Právě je 21 črc 2019 02:09

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina


Pravidla fóra


Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz



Odeslat nové téma Odpovědět na téma  [ Příspěvků: 11 ] 
Autor Zpráva
PříspěvekNapsal: 02 kvě 2019 14:36 
Offline
Návštěvník
Návštěvník

Registrován: 02 kvě 2019 14:21
Příspěvky: 7
Ahoj!

Dostal se mně do rukou počítač od známého s tím, že tam nic pořádně nejede. Například nejde spustit Adobe Acrobat reder a spoustu dalších programu, při pokusu o spuštění vyskočí hláška:

Systém Windows nemůže najít položku "cesta k programu" Ujistěte se, zda je název zadán správně, a akci opakujte."

Když jsem se ho ptal co s tím dělal, říkal že tam měl jednu dobu dva antiviry, když se ke mne počítač dostal, byl tam jen Avast, zkusil jsem ho odinstalovat a nainstalovat ale bez úspěchu. Přeinstalace Win také nepomohla.

Známý tam potřebuje nutně používat nějaké programy, které po čisté instalaci nepojedou, takže bych rád zdali by to nešlo vyřešit bez čisté instalace. HDD jsem kontroloval a nemá vadné bloky.

Děkuji moc za rady!


FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-05.2019
Ran by rufus (administrator) on X220 (LENOVO 4290CZ2) (02-05-2019 15:16:46)
Running from C:\!Stazeno!
Loaded Profiles: rufus (Available Profiles: rufus)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
() [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVerMedia) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Lenovo -> Lenovo Group Limited) [File not signed] C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo -> Lenovo) [File not signed] C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(LENOVO -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [PWMTRV] => C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL [6420264 2018-05-16] (Lenovo -> Lenovo Group Limited) [File not signed]
HKLM-x32\...\Run: [Ucetni manager] => C:\Program Files (x86)\Computer Laboratory\Ucetni manager\umgrrun.exe [810632 2014-02-27] (Petr Zahradnik Computer Laboratory (Petr Zahradnik) -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-874031436-337575524-4057376398-1000\...\Run: [icq.desktop] => C:\Users\rufus\AppData\Roaming\ICQ\bin\icq.exe [28501144 2018-12-04] (LLC Mail.Ru -> )
HKU\S-1-5-18\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd -> Piriform Ltd)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ThinkPad\Bluetooth Software\\BtwCP.dll [2013-05-14] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll [2013-05-14] (Broadcom Corporation -> Broadcom Corporation.)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2018-07-26]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2018-07-26]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-03-17]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk [2018-07-11]
ShortcutTarget: Canon LBP2900 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE (CANON INC. -> CANON INC.)
Startup: C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dosprint.lnk [2019-04-29]
ShortcutTarget: Dosprint.lnk -> C:\DosPrint\DOSPRINT.EXE (Ing. Daniel Redlich SOFTWARE -> Daniel Redlich Software)
Startup: C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google Chrome.lnk [2016-03-17]
ShortcutTarget: Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
Startup: C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2003.lnk [2016-03-18]
ShortcutTarget: Microsoft Office Outlook 2003.lnk -> C:\Windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\outicon.exe () [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {025CB46C-4192-4138-B269-B38A80D883E3} - System32\Tasks\{2379CD0F-3740-4739-89AF-D744D5BDF884} => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
Task: {0CEDF50C-5D89-4D79-BE3A-0755DB8DF0FF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-03-17] (Google Inc -> Google Inc.)
Task: {21D69BFD-1BEC-459D-872C-9D21533DB73B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-10] (Adobe Inc. -> Adobe)
Task: {3D8412E4-4C33-4747-9D19-79549F5DFBC4} - System32\Tasks\{26DD1F3A-C873-42C3-BC6A-70A145CFC461} => C:\Program Files (x86)\Computer Laboratory\Ucetni manager\umgr.exe [10886520 2019-01-27] (Petr Zahradnik Computer Laboratory (Petr Zahradnik) -> Petr Zahradnik)
Task: {5D227A38-B82F-4F4E-A3F7-E3E23E6E5632} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-03-17] (Google Inc -> Google Inc.)
Task: {5DE852AF-F71D-434E-A846-74FC7E30B0E9} - System32\Tasks\{D5B9E629-49C3-4A36-A51D-C6AB2116FCF9} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {6997CC3A-941F-4775-AB58-C29C9AB1ED5E} - System32\Tasks\{DA99EEEC-01A7-433C-B0F8-D6BE3215C42C} => C:\Program Files\MyPhoneExplorer\MyPhoneExplorer portable.exe [5443584 2016-03-30] (F.J. Wechselberger) [File not signed]
Task: {6FDF9770-C977-4AAA-AE1D-65FF10211E82} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2925960 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
Task: {756529BC-46C6-4FA1-AB60-6CE73ED84B7D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13594584 2018-06-24] (Piriform Ltd -> Piriform Ltd)
Task: {80B896D6-CF5A-4718-8234-719221E4617C} - System32\Tasks\{2A24999F-B0CD-4E07-9E4B-B979B0DA6761} => C:\Windows\system32\pcalua.exe -a C:\!Stazeno!\balicky.exe -d C:\!Stazeno!
Task: {94203ED0-243C-451A-8966-7FBA95B640A6} - System32\Tasks\{E20E4AF7-2804-4D9F-9003-D4C1325FB019} => C:\DosPrint\DOSPRINT.EXE [1525984 2010-05-13] (Ing. Daniel Redlich SOFTWARE -> Daniel Redlich Software)
Task: {94722260-A045-4666-B6F1-A70DD1E85AAD} - System32\Tasks\{A794CD0D-D239-4132-9D37-A6678407D7ED} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}\setup.exe" -c -runfromtemp -l0x0405
Task: {957978A9-FF52-456F-A663-68425735F73B} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1586560 2016-09-10] (LENOVO -> )
Task: {A060271E-F03F-4DD1-8DB8-44FF60B7EAA3} - System32\Tasks\{9AF9E41A-FDB1-48BF-9C1D-68F92ED91603} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {A1FF34DC-9620-4566-884A-FA4F41E7DA71} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [3647272 2018-05-16] (Lenovo -> Lenovo Group Limited) [File not signed]
Task: {A7490661-3DDA-4E63-BB68-99472D8C0FB8} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {A7EB99CE-974F-4C61-B915-7BDE1D94CD42} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe
Task: {AEC74547-1144-46B9-A0E3-03AF23AACFF7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AEEE8402-0F0D-4952-BA06-AD8375966F04} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {B16112C8-2AD2-4878-A102-D7F1DACE0B6A} - System32\Tasks\{1EA29469-FE14-4DE5-941A-67193ABC1E91} => C:\Program Files (x86)\TeamViewer\TeamViewer.exe [47406368 2019-04-15] (TeamViewer GmbH -> TeamViewer GmbH)
Task: {B33AA33B-8DC8-415C-A382-8134D46FBE9A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {B4B607CC-7EB1-463B-A744-578751674DCA} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1586560 2016-09-10] (LENOVO -> )
Task: {B5E8DB09-76ED-4251-8313-22DD0952ECF9} - System32\Tasks\{79E72281-7FE4-412E-B1B2-0D105F57A8C6} => C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE [196152 2003-07-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe
Task: {D43860FA-CF77-4BD2-B852-B4F8F47976B0} - System32\Tasks\{17ACF711-1FE5-4C55-A83F-563E38AFD500} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {DB137AB0-2DAD-400A-BBD5-594073D9D259} - System32\Tasks\{94AAE1EB-796B-4B33-BCD4-5A78DA8E0156} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {EE3F0B06-7EF5-4621-99B5-3C0B8EA962C8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-01] (LENOVO -> Lenovo)
Task: {F9D36A14-AD30-43E7-8600-7BA4EBEBAA99} - System32\Tasks\{7CD25E14-5A8C-4630-9D4D-33968A8DCE69} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {FB9A5AFF-8E43-4B35-A242-C865D09B1ECB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\zz_install\b\AdwCleaner.exe
Task: C:\Windows\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.3.1
Tcpip\..\Interfaces\{54E43542-C16C-4333-853E-4EB7F0CE315B}: [DhcpNameServer] 192.168.3.1

