.DAT
2019-02-02 23:53 - 2018-09-22 12:12 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-02-02 23:53 - 2018-09-22 12:12 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-02-02 17:39 - 2018-08-05 14:03 - 000000000 ____D C:\Users\Natália\AppData\Local\D3DSCache
2019-01-28 21:52 - 2013-11-25 19:08 - 000000000 ____D C:\Users\Natália\AppData\LocalLow\Temp
2019-01-28 01:48 - 2015-05-12 00:18 - 000000000 ____D C:\Users\Natália\AppData\Local\ElevatedDiagnostics
2019-01-27 21:07 - 2019-01-09 13:32 - 000000000 _____ C:\WINDOWS\system32\last.dump
2019-01-18 19:28 - 2015-01-06 01:09 - 000166792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys

==================== Files in the root of some directories =======

2014-12-04 00:27 - 2015-03-27 14:33 - 000000033 _____ () C:\Users\Natália\AppData\Roaming\AdobeWLCMCache.dat
2016-03-14 22:54 - 2016-03-14 22:54 - 000000268 ___RH () C:\Users\Natália\AppData\Roaming\Application Support
2016-03-14 22:56 - 2016-03-14 22:56 - 000000268 ___RH () C:\Users\Natália\AppData\Roaming\Applications
2016-03-14 22:54 - 2016-03-14 22:54 - 000000268 ___RH () C:\Users\Natália\AppData\Roaming\Audio
2016-03-14 22:53 - 2016-03-14 22:53 - 000000268 ___RH () C:\Users\Natália\AppData\Roaming\Bass Amp

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-12 20:16

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.02.2019 01
Ran by Natália (16-02-2019 21:41:33)
Running from C:\Users\Natália\Desktop
Windows 10 Home Version 1803 17134.590 (X64) (2018-06-12 20:07:36)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3687511350-3683034353-1054481598-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3687511350-3683034353-1054481598-503 - Limited - Disabled)
Guest (S-1-5-21-3687511350-3683034353-1054481598-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3687511350-3683034353-1054481598-1005 - Limited - Enabled)
Natália (S-1-5-21-3687511350-3683034353-1054481598-1001 - Administrator - Enabled) => C:\Users\Natália
WDAGUtilityAccount (S-1-5-21-3687511350-3683034353-1054481598-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