Internet Explorer:
==================
HKU\S-1-5-21-874031436-337575524-4057376398-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=en-us
DPF: HKLM-x32 {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} hxxp://90.179.137.14/codebase/DVM_IPCam2.ocx
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation) [File not signed]
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: ulxx95zd.default
FF ProfilePath: C:\Users\rufus\AppData\Roaming\Mozilla\Firefox\Profiles\ulxx95zd.default [2019-04-30]
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [No File]
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2018-01-08] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-29] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-29] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.) [File not signed]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.jrbrno.cz/L3_S2_Z57","hxxps://www.fastshare.cz/8709075/ordinace-v-ruzove-zahrade-2-795-dil-ferova-nabidk-sg-hd.mp4#.Wo1nGYPOU-U","hxxps://www.brno.cz/sprava-mesta/dokumenty-mesta/zapisy-z-rady-mesta-brna/?cislo=3334&rok=2017&dokument=2&platnost=1","hxxps://www.brno.cz/sprava-mesta/dokumenty-mesta/zapisy-ze-zastupitelstva-mesta-brna/?cislo=3346&rok=2017&dokument=3&platnost=1","hxxps://moje.o2.cz/firma/index.jsp","hxxps://moje.o2.cz/firma/index.jsp"
CHR Profile: C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default [2019-05-02]
CHR Extension: (Prezentace) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-30]
CHR Extension: (Dokumenty) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-30]
CHR Extension: (Disk Google) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-30]
CHR Extension: (YouTube) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-30]
CHR Extension: (uBlock Origin) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-04-30]
CHR Extension: (Vyhledávání Google) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2019-04-30]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-04-30]
CHR Extension: (Tabulky) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-30]
CHR Extension: (Avast Online Security) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-30]
CHR Extension: (Gmail) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-30]
CHR Profile: C:\Users\rufus\AppData\Local\Google\Chrome\User Data\System Profile [2019-04-30]
CHR HKU\S-1-5-21-874031436-337575524-4057376398-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-874031436-337575524-4057376398-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [360448 2011-08-19] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]
S4 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [326160 2018-05-16] (LENOVO -> Lenovo.)
S4 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2017-04-13] (Foxit Software Incorporated -> Foxit Software Inc.)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2019-04-04] (Microsoft Corporation) [File not signed]
S2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [710144 2016-09-06] (LENOVO -> Lenovo.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R3 Power Manager DBC Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [1669416 2018-05-16] (Lenovo -> Lenovo) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11795800 2019-04-15] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 5U877; C:\Windows\System32\DRIVERS\5U877.sys [166016 2011-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Ricoh co.,Ltd.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205400 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254128 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196000 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320624 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [57888 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166848 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1031000 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476776 2019-05-02] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220640 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385848 2019-05-02] (AVAST Software s.r.o. -> AVAST Software)
S3 btwampfl; C:\Windows\system32\drivers\btwampfl.sys [598808 2012-12-04] (Broadcom Corporation -> Broadcom Corporation.)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [5363200 2013-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [342528 2013-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-05-02] (Malwarebytes Corporation -> Malwarebytes)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwNs64.sys [8615936 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2018-02-04] (PAIPTAC Driver -> )
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated -> Synaptics Incorporated)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-02 15:16 - 2019-05-02 15:16 - 000000000 ____D C:\FRST
2019-05-02 15:12 - 2019-05-02 15:12 - 000001659 _____ C:\aaa.txt
2019-05-02 15:02 - 2019-05-02 15:02 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-05-02 14:58 - 2019-05-02 15:00 - 000204170 _____ C:\Windows\ntbtlog.txt
2019-04-30 19:07 - 2019-04-30 19:07 - 000001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-04-30 19:07 - 2019-04-30 19:07 - 000001031 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-04-30 18:30 - 2019-04-30 18:22 - 000000000 ____D C:\Windows\Panther
2019-04-30 18:28 - 2019-04-30 18:28 - 000262144 _____ C:\Windows\system32\config\userdiff
2019-04-30 18:27 - 2019-05-02 14:31 - 000087296 _____ C:\Users\rufus\AppData\Local\GDIPFONTCACHEV1.DAT
2019-04-30 18:27 - 2019-04-30 18:27 - 000001443 _____ C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-04-30 18:27 - 2019-04-30 18:27 - 000001409 _____ C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2019-04-30 18:26 - 2019-04-30 18:26 - 001574018 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-04-30 18:22 - 2019-04-30 18:22 - 000000020 ___SH C:\Users\rufus\ntuser.ini
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\Šablony
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\Poslední
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\Okolní síť
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\Dokumenty
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\Data aplikací
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\ProgramData\Šablony
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\ProgramData\Plocha
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\ProgramData\Oblíbené položky
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\ProgramData\Dokumenty
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\ProgramData\Data aplikací
2019-04-30 18:21 - 2019-04-30 18:14 - 000000000 ___HD C:\$WINDOWS.~Q
2019-04-30 18:11 - 2019-04-30 18:18 - 000000000 ___HD C:\$INPLACE.~TR
2019-04-30 18:11 - 2019-04-30 18:11 - 000022924 _____ C:\Windows\system32\emptyregdb.dat
2019-04-30 18:07 - 2019-04-30 18:07 - 000000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2019-04-30 18:07 - 2019-04-30 18:07 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2019-04-30 18:07 - 2019-04-30 18:07 - 000000000 ____D C:\Users\Default\AppData\Local\AVG
2019-04-30 18:07 - 2019-04-30 18:07 - 000000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2019-04-30 18:07 - 2019-04-30 18:07 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2019-04-30 18:07 - 2019-04-30 18:07 - 000000000 ____D C:\Users\Default User\AppData\Local\AVG
2019-04-30 17:36 - 2019-04-30 18:22 - 000000000 ____D C:\Users\rufus
2019-04-30 17:36 - 2019-04-30 17:36 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2019-04-30 17:36 - 2019-04-30 17:36 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\Šablony
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\Soubory cookie
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\Poslední
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\Okolní tiskárny
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\Okolní síť
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\Nabídka Start
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\Dokumenty
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\Documents\Obrázky
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\Documents\Hudba
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\Documents\Filmy
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\Data aplikací
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\AppData\Local\Data aplikací
2019-04-30 17:36 - 2011-04-12 10:45 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Media Center Programs
2019-04-30 17:35 - 2019-04-30 17:39 - 000000000 ____D C:\Program Files\CONEXANT
2019-04-30 17:35 - 2019-04-30 17:35 - 000000264 _____ C:\Windows\Tasks\Synaptics TouchPad Enhancements.job
2019-04-30 17:35 - 2019-04-30 17:35 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2019-04-30 17:34 - 2019-04-30 17:34 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2019-04-30 17:34 - 2019-04-30 17:34 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2019-04-30 17:34 - 2019-04-30 17:34 - 000000000 ____D C:\Program Files\Synaptics
2019-04-30 17:34 - 2019-04-30 17:34 - 000000000 ____D C:\Intel
2019-04-30 16:48 - 2019-04-30 16:48 - 000003170 _____ C:\Users\rufus\Desktop\Soubor Windows Compatibility Report.htm
2019-04-30 16:46 - 2019-04-30 16:46 - 000002544 _____ C:\Windows\diagwrn.xml
2019-04-30 16:46 - 2019-04-30 16:46 - 000001890 _____ C:\Windows\diagerr.xml
2019-04-30 16:28 - 2019-04-30 17:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-04-30 16:28 - 2019-04-30 16:28 - 000001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-04-30 16:24 - 2019-05-02 14:38 - 000476776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-04-30 16:24 - 2019-05-02 14:38 - 000385848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-04-30 16:24 - 2019-04-30 16:23 - 000220640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-04-30 16:24 - 2019-04-30 16:23 - 000166848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-04-30 16:24 - 2019-04-30 16:23 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-04-30 16:24 - 2019-04-30 16:23 - 000088160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-04-30 16:24 - 2019-04-30 16:23 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-04-30 16:24 - 2019-04-30 16:22 - 001031000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-04-30 16:24 - 2019-04-30 16:22 - 000320624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-04-30 16:24 - 2019-04-30 16:22 - 000254128 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-04-30 16:24 - 2019-04-30 16:22 - 000205400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-04-30 16:24 - 2019-04-30 16:22 - 000196000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-04-30 16:24 - 2019-04-30 16:22 - 000057888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-04-30 16:24 - 2019-04-30 16:22 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-04-30 16:23 - 2019-04-30 16:22 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-04-30 16:22 - 2019-04-30 17:38 - 000000000 ____D C:\Program Files\AVAST Software
2019-04-30 13:17 - 2019-04-30 13:17 - 008810312 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online_x64.exe
2019-04-29 20:39 - 2019-05-02 15:00 - 000000258 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2019-04-29 20:36 - 2019-04-30 18:00 - 000000000 ____D C:\Users\rufus\AppData\Local\mbamtray
2019-04-29 20:36 - 2019-04-30 18:00 - 000000000 ____D C:\Users\rufus\AppData\Local\mbam
2019-04-29 20:36 - 2019-04-30 17:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-29 20:36 - 2019-04-29 20:36 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-29 20:35 - 2019-04-30 17:41 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-29 20:35 - 2019-04-30 17:39 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-29 20:35 - 2019-04-29 20:39 - 000000000 ____D C:\AdwCleaner
2019-04-29 20:35 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-04-29 20:28 - 2019-04-30 17:39 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-04-29 20:28 - 2019-04-30 11:59 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-29 20:28 - 2019-04-29 20:28 - 000002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2019-04-29 20:25 - 2019-04-30 17:40 - 000000000 ____D C:\Program Files (x86)\ThinkPad
2019-04-29 20:25 - 2019-04-29 20:25 - 000003020 _____ C:\Windows\System32\Tasks\PMTask
2019-04-29 20:25 - 2018-05-16 06:08 - 002873128 _____ (Lenovo Group Limited) C:\Windows\system32\PWMCP64V.cpl
2019-04-29 20:25 - 2018-05-16 06:08 - 002693416 _____ (Lenovo Group Limited) C:\Windows\PWMBTHLV.EXE
2019-04-29 20:25 - 2018-05-16 06:08 - 000039264 _____ (Lenovo Group Limited) C:\Windows\system32\Drivers\TPPWR64V.SYS
2019-04-29 20:25 - 2018-05-16 06:08 - 000029512 _____ (Lenovo.) C:\Windows\system32\Drivers\DZHDD64.SYS
2019-04-29 20:19 - 2019-04-30 18:00 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-04-29 20:19 - 2019-04-30 17:40 - 000000000 ____D C:\Program Files (x86)\VS Revo Group
2019-04-29 20:19 - 2019-04-29 20:19 - 000001264 _____ C:\Users\rufus\Desktop\Revo Uninstaller.lnk
2019-04-29 11:11 - 2019-04-29 11:11 - 000002954 _____ C:\Windows\System32\Tasks\{1EA29469-FE14-4DE5-941A-67193ABC1E91}
2019-04-26 19:39 - 2019-05-02 15:10 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-04-15 07:23 - 2019-05-02 14:38 - 000000077 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2019-04-04 14:55 - 2010-06-19 14:26 - 000159504 _____ () C:\Windows\SysWOW64\DVM_IPCam2.ocx
2019-04-04 14:55 - 2010-06-19 14:26 - 000159504 _____ () C:\Windows\DVM_IPCam2.ocx
2019-04-04 14:52 - 2019-04-04 14:53 - 000000000 ____D C:\a
2019-04-04 14:50 - 2019-04-04 14:49 - 000120194 _____ C:\Windows\SysWOW64\Dvm_ipcam2.rar
2019-04-04 14:49 - 2019-04-04 14:49 - 000120194 _____ C:\Windows\Dvm_ipcam2.rar
2019-04-04 14:21 - 2019-04-04 14:21 - 000000000 ___HD C:\Windows\msdownld.tmp
2019-04-04 14:21 - 2013-10-14 18:00 - 000028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2019-04-04 14:17 - 2019-04-04 14:17 - 006026240 ____N (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 004305920 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 001359360 ____N (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 001155072 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000942592 ____N (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000940032 ____N (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-04-04 14:17 - 2019-04-04 14:17 - 000814080 ____N (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000645120 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000620032 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000235008 ____N (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000194048 ____N (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000131072 ____N (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000114688 ____N (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-04-04 14:17 - 2019-04-04 14:17 - 000111616 ____N (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000088064 ____N (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000077824 ____N (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000064000 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000060416 ____N (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000048640 ____N (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000047616 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000004096 ____N (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000010752 ____N (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000010752 ____N (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000009728 ____N (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000009728 ____N (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000005632 ____N (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000005632 ____N (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000005632 ____N (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000005632 ____N (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000004096 ____N (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000004096 ____N (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000003584 ____N (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000003584 ____N (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000003072 ____N (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000003072 ____N (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000003072 ____N (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000003072 ____N (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000002560 ____N (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000002560 ____N (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2019-04-04 14:03 - 2019-04-30 18:01 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Mozilla
2019-04-04 14:03 - 2019-04-30 18:00 - 000000000 ____D C:\Users\rufus\AppData\Local\Mozilla