«The Sims 3 Deluxe Edition» (build 10.2) (HKLM-x32\...\«The Sims 3 Deluxe Edition»_is1) (Version: - R.G. Catalyst)
4Media MP4 to MP3 Converter 6 (HKLM-x32\...\4Media MP4 to MP3 Converter 6) (Version: 6.8.0.1101 - 4Media)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2014 (HKLM-x32\...\{CCDCB9C4-72BA-1014-A3F8-D123F2F18BC2}) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.0.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_HOMESTUDENTR_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_HOMESTUDENTR_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_HOMESTUDENTR_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
Alcor Micro USB Card Reader (HKLM-x32\...\{C90340A9-F592-4164-9480-FCE488C4BFF6}) (Version: 4.7.1245.73473 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.7.1245.73473 - Alcor Micro Corp.)
Atheros Bluetooth Filter Driver Package (HKLM\...\{026B819B-4D60-4C8B-892D-33A0D8666F60}) (Version: 2.0.0.9 - Qualcomm Atheros)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 71.0.1037.98 - AVAST Software)
DTS Sound (HKLM-x32\...\{F8EB8FFC-C535-49A1-A84D-CC75CB2D6ADA}) (Version: 1.00.0071 - DTS, Inc.)
EGR-ShellExtension (HKLM-x32\...\EGR-ShellExtension) (Version: 1.2.0.100 - EasternGraphics)
Free YouTube Download version 3.2.49.1122 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.49.1122 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.109 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
IDT Audio Driver (HKLM\...\{11424B27-C16B-4505-9667-82A10AD1B1DC}) (Version: 6.10.6472.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\...\OneDriveSetup.exe) (Version: 18.212.1021.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.6.0 - Nikon)
OpenOffice 4.0.1 (HKLM-x32\...\{A00F439C-600D-4220-96CF-C6F1F8C32633}) (Version: 4.01.9714 - Apache Software Foundation)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.7 - Nikon)
Pixie 1.4.1 (HKLM-x32\...\Pixie_is1) (Version: 1.4.1 - Pixie Developers)
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Samsung Drive Manager (HKLM-x32\...\{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}) (Version: 1.0.172 - Clarus, Inc.)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.101 - Crawler Group)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.63.4 - Electronic Arts)
The Sims™ 3 Diesel Каталог (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Katy Perry Сладкие радости (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
The Sims™ 3 В сумерках (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
The Sims™ 3 Вперед в будущее (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Времена года (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Все возрасты (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Городская жизнь Каталог (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 Изысканная спальня Каталог (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Карьера (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.10.1 - Electronic Arts)
The Sims™ 3 Кино Каталог (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
The Sims™ 3 Мир приключений (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.9.10 - Electronic Arts)
The Sims™ 3 Отдых на природе Каталог (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.3.2 - Electronic Arts)
The Sims™ 3 Питомцы (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Райские острова (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Сверхъестественное (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Скоростной режим Каталог (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.8.1 - Electronic Arts)
The Sims™ 3 Современная роскошь Каталог (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.9.6 - Electronic Arts)
The Sims™ 3 Стильные 70-е, 80-е, 90-е Каталог (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims™ 3 Студенческая жизнь (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 Шоу-бизнес (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
TOSHIBA Battery Check Utility (HKLM-x32\...\{5468E297-7EF8-4CB3-A091-F8714147793F}) (Version: 1.00.01.01 - Toshiba Corporation)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.01.02.6405 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{B6619F14-F766-4000-BC8A-522D4CC4E44F}) (Version: 1.0.4.5 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.3.6403 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6630.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.342 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.02.6402 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.0.01.55004008 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.6.0 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{6499E894-43F8-458B-AE35-724F4732BCDE}) (Version: 2.5.6 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0020 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0007.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.9.2 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.5.59 - Toshiba Corporation)
Unity Web Player (HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
UpdateChecker (HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\...\Popajar, inc UpdateChecker) (Version: - Popajar, inc) <==== ATTENTION
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.6.0 - Nikon)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-84A32220054A}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001_Classes\CLSID\{DEDBE4C9-9E87-40C5-B437-9AAB7EB9C667}\InprocServer32 -> C:\Program Files (x86)\EasternGraphics\EGR-ShellExtension\Win64\egr_se.dll (EasternGraphics GmbH -> EasternGraphics)
CustomCLSID: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2015-01-26] (Crawler Group, LLC -> Crawler Group)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2015-01-26] (Crawler Group, LLC -> Crawler Group)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2015-01-26] (Crawler Group, LLC -> Crawler Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04C572CF-9A6D-432C-9804-1C6ABC41EE5D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {0B1D1EB1-0280-491D-85A2-2170ADD846C2} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-rechtorikovalia@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {0C0F79AC-4E9A-4F4E-8D44-70339C138943} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {1023B62F-BD69-428C-89DE-4F9DE56A039D} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe (Toshiba Europe Gmbh -> Toshiba Europe GmbH)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {37829A2A-3A45-476F-A636-D86135FCBC61} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {37C1E869-8C79-4117-B9B7-9CB2C7FA100D} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {5CBBB79A-E7D4-415E-9AE3-134C672389B2} - System32\Tasks\CLARUS_DRIVE_MANAGER\Clarus_Drive_Manager => C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe (Clarus, Inc. -> Clarus, Inc.)
Task: {5E9FFA19-86F8-4FB5-96A5-E02600388853} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {789D730C-E5C6-4ACF-8C5F-F3F93FD0D2AF} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {8528FDDA-34F3-4692-B64E-0E100E1CBA1A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {B280BDB0-A1ED-49F2-B980-B0D5AC45A88F} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe
Task: {C0E218EA-F4C9-43A1-B6FF-D85C5B6ACA0A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {D529C7A5-80F6-40A7-9AD3-984F30A1D770} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated)
Task: {DA5EE912-C40F-48C3-B3EF-6A5C6B7F2310} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-rechtorikovalia@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F484DE14-2523-4437-A79D-04C424BAFAAA} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\webdataworker.hive.lnk -> C:\Users\Natália\AppData\Roaming\webdataworker.hive\ChromeLauncherConsole.bat (No File)
Shortcut: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com

ShortcutWithArgument: C:\Users\Natália\Documents\dokument\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Natália\AppData\Local\Google\Chrome\User Data\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\500px.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=egpociadnldbkfkjpmjoaibnbcoeplja
ShortcutWithArgument: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Betaflight - Configurator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kdaghagfopacdngbohiknlhcocjccjao
ShortcutWithArgument: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\BLHeli - Configurator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=mejfjggmbnocnfibbibmoogocnjbcjnk
ShortcutWithArgument: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Cleanflight - Blackbox Explorer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cahpidddaimdojnddnahjpnefajpheep
ShortcutWithArgument: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Murder Files.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ijfecbiladpinddbjfodaaiahggomhaf

==================== Loaded Modules (Whitelisted) ==============

2013-03-27 22:53 - 2013-03-27 22:53 - 000163168 _____ () C:\PROGRAM FILES (X86)\TOSHIBA\PASSWORDUTILITY\GFNEXSRV.EXE
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-11-20 04:46 - 2018-11-20 04:46 - 004310296 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-13 10:45 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-02-15 22:56 - 2019-02-15 22:56 - 000182272 _____ () C:\PROGRAM FILES\WINDOWSAPPS\MICROSOFT.SKYPEAPP_14.39.180.0_X64__KZF8QXF38ZG5C\SKYPEBACKGROUNDHOST.EXE
2019-02-15 22:56 - 2019-02-15 22:56 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.180.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2019-02-08 10:57 - 2019-02-08 10:57 - 028028416 _____ () C:\PROGRAM FILES\WINDOWSAPPS\MICROSOFT.ZUNEVIDEO_10.19011.11311.0_X64__8WEKYB3D8BBWE\VIDEO.UI.EXE
2019-02-08 10:57 - 2019-02-08 10:57 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-01 11:54 - 2017-12-01 11:54 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-28 20:28 - 2018-11-28 20:29 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-02-08 10:57 - 2019-02-08 10:57 - 006033408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-02-08 10:57 - 2019-02-08 10:57 - 009338368 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-10-04 11:50 - 2018-10-04 11:51 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.180.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-02-15 22:56 - 2019-02-15 22:56 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.180.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-02-15 22:56 - 2019-02-15 22:56 - 010541568 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.180.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2019-02-15 22:56 - 2019-02-15 22:56 - 002933760 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.180.0_x64__kzf8qxf38zg5c\skypert.dll
2019-02-15 22:56 - 2019-02-15 22:56 - 000688640 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.180.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2019-02-15 22:56 - 2019-02-15 22:56 - 002362096 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.180.0_x64__kzf8qxf38zg5c\Processing.NDI.Lib.UWP.x64.dll
2012-07-19 02:38 - 2012-07-19 02:38 - 000020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2019-01-07 18:25 - 2019-01-07 18:25 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-07 18:25 - 2019-01-07 18:25 - 000667016 _____ () C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\streamback.dll
2019-02-01 00:23 - 2019-02-01 00:23 - 000481280 _____ () C:\PROGRAM FILES\WINDOWSAPPS\MICROSOFT.WINDOWS.PHOTOS_2019.18114.17710.0_X64__8WEKYB3D8BBWE\MICROSOFT.PHOTOS.EXE
2019-02-01 00:23 - 2019-02-01 00:23 - 080636416 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-04 12:01 - 2017-10-04 12:02 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-02-01 00:23 - 2019-02-01 00:23 - 003824640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2019-01-15 19:04 - 2019-01-15 19:04 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2019-02-01 00:23 - 2019-02-01 00:23 - 014225408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-02-01 00:23 - 2019-02-01 00:23 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-28 22:43 - 2018-08-28 22:44 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-26 23:12 - 2018-07-26 23:13 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2013-07-09 09:10 - 2012-07-18 14:55 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2019-01-06 00:40 - 000000832 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;%PIXIEHOME%\bin;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Natália\Desktop\STRINGArt+Plátno\DSC_0001 (2).jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BE4955AB-4E76-4643-99FC-311507109EDC}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe (Crawler Group, LLC -> Crawler Group, LLC)
FirewallRules: [{E5DD4BB3-14F7-4795-9DF4-0742B094361D}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe (Crawler Group, LLC -> Crawler Group, LLC)
FirewallRules: [{19D1FF24-128C-4CCC-9420-03040436C141}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler Group, LLC -> Crawler Group, LLC)
FirewallRules: [{D2306DFC-DAF0-4564-AC50-38481F4CE732}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler Group, LLC -> Crawler Group, LLC)
FirewallRules: [TCP Query User{60EF2F82-FE44-4764-A296-D2BC60B9F638}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Allow) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe (Crawler Group, LLC -> Crawler Group, LLC)
FirewallRules: [UDP Query User{0C33FF42-6F4C-4912-B053-5BD32FB6DE2B}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Allow) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe (Crawler Group, LLC -> Crawler Group, LLC)
FirewallRules: [{C99BE42F-8F63-4E98-B75C-4B13BCC8B802}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5D5DB7EA-ED7C-4CF9-BABA-D944A7C19D55}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{3E433523-E8A9-41ED-B590-77A5253E0E9D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{A94335A6-F81D-49D1-8136-05D61E25915C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{EA8D03D3-2A4E-4452-B366-6E4B7B8877AD}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{9EFC4D99-0037-4A46-AAD1-B7B439007968}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{E884A3CF-0DBF-478F-9BB2-D6C71E6060A5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