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-02 15:16 - 2016-03-30 13:08 - 000000000 ____D C:\!Stazeno!
2019-05-02 15:11 - 2016-03-17 19:42 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-05-02 15:10 - 2018-03-08 09:42 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-05-02 15:08 - 2011-04-12 10:34 - 000671630 _____ C:\Windows\system32\perfh005.dat
2019-05-02 15:08 - 2011-04-12 10:34 - 000142194 _____ C:\Windows\system32\perfc005.dat
2019-05-02 15:08 - 2009-07-14 07:13 - 001590786 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-02 15:08 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-05-02 15:01 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-02 14:57 - 2009-07-14 06:45 - 000021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-02 14:57 - 2009-07-14 06:45 - 000021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-02 14:29 - 2009-07-14 06:45 - 000353256 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-30 18:30 - 2009-07-14 07:32 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2019-04-30 18:27 - 2009-07-14 06:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2019-04-30 18:22 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2019-04-30 18:22 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Windows NT
2019-04-30 18:20 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\oobe
2019-04-30 18:12 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\Registration
2019-04-30 18:11 - 2017-12-06 21:07 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-04-30 18:11 - 2016-03-17 16:57 - 000000000 ____D C:\Windows\System32\Tasks\TVT
2019-04-30 18:11 - 2016-03-17 16:57 - 000000000 ____D C:\Windows\System32\Tasks\Lenovo
2019-04-30 18:11 - 2009-07-14 05:20 - 000000000 __RSD C:\Windows\Media
2019-04-30 18:01 - 2019-04-01 12:50 - 000000000 ____D C:\Users\rufus\Desktop\Autogramiáda paní Mileny Flodrové __ Novináři jižní Moravy_files
2019-04-30 18:01 - 2019-01-15 17:37 - 000000000 ____D C:\Users\rufus\Desktop\MojeBanka_files
2019-04-30 18:01 - 2018-11-09 17:10 - 000000000 ____D C:\Users\rufus\Desktop\Dotace Město brno 2018_files
2019-04-30 18:01 - 2018-07-03 11:28 - 000000000 ____D C:\Users\rufus\Desktop\Kalkul PDF
2019-04-30 18:01 - 2018-04-18 16:23 - 000000000 ____D C:\Users\rufus\Desktop\Aktuálně - Cena Jiřího Ortena_files
2019-04-30 18:01 - 2018-02-04 20:46 - 000000000 ____D C:\Users\rufus\AppData\Roaming\PwrMgr
2019-04-30 18:01 - 2018-02-04 19:08 - 000000000 ____D C:\Users\rufus\Downloads\microsoft office 2013
2019-04-30 18:01 - 2018-02-04 19:05 - 000000000 ____D C:\Users\rufus\AppData\Roaming\uTorrent
2019-04-30 18:01 - 2018-02-04 19:05 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2019-04-30 18:01 - 2017-11-08 09:07 - 000000000 ____D C:\Users\rufus\Desktop\Barum Polaris 3 165_70 R14 81T od 822 Kč - Heureka.cz_files
2019-04-30 18:01 - 2017-10-17 18:32 - 000000000 ____D C:\Users\rufus\Desktop\Kegelovy cviky_files
2019-04-30 18:01 - 2017-09-01 11:57 - 000000000 ____D C:\Users\rufus\Desktop\ŽZ dobre rano_files
2019-04-30 18:01 - 2017-05-11 17:31 - 000000000 ____D C:\Users\rufus\Documents\OCCT
2019-04-30 18:01 - 2017-02-17 13:50 - 000000000 ____D C:\Users\rufus\Desktop\Mluvnické pády _ Pišme správně_files
2019-04-30 18:01 - 2017-02-15 10:10 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Software602
2019-04-30 18:01 - 2017-01-17 11:43 - 000000000 ____D C:\Users\rufus\Desktop\Brno - Oznámení od společného zástupce - formulář k odeslání_files
2019-04-30 18:01 - 2016-11-10 10:48 - 000000000 ____D C:\Users\rufus\Documents\Garmin
2019-04-30 18:01 - 2016-06-21 16:34 - 000000000 ___RD C:\Users\rufus\Documents\Scanned Documents
2019-04-30 18:01 - 2016-06-21 16:34 - 000000000 ____D C:\Users\rufus\Documents\Fax
2019-04-30 18:01 - 2016-05-09 10:05 - 000000000 ____D C:\Users\rufus\Documents\AVerTV
2019-04-30 18:01 - 2016-04-19 15:32 - 000000000 ____D C:\Users\rufus\Documents\IP Camera Viewer
2019-04-30 18:01 - 2016-04-18 13:11 - 000000000 ____D C:\Users\rufus\AppData\Roaming\TuneUp Software
2019-04-30 18:01 - 2016-04-15 10:52 - 000000000 ____D C:\Users\rufus\Documents\BlazeVideo
2019-04-30 18:01 - 2016-04-14 16:16 - 000000000 ____D C:\Users\rufus\Languages
2019-04-30 18:01 - 2016-03-30 15:03 - 000000000 ____D C:\Users\rufus\AppData\Roaming\vlc
2019-04-30 18:01 - 2016-03-24 14:27 - 000000000 ____D C:\Users\rufus\Documents\PeliCo
2019-04-30 18:01 - 2016-03-23 11:34 - 000000000 ____D C:\Users\rufus\Documents\CD_KALKUL
2019-04-30 18:01 - 2016-03-23 11:33 - 000000000 ____D C:\Users\rufus\AppData\Roaming\PeliCo
2019-04-30 18:01 - 2016-03-18 18:16 - 000000000 ___RD C:\Users\rufus\Disk Google
2019-04-30 18:01 - 2016-03-17 19:42 - 000000000 ____D C:\Users\rufus\AppData\Roaming\TeamViewer
2019-04-30 18:01 - 2016-03-17 19:19 - 000000000 ____D C:\Users\rufus\Desktop\Hard Disk Sentinel 4.6 r
2019-04-30 18:01 - 2016-03-17 17:22 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2019-04-30 18:01 - 2016-03-17 16:46 - 000000000 ____D C:\Users\rufus\Desktop\HWiNFO32
2019-04-30 18:00 - 2018-02-22 10:37 - 000000000 ____D C:\Users\rufus\AppData\LocalLow\Temp
2019-04-30 18:00 - 2018-02-04 20:08 - 000000000 ____D C:\Users\rufus\AppData\Local\Lenovo
2019-04-30 18:00 - 2018-01-31 14:29 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Kastner software
2019-04-30 18:00 - 2018-01-26 14:19 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KALKTISK
2019-04-30 18:00 - 2018-01-22 17:31 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Avast Tuneup
2019-04-30 18:00 - 2018-01-10 16:52 - 000000000 ____D C:\Users\rufus\AppData\Local\Turbo
2019-04-30 18:00 - 2018-01-10 16:45 - 000000000 ____D C:\Users\rufus\AppData\Local\IIIQF
2019-04-30 18:00 - 2017-12-13 13:29 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KUPDATE
2019-04-30 18:00 - 2017-06-29 07:54 - 000000000 ____D C:\Users\rufus\AppData\Roaming\AVAST Software
2019-04-30 18:00 - 2017-05-11 17:31 - 000000000 ____D C:\Users\rufus\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
2019-04-30 18:00 - 2017-05-11 17:24 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Hard Disk Sentinel
2019-04-30 18:00 - 2017-04-27 07:34 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Google