28-01-2019 02:19:15 Scheduled Checkpoint
02-02-2019 15:30:52 Windows Update
10-02-2019 02:31:03 Scheduled Checkpoint
14-02-2019 19:27:01 Windows Update
16-02-2019 20:39:59 Removed Samplitude 11

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (02/16/2019 09:21:48 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (02/16/2019 08:30:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SVCHOST.EXE_WpnUserService, version: 10.0.17134.556, time stamp: 0xf23cada5
Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185
Exception code: 0xc0000005
Fault offset: 0x000000000007a24d
Faulting process id: 0x1c68
Faulting application start time: 0x01d4c60daf7d469c
Faulting application path: C:\WINDOWS\SYSTEM32\SVCHOST.EXE
Faulting module path: C:\Windows\System32\NotificationController.dll
Report Id: 5eb30481-89e6-4b27-a023-c4db258ed568
Faulting package full name:
Faulting package-relative application ID:

Error: (02/16/2019 08:21:37 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (02/16/2019 07:48:59 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (02/16/2019 05:21:39 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (02/16/2019 04:21:39 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (02/16/2019 03:21:39 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (02/16/2019 02:21:38 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

System errors:
=============
Error: (02/16/2019 09:09:33 PM) (Source: DCOM) (EventID: 10016) (User: LIUS)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LIUS\Natália SID (S-1-5-21-3687511350-3683034353-1054481598-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/16/2019 09:07:27 PM) (Source: DCOM) (EventID: 10010) (User: LIUS)
Description: The server microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.