2019-04-30 18:00 - 2017-02-15 10:09 - 000000000 ____D C:\Users\rufus\AppData\Roaming\602Installer
2019-04-30 18:00 - 2016-11-04 14:21 - 000000000 ____D C:\Users\rufus\AppData\Local\Tvsukernel
2019-04-30 18:00 - 2016-10-13 09:24 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Garmin
2019-04-30 18:00 - 2016-04-20 09:59 - 000000000 ____D C:\Users\rufus\AppData\LocalLow\Adobe
2019-04-30 18:00 - 2016-04-20 09:42 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Adobe
2019-04-30 18:00 - 2016-04-20 09:12 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online
2019-04-30 18:00 - 2016-04-20 09:12 - 000000000 ____D C:\Users\rufus\AppData\Roaming\ImperiaOnline
2019-04-30 18:00 - 2016-04-18 13:14 - 000000000 ____D C:\Users\rufus\AppData\Roaming\AVG
2019-04-30 18:00 - 2016-04-18 13:07 - 000000000 ____D C:\Users\rufus\AppData\Local\MFAData
2019-04-30 18:00 - 2016-03-31 13:53 - 000000000 ____D C:\Users\rufus\AppData\Local\Nico Mak Computing
2019-04-30 18:00 - 2016-03-30 13:19 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2019-04-30 18:00 - 2016-03-30 13:19 - 000000000 ____D C:\Users\rufus\AppData\Roaming\ICQ
2019-04-30 18:00 - 2016-03-23 11:36 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DOSBox-0.72
2019-04-30 18:00 - 2016-03-23 11:32 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KALKULY
2019-04-30 18:00 - 2016-03-18 17:16 - 000000000 ____D C:\Users\rufus\AppData\Local\Spoon
2019-04-30 18:00 - 2016-03-17 19:56 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Foxit Software
2019-04-30 18:00 - 2016-03-17 19:56 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Foxit AgentInformation
2019-04-30 18:00 - 2016-03-17 19:43 - 000000000 ____D C:\Users\rufus\AppData\Local\TeamViewer
2019-04-30 18:00 - 2016-03-17 17:22 - 000000000 ____D C:\Users\rufus\AppData\Roaming\GHISLER
2019-04-30 18:00 - 2016-03-17 17:19 - 000000000 ____D C:\Users\rufus\AppData\Local\Google
2019-04-30 18:00 - 2016-03-17 17:02 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Intel
2019-04-30 18:00 - 2016-03-17 16:42 - 000000000 ____D C:\Users\rufus\AppData\Local\VirtualStore
2019-04-30 17:49 - 2017-08-11 12:25 - 000000000 ____D C:\Users\rufus\AppData\Local\Apps\2.0
2019-04-30 17:49 - 2017-07-10 10:35 - 000000000 ____D C:\Users\rufus\AppData\Local\AVAST Software
2019-04-30 17:49 - 2016-10-13 09:24 - 000000000 ____D C:\Users\rufus\AppData\Local\Garmin_Ltd._or_its_subsid
2019-04-30 17:49 - 2016-05-09 09:55 - 000000000 ____D C:\Users\rufus\AppData\Local\AVerMedia
2019-04-30 17:49 - 2016-04-20 14:06 - 000000000 ____D C:\Users\rufus\AppData\Local\CEF
2019-04-30 17:49 - 2016-04-18 13:07 - 000000000 ____D C:\Users\rufus\AppData\Local\AvgSetupLog
2019-04-30 17:49 - 2016-04-18 13:07 - 000000000 ____D C:\Users\rufus\AppData\Local\Avg2015
2019-04-30 17:49 - 2016-04-18 13:07 - 000000000 ____D C:\Users\rufus\AppData\Local\Avg
2019-04-30 17:49 - 2016-04-07 10:31 - 000000000 ____D C:\Users\rufus\.android
2019-04-30 17:49 - 2016-03-23 11:35 - 000000000 ____D C:\Users\rufus\AppData\Local\ElevatedDiagnostics
2019-04-30 17:49 - 2016-03-18 17:19 - 000000000 ____D C:\Users\rufus\AppData\Local\DeskShare Data
2019-04-30 17:49 - 2016-03-17 19:57 - 000000000 ____D C:\Users\rufus\AppData\Local\Foxit Reader
2019-04-30 17:49 - 2016-03-17 19:54 - 000000000 ____D C:\Users\rufus\AppData\Local\Adobe
2019-04-30 17:49 - 2016-03-17 17:33 - 000000000 ____D C:\Users\rufus\AppData\Local\GHISLER
2019-04-30 17:49 - 2016-03-17 17:16 - 000000000 ____D C:\Users\rufus\AppData\Local\Broadcom
2019-04-30 17:46 - 2019-01-07 08:22 - 000000000 ____D C:\Windows\SysWOW64\0
2019-04-30 17:46 - 2016-04-20 10:20 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-04-30 17:44 - 2016-04-20 10:20 - 000000000 ____D C:\Windows\system32\Macromed
2019-04-30 17:44 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2019-04-30 17:42 - 2016-04-18 12:51 - 000000000 ____D C:\Windows\pss
2019-04-30 17:42 - 2016-03-31 13:57 - 000000000 ____D C:\Windows\system32\appmgmt
2019-04-30 17:42 - 2011-04-12 10:45 - 000000000 ____D C:\Windows\ShellNew
2019-04-30 17:41 - 2019-01-28 11:04 - 000000000 ___HD C:\ProgramData\{3DE8FCFA-3EE0-4B1D-8945-C11D6AD0E3AB}
2019-04-30 17:41 - 2019-01-28 11:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Computer Laboratory Účetní manager
2019-04-30 17:41 - 2018-05-04 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-04-30 17:41 - 2018-02-04 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-04-30 17:41 - 2018-01-31 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FORM studio
2019-04-30 17:41 - 2018-01-31 14:28 - 000000000 ____D C:\ProgramData\KASTNER software
2019-04-30 17:41 - 2017-12-11 13:41 - 000000000 ____D C:\ProgramData\Help
2019-04-30 17:41 - 2017-08-28 07:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-04-30 17:41 - 2017-07-03 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2019-04-30 17:41 - 2017-07-03 09:26 - 000000000 ____D C:\ProgramData\Foxit Software
2019-04-30 17:41 - 2017-06-29 07:50 - 000000000 ____D C:\ProgramData\AVAST Software
2019-04-30 17:41 - 2017-05-02 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DosPrint
2019-04-30 17:41 - 2016-10-13 09:24 - 000000000 ____D C:\ProgramData\Garmin
2019-04-30 17:41 - 2016-10-04 12:03 - 000000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2019-04-30 17:41 - 2016-05-09 09:56 - 000000000 ____D C:\ProgramData\AVerTV 3D
2019-04-30 17:41 - 2016-05-09 09:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVerMedia
2019-04-30 17:41 - 2016-04-20 09:13 - 000000000 ____D C:\ProgramData\NortonInstaller
2019-04-30 17:41 - 2016-04-20 09:13 - 000000000 ____D C:\ProgramData\Norton
2019-04-30 17:41 - 2016-04-18 13:08 - 000000000 ____D C:\ProgramData\Avg
2019-04-30 17:41 - 2016-04-18 13:07 - 000000000 ____D C:\ProgramData\MFAData
2019-04-30 17:41 - 2016-03-31 13:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-04-30 17:41 - 2016-03-23 14:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Printer Uninstaller
2019-04-30 17:41 - 2016-03-18 18:50 - 000000000 ____D C:\ProgramData\Computer Laboratory
2019-04-30 17:41 - 2016-03-18 17:16 - 000000000 ____D C:\ProgramData\DeskShare
2019-04-30 17:41 - 2016-03-17 19:56 - 000000000 ____D C:\Users\Public\Foxit Software
2019-04-30 17:41 - 2016-03-17 19:56 - 000000000 ____D C:\ProgramData\Foxit ContentPlatform