Error: (02/16/2019 09:06:44 PM) (Source: DCOM) (EventID: 10001) (User: LIUS)
Description: Unable to start a DCOM Server: Microsoft.OneConnect_5.1901.311.0_x64__8wekyb3d8bbwe!App.AppXe8pdgw5syxe8pgccbk3mcn5hanwamr0e.mca as Unavailable/Unavailable. The error:
"298"
Happened while starting this command:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXemn3t55segp7q92mwd35v2a5rk5mvwyz.mca

Error: (02/16/2019 09:06:44 PM) (Source: DCOM) (EventID: 10001) (User: LIUS)
Description: Unable to start a DCOM Server: Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe!App.AppX8h0bdkbb5frkt9s09fvshhbvqnntmvm1.mca as Unavailable/Unavailable. The error:
"298"
Happened while starting this command:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXe9cvj1thv1hmcw0cs98xm3r97tyzy2xs.mca

Error: (02/16/2019 08:30:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Push Notifications User Service_90b57 service terminated unexpectedly. It has done this 5 time(s).

Error: (02/16/2019 04:37:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Push Notifications User Service_90b57 service terminated unexpectedly. It has done this 4 time(s).

Error: (02/16/2019 04:37:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Push Notifications User Service_90b57 service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/16/2019 04:36:48 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Push Notifications User Service_90b57 service, but this action failed with the following error:
An instance of the service is already running.

Windows Defender:
===================================
Date: 2019-01-09 13:39:14.459
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.267.1067.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14800.3
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:
===================================

Date: 2019-02-16 02:11:12.115
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-16 02:10:53.063
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-16 02:10:52.454
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-16 02:08:08.208
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-14 20:21:24.578
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-14 20:21:23.744
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-14 20:21:22.057
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-02-14 20:19:43.761
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 47%
Total physical RAM: 3971.27 MB
Available physical RAM: 2067.22 MB
Total Virtual: 9142.35 MB
Available Virtual: 6367.63 MB

==================== Drives ================================

Drive c: (TI31126000A) (Fixed) (Total:452.43 GB) (Free:171.59 GB) NTFS
Drive d: () (Fixed) (Total:0.83 GB) (Free:0.3 GB) NTFS

\\?\Volume{6783c945-cecb-11e2-ba98-c9bc3f2b6557}\ (System) (Fixed) (Total:1 GB) (Free:0.64 GB) NTFS
\\?\Volume{2c265cf9-98f4-4f9a-bac5-d45a4d9b75d5}\ () (Fixed) (Total:0.34 GB) (Free:0.31 GB) NTFS
\\?\Volume{5bec1266-371c-4bab-9694-e507fbe12fa5}\ (Recovery) (Fixed) (Total:10.78 GB) (Free:0.85 GB) NTFS
\\?\Volume{6783c94d-cecb-11e2-ba98-c9bc3f2b6557}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

#12 Příspěvek od **Diallix** » 17 úno 2019 03:37

Odinstalujte SpywareTerminator

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

HKLM-x32\...\Winlogon: [Userinit]
ShortcutTarget: webdataworker.hive.lnk -> C:\Users\Natália\AppData\Roaming\webdataworker.hive\ChromeLauncherConsole.bat (No File) 
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {A47320E9-4AFF-46C3-9848-71DBFDCB8994} URL = 
CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP","hxxp://www.search.ask.com/?tpid=BCPA3-V7C&o=APN11416&pf=V7&trgb=CR&p2=%5EBBO%5EYYYYYY%5EYY%5ESK&gct=hp&apn_ptnrs=%5EBBO&apn_dtid=%5EYYYYYY%5EYY%5ESK&apn_dbr=cr_30.0.1599.101&apn_uid=D5A481B8-D3A5-495F-99D1-7199B99EE6BC&itbv=12.7.0.2210&doi=2013-11-11&psv=","hxxp://www.google.sk/"
CHR NewTab: Default -> Not-active:"chrome-extension://blmojkbhnkkphngknkmgccmlenfaelkd/speeddial/html/newTab.html"
CustomCLSID: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-84A32220054A}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll => No File
Shortcut: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\webdataworker.hive.lnk -> C:\Users\Natália\AppData\Roaming\webdataworker.hive\ChromeLauncherConsole.bat (No File)
Shortcut: C:\Users\Natália\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