2019-04-30 17:41 - 2016-03-17 19:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2019-04-30 17:41 - 2016-03-17 19:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2019-04-30 17:41 - 2016-03-17 17:02 - 000000000 ____D C:\ProgramData\Intel
2019-04-30 17:41 - 2016-03-17 16:56 - 000000000 ____D C:\ProgramData\Lenovo
2019-04-30 17:41 - 2011-04-12 10:45 - 000000000 ___RD C:\Users\Public\Recorded TV
2019-04-30 17:41 - 2009-07-14 07:32 - 000000000 ____D C:\Windows\Downloaded Program Files
2019-04-30 17:41 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\IME
2019-04-30 17:40 - 2019-01-28 11:03 - 000000000 ____D C:\Program Files (x86)\Computer Laboratory
2019-04-30 17:40 - 2018-01-31 14:28 - 000000000 ____D C:\Program Files (x86)\KASTNER software
2019-04-30 17:40 - 2017-07-03 09:26 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2019-04-30 17:40 - 2017-02-15 10:09 - 000000000 ____D C:\Program Files (x86)\Software602
2019-04-30 17:40 - 2016-05-09 09:52 - 000000000 ____D C:\Program Files (x86)\AVerMedia
2019-04-30 17:40 - 2016-04-20 09:16 - 000000000 ____D C:\ProgramData\Adobe
2019-04-30 17:40 - 2016-04-18 13:08 - 000000000 ____D C:\Program Files (x86)\AVG
2019-04-30 17:40 - 2016-03-30 15:03 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2019-04-30 17:40 - 2016-03-23 11:36 - 000000000 ____D C:\Program Files (x86)\DOSBox-0.72
2019-04-30 17:40 - 2016-03-23 11:32 - 000000000 ____D C:\Program Files (x86)\PeliCo
2019-04-30 17:40 - 2016-03-18 17:16 - 000000000 ____D C:\Program Files (x86)\Deskshare
2019-04-30 17:40 - 2016-03-18 16:44 - 000000000 ____D C:\Program Files (x86)\MSECache
2019-04-30 17:40 - 2016-03-17 19:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Works
2019-04-30 17:40 - 2016-03-17 19:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2019-04-30 17:40 - 2016-03-17 19:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-04-30 17:40 - 2016-03-17 19:20 - 000000000 ____D C:\Program Files (x86)\Elaborate Bytes
2019-04-30 17:40 - 2016-03-17 17:18 - 000000000 ____D C:\Program Files (x86)\Google
2019-04-30 17:40 - 2016-03-17 17:11 - 000000000 ____D C:\Program Files (x86)\Intel
2019-04-30 17:40 - 2016-03-17 17:11 - 000000000 ____D C:\Program Files (x86)\Integrated Camera Driver
2019-04-30 17:40 - 2016-03-17 17:10 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-04-30 17:40 - 2016-03-17 17:10 - 000000000 ____D C:\Program Files (x86)\Chicony Electronics Co.,Ltd
2019-04-30 17:40 - 2016-03-17 17:02 - 000000000 ____D C:\Program Files (x86)\Cisco
2019-04-30 17:40 - 2016-03-17 16:57 - 000000000 ____D C:\Program Files (x86)\Lenovo
2019-04-30 17:39 - 2018-09-14 16:28 - 000000000 ____D C:\Program Files (x86)\AdwCleaner
2019-04-30 17:39 - 2018-05-04 13:10 - 000000000 ____D C:\Program Files\VideoLAN
2019-04-30 17:39 - 2018-03-29 07:57 - 000000000 ____D C:\Program Files\Google
2019-04-30 17:39 - 2018-02-02 14:33 - 000000000 ____D C:\Program Files\Software602
2019-04-30 17:39 - 2017-12-21 19:31 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2019-04-30 17:39 - 2016-10-13 09:24 - 000000000 ____D C:\Program Files\DIFX
2019-04-30 17:39 - 2016-03-30 13:12 - 000000000 ____D C:\Program Files\MyPhoneExplorer
2019-04-30 17:39 - 2016-03-17 17:22 - 000000000 ____D C:\Program Files\totalcmd
2019-04-30 17:39 - 2016-03-17 17:14 - 000000000 ____D C:\Program Files\ThinkPad
2019-04-30 17:39 - 2016-03-17 17:10 - 000000000 ____D C:\Program Files\Lenovo
2019-04-30 17:39 - 2016-03-17 17:02 - 000000000 ____D C:\Program Files\Intel
2019-04-30 17:39 - 2016-03-17 17:02 - 000000000 ____D C:\Program Files\Common Files\Intel
2019-04-30 17:38 - 2018-02-04 16:12 - 000000000 ____D C:\Program Files\CCleaner
2019-04-30 17:38 - 2017-12-06 21:07 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2019-04-30 17:38 - 2016-03-31 13:57 - 000000000 ____D C:\Program Files\7-Zip
2019-04-30 17:38 - 2016-03-23 14:53 - 000000000 ____D C:\Program Files\Canon
2019-04-30 17:36 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\sysprep
2019-04-30 17:32 - 2011-04-12 10:45 - 000000000 ____D C:\Windows\CSC
2019-04-30 12:00 - 2016-04-20 09:53 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-04-29 20:35 - 2017-05-11 17:23 - 000000000 ____D C:\zz_install
2019-04-29 13:26 - 2016-03-18 18:09 - 000002592 _____ C:\Users\rufus\intlname.ols
2019-04-28 04:11 - 2016-03-18 18:13 - 000001988 _____ C:\Users\Public\Desktop\Google Docs.lnk
2019-04-26 18:24 - 2019-03-26 11:39 - 000002906 _____ C:\Windows\System32\Tasks\{E20E4AF7-2804-4D9F-9003-D4C1325FB019}
2019-04-26 18:24 - 2018-02-04 16:12 - 000002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-04-26 18:24 - 2018-01-26 19:26 - 000002978 _____ C:\Windows\System32\Tasks\{79E72281-7FE4-412E-B1B2-0D105F57A8C6}
2019-04-26 18:24 - 2018-01-26 18:35 - 000002986 _____ C:\Windows\System32\Tasks\{2379CD0F-3740-4739-89AF-D744D5BDF884}
2019-04-26 18:24 - 2018-01-10 16:31 - 000003066 _____ C:\Windows\System32\Tasks\{2A24999F-B0CD-4E07-9E4B-B979B0DA6761}
2019-04-26 18:24 - 2016-12-22 09:49 - 000002760 _____ C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2019-04-26 18:24 - 2016-04-20 10:20 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-04-26 18:24 - 2016-04-06 18:13 - 000002958 _____ C:\Windows\System32\Tasks\{17ACF711-1FE5-4C55-A83F-563E38AFD500}
2019-04-26 18:24 - 2016-03-17 17:18 - 000003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-26 18:24 - 2016-03-17 17:18 - 000003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-24 08:57 - 2016-03-17 19:22 - 000000384 _____ C:\Windows\ODBC.INI
2019-04-24 08:57 - 2009-07-14 04:34 - 000000499 _____ C:\Windows\win.ini
2019-04-23 15:39 - 2019-02-01 10:08 - 000000000 ____D C:\DPP
2019-04-11 09:28 - 2019-01-29 13:23 - 000002992 _____ C:\Windows\System32\Tasks\{26DD1F3A-C873-42C3-BC6A-70A145CFC461}
2019-04-11 07:57 - 2016-03-17 17:19 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-10 08:16 - 2016-04-20 10:20 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-04-10 08:16 - 2016-04-20 10:20 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-04 16:49 - 2018-05-04 13:11 - 000000915 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-04-04 16:43 - 2018-10-03 16:46 - 000000000 ____D C:\fu 2018

==================== Files in the root of some directories =======

2016-04-15 11:00 - 2016-04-15 11:00 - 000005120 _____ () C:\Users\rufus\AppData\Roaming\GiftBag.db

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================


Addition.txt


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-05.2019
Ran by rufus (02-05-2019 15:17:41)
Running from C:\!Stazeno!
Windows 7 Professional Service Pack 1 (X64) (2019-04-30 16:22:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-874031436-337575524-4057376398-500 - Administrator - Disabled)
Guest (S-1-5-21-874031436-337575524-4057376398-501 - Limited - Disabled)
rufus (S-1-5-21-874031436-337575524-4057376398-1000 - Administrator - Enabled) => C:\Users\rufus

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.171 - Adobe)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
AVerMedia A835 USB DVB-T 2.3.64.28 (HKLM-x32\...\AVerMedia A835 USB DVB-T) (Version: 2.3.64.28 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV 3D (HKLM-x32\...\{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.9.1.18.17080805-GA - AVerMedia Technologies, Inc.) Hidden
AVerTV 3D (HKLM-x32\...\InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.9.1.18.17080805-GA - AVerMedia Technologies, Inc.)
Backup and Sync from Google (HKLM\...\{F9EEDE46-6409-4ECC-8AB6-7062464987A4}) (Version: 3.43.4275.9540 - Google, Inc.)
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.5 - Conexant)
DosPrint 3.4 (HKLM-x32\...\DOSPrint pro podporu tisku z DOSu_is1) (Version: - Daniel Redlich)
DosPrint 4.1.0.0 (HKLM-x32\...\DosPrint 3.93_is1) (Version: - Daniel Redlich)
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
ICQ (verze 10.0.12393) (HKU\S-1-5-21-874031436-337575524-4057376398-1000\...\icq.desktop) (Version: 10.0.12393 - ICQ)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel PROSet Wireless (HKLM-x32\...\ProInst) (Version: - ) Hidden
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.7 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IP Camera Viewer 3 (HKLM-x32\...\IP Camera Viewer_is1) (Version: - DeskShare Inc.)
KALKTISK (HKU\S-1-5-21-874031436-337575524-4057376398-1000\...\KALKTISK) (Version: - )
KALKULY (HKU\S-1-5-21-874031436-337575524-4057376398-1000\...\KALKULY) (Version: - )
KUPDATE (HKU\S-1-5-21-874031436-337575524-4057376398-1000\...\KUPDATE) (Version: - )
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.16 - Lenovo) Hidden
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0037 - Lenovo)
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (HKLM\...\{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}) (Version: - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - )
Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.68.15 - Lenovo Group Limited)
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Software Intel(R) PROSet/Wireless WiFi (HKLM\...\{D61E4101-9E15-4D0E-ABD1-1ABD36B43330}) (Version: 14.03.0000 - Intel Corporation)
Software602 Form Filler (HKLM-x32\...\{9210AEE3-6ECB-4271-A125-1039E94A6A51}) (Version: 4.75 - Software602 a.s.)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.2.8352 - TeamViewer)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
Účetní manager (HKLM-x32\...\{B294D48D-2BCB-430B-8799-F993C6B95730}) (Version: 4.2.1 - Computer Laboratory) Hidden
Účetní manager (HKLM-x32\...\Účetní manager) (Version: 4.2.1 - Computer Laboratory)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll -> No File
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1920,1200
ShortcutWithArgument: C:\Users\rufus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1920,1200