peter1207 · #13 Příspěvek od **peter1207** » 17 úno 2019 20:20

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.02.2019
Ran by Natália (17-02-2019 20:13:34) Run:2
Running from C:\Users\Natália\Desktop
Loaded Profiles: Natália (Available Profiles: Natália & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM-x32\...\Winlogon: [Userinit]
ShortcutTarget: webdataworker.hive.lnk -> C:\Users\Nat�lia\AppData\Roaming\webdataworker.hive\ChromeLauncherConsole.bat (No File)
SearchScopes: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001 -> {A47320E9-4AFF-46C3-9848-71DBFDCB8994} URL =
CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP","hxx ... google.sk/"
CHR NewTab: Default -> Not-active:"chrome-extension://blmojkbhnkkphngknkmgccmlenfaelkd/speeddial/html/newTab.html"
CustomCLSID: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-84A32220054A}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-3687511350-3683034353-1054481598-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll => No File
Shortcut: C:\Users\Nat�lia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\webdataworker.hive.lnk -> C:\Users\Nat�lia\AppData\Roaming\webdataworker.hive\ChromeLauncherConsole.bat (No File)
Shortcut: C:\Users\Nat�lia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)

EmptyTemp:
*****************

"HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit" => not found
"C:\Users\Nat�lia\AppData\Roaming\webdataworker.hive\ChromeLauncherConsole.bat" => not found
HKU\S-1-5-21-3687511350-3683034353-1054481598-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A47320E9-4AFF-46C3-9848-71DBFDCB8994} => removed successfully
HKLM\Software\Classes\CLSID\{A47320E9-4AFF-46C3-9848-71DBFDCB8994} => not found
"Chrome HomePage" => removed successfully
"Chrome StartupUrls" => removed successfully
"Chrome NewTab" => removed successfully
HKU\S-1-5-21-3687511350-3683034353-1054481598-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-84A32220054A} => removed successfully
HKU\S-1-5-21-3687511350-3683034353-1054481598-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13} => removed successfully
"C:\Users\Nat�lia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\webdataworker.hive.lnk" => not found
"C:\Users\Nat�lia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk" => not found
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 39355554 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 3334471 B
Edge => 3584 B
Chrome => 743750296 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 14498 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Natália => 9963867 B
Administrator => 0 B

RecycleBin => 0 B
EmptyTemp: => 769.6 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 20:14:25 ====

#14 Příspěvek od **Diallix** » 17 úno 2019 21:21

Ako je na tom pocitac?

peter1207 · #15 Příspěvek od **peter1207** » 17 úno 2019 23:25

Vyzera ze zije ako ma.
Chcem sa opytat, co za kvetinky nam to tu hatia? Resp odkial mozu pochadzat? Viem ze je to tazka otazka no nadej umiera posledna

Este podotknem, ze prirodopisne filmy pre velkych sa nepozeraju...

VIRY.CZ

Prosim o kontrolu, dakujem :)

Prosim o kontrolu, dakujem :)

Re: Prosim o kontrolu, dakujem :)

Re: Prosim o kontrolu, dakujem :)

Re: Prosim o kontrolu, dakujem :)

Re: Prosim o kontrolu, dakujem :)

Re: Prosim o kontrolu, dakujem :)

Re: Prosim o kontrolu, dakujem :)

Re: Prosim o kontrolu, dakujem :)

Re: Prosim o kontrolu, dakujem :)

Re: Prosim o kontrolu, dakujem :)

Re: Prosim o kontrolu, dakujem :)

Re: Prosim o kontrolu, dakujem :)

Re: Prosim o kontrolu, dakujem :)

Re: Prosim o kontrolu, dakujem :)

Re: Prosim o kontrolu, dakujem :)