==================== Loaded Modules (Whitelisted) ==============

2017-02-15 10:10 - 2015-07-14 14:27 - 000036864 _____ (Windows (R) Win 7 DDK provider) [File not signed] C:\Windows\System32\602localmon.dll
2018-12-16 20:29 - 2018-12-16 20:29 - 000083984 _____ (Adobe Systems, Incorporated -> Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
2016-05-09 09:52 - 2011-08-19 08:43 - 000360448 ____R (AVerMedia) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
2016-05-09 09:52 - 2011-04-01 08:52 - 000403456 ____R () [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2016-05-09 09:53 - 2012-10-17 09:24 - 000163840 ____R () [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
2019-04-29 20:36 - 2018-07-09 12:42 - 001700328 _____ (Malwarebytes Inc -> Igor Pavlov) [File not signed] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\7z.dll
2017-12-13 17:59 - 2015-07-18 15:08 - 000012128 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Windows\system32\api-ms-win-core-synch-l1-2-0.DLL
2019-04-29 20:25 - 2018-05-16 06:08 - 006420264 _____ (Lenovo -> Lenovo Group Limited) [File not signed] C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL
2019-04-29 20:25 - 2018-05-16 06:08 - 000113960 _____ (Lenovo -> ) [File not signed] C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2019-04-29 20:25 - 2018-05-16 06:08 - 004048168 _____ (Lenovo -> Lenovo Group Limited) [File not signed] C:\Program Files (x86)\ThinkPad\Utilities\PWMIF64V.Dll
2019-04-29 20:25 - 2018-05-16 06:08 - 000137000 _____ (Lenovo -> Lenovo Japan) [File not signed] C:\Program Files (x86)\ThinkPad\Utilities\ATM64.DLL
2019-04-29 20:25 - 2018-05-16 06:08 - 000127784 _____ (Lenovo -> Lenovo Group Limited) [File not signed] C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe
2019-04-29 20:25 - 2018-05-16 06:08 - 001669416 _____ (Lenovo -> Lenovo) [File not signed] C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
2018-07-26 12:38 - 2015-02-09 13:32 - 000770048 _____ (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\GraphMaster.dll
2018-07-26 12:38 - 2015-12-14 16:39 - 000194560 _____ (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\CardID.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000024192 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-runtime-l1-1-0.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 001193808 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\ucrtbase.DLL
2019-04-29 20:35 - 2019-03-13 09:22 - 000022144 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-core-localization-l1-2-0.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000020096 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-core-processthreads-l1-1-1.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000019584 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-core-file-l1-2-0.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000020096 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-core-timezone-l1-1-0.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000019584 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-core-file-l2-1-0.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000020336 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-core-synch-l1-2-0.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000025728 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-string-l1-1-0.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000020608 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-heap-l1-1-0.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000025944 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-stdio-l1-1-0.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000023680 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-convert-l1-1-0.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000020096 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-locale-l1-1-0.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000030336 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-math-l1-1-0.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000022144 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-time-l1-1-0.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000021632 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-filesystem-l1-1-0.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000020096 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-environment-l1-1-0.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000020096 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-utility-l1-1-0.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-874031436-337575524-4057376398-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{73BEB857-F824-4376-B81B-6792D7FA730B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [UDP Query User{03C52FF0-2E8F-4164-8C78-21253F3788A6}C:\install\foscam\ipcamera.exe] => (Allow) C:\install\foscam\ipcamera.exe () [File not signed]
FirewallRules: [TCP Query User{0A47780E-4F03-43CB-BCC0-838FE2FC6CD3}C:\install\foscam\ipcamera.exe] => (Allow) C:\install\foscam\ipcamera.exe () [File not signed]
FirewallRules: [UDP Query User{1F4ACD5B-C3BB-41F1-BE19-92D16B1DDB99}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{98B529B1-E1EE-48A0-A2CF-9DF1416808D1}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A0CF0B41-BCE7-41CC-A8F2-D321CF305032}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D963720B-0F32-4DB4-88FE-41EAAABC2CB7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [UDP Query User{7691EEBF-79AB-446D-A662-C7A9E583F05E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{227D9B2E-5C18-47D1-B7BB-01F5BFC3B7A9}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{F4D5D855-D0EB-4E99-8E5F-2EB5A1F8127E}] => (Allow) C:\Users\rufus\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{EFC78591-81AA-44C8-A941-07AC3D397A06}] => (Allow) C:\Users\rufus\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{0CC5D310-FF32-4725-8995-0C53FC289167}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{357D69E1-A48E-4F2E-8B2F-81E823CFAA7C}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [UDP Query User{572F8F2B-D778-4E08-A998-50C563794E9A}C:\users\rufus\disk google\foscam\ipcamera.exe] => (Block) C:\users\rufus\disk google\foscam\ipcamera.exe () [File not signed]
FirewallRules: [TCP Query User{D49A62A2-CD03-4D65-B3A5-E08D0433DA8E}C:\users\rufus\disk google\foscam\ipcamera.exe] => (Block) C:\users\rufus\disk google\foscam\ipcamera.exe () [File not signed]
FirewallRules: [UDP Query User{E17A0CBE-22A0-44B1-8807-2EBB5BC9C4E3}C:\program files\myphoneexplorer\myphoneexplorer portable.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer portable.exe (F.J. Wechselberger) [File not signed]
FirewallRules: [TCP Query User{6EE229F3-51EE-4F4F-8F98-7C7AE0BD5E43}C:\program files\myphoneexplorer\myphoneexplorer portable.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer portable.exe (F.J. Wechselberger) [File not signed]
FirewallRules: [{024BDC80-00C6-4B96-824C-4296A15CFFC4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe No File
FirewallRules: [{16475A5F-8762-45B0-9F1C-FECEE5527687}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe No File
FirewallRules: [{9E8BE2AF-E96D-45AD-870B-4BCAF7EA32C1}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe No File
FirewallRules: [{06236E89-4D81-4B47-937A-6610E01E7EE5}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe No File
FirewallRules: [{C7D21562-E621-43EF-A01A-F95F5E6E781D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{8B84242A-AC47-450B-B945-A5C9FE852393}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{372CD655-B740-4AB0-AD21-C21F8D893EBA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{2D52A843-0991-4B94-87CF-296BE75DFD05}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{47681363-3A46-4A72-9EA6-E9AAF5B8B27E}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{A1AF8416-42A2-4330-BC62-EB54246535A1}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{26076EB6-7EDC-4A39-933B-8C80A19899CA}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (LENOVO -> )
FirewallRules: [{C754D0EB-551F-4789-8F24-52E942A9F59B}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (LENOVO -> )
FirewallRules: [{132E04A1-BD90-4D2A-8417-322C936B936A}] => (Allow) C:\Program Files (x86)\Deskshare\IP Camera Viewer 3\IP Camera Viewer.exe (Deskshare, Inc. -> Deskshare.com)
FirewallRules: [{A4D17623-CB67-4D9C-8930-633BD05797B4}] => (Allow) C:\Program Files (x86)\Deskshare\IP Camera Viewer 3\IP Camera Viewer.exe (Deskshare, Inc. -> Deskshare.com)
FirewallRules: [{9F6A962C-7E75-4CA6-ACD4-280143844EF7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe No File
FirewallRules: [{81E77BB0-1D68-442C-B79E-52422E067C1C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe No File
FirewallRules: [UDP Query User{198AF84D-40C9-4857-8FB3-0620D272FD90}C:\program files\myphoneexplorer\myphoneexplorer portable.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer portable.exe (F.J. Wechselberger) [File not signed]
FirewallRules: [TCP Query User{655F1550-98DC-43CF-8B02-7D5F70955DE7}C:\program files\myphoneexplorer\myphoneexplorer portable.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer portable.exe (F.J. Wechselberger) [File not signed]
FirewallRules: [{8E12EC51-D4FE-4402-A611-D47B53012D6A}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE No File
FirewallRules: [{DD8CD37C-6369-4FB6-811F-B06EB7907F40}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE No File
FirewallRules: [UDP Query User{3DADAE9A-435A-4690-A8F1-9B9815608180}C:\install\foscam\ipcamera.exe] => (Allow) C:\install\foscam\ipcamera.exe () [File not signed]
FirewallRules: [TCP Query User{77C62C1F-7A30-49EB-A9EB-136E8E40468B}C:\install\foscam\ipcamera.exe] => (Allow) C:\install\foscam\ipcamera.exe () [File not signed]
FirewallRules: [{47B1CFEE-9D00-4CF5-BB5A-C6AB9AF12AA1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{45A3BC7B-D198-45B7-BDBD-4881F6E6F84F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{DF5780D8-BC28-44BF-896E-16C49EDE50FB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{843BA4A2-EC4A-4D79-A9DF-B91BCA8CD769}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/02/2019 03:09:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (05/02/2019 03:09:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (05/02/2019 03:09:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (05/02/2019 03:09:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (05/02/2019 03:09:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (05/02/2019 03:09:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (05/02/2019 03:09:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (05/02/2019 03:09:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.


System errors:
=============
Error: (05/02/2019 03:01:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Lenovo Platform Service bylo dosaženo časového limitu (30000 ms).

Error: (05/02/2019 02:58:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (05/02/2019 02:58:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (05/02/2019 02:58:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (05/02/2019 02:58:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (05/02/2019 02:58:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (05/02/2019 02:58:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (05/02/2019 02:58:55 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Služba DCOM zjistila chybu %%1084 = Tuto službu nelze spustit v nouzovém režimu. při pokusu o spuštění služby WSearch s argumenty za účelem spuštění serveru:
{9E175B6D-F52A-11D8-B9A5-505054503030}


==================== Memory info ===========================

BIOS: LENOVO 8DET70WW (1.40 ) 05/14/2015
Motherboard: LENOVO 4290CZ2
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 55%
Total physical RAM: 8075.23 MB
Available physical RAM: 3580.95 MB
Total Virtual: 16148.67 MB
Available Virtual: 11727.97 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:110.85 GB) NTFS

\\?\Volume{cddb33c3-ec4d-11e5-b630-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================


Naposledy upravil code dne 02 kvě 2019 15:06, celkově upraveno 1

Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 02 kvě 2019 15:04 
Offline
Návštěvník
Návštěvník

Registrován: 02 kvě 2019 14:21
Příspěvky: 7
AdwCleaner log

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-03.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-29-2019
# Duration: 00:00:14
# OS: Windows 7 Professional
# Scanned: 27198
# Detected: 39


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy C:\Program Files (x86)\Common Files\Tencent
PUP.Optional.Legacy C:\Program Files\Common Files\Tencent
PUP.Optional.Legacy C:\ProgramData\Microsoft\Windows\Start Menu\Programs\????
PUP.Optional.Legacy C:\ProgramData\TXQMPC
PUP.Optional.Legacy C:\ProgramData\Tencent
PUP.Optional.Legacy C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????
PUP.Optional.Legacy C:\Users\rufus\AppData\Roaming\Tencent
PUP.Optional.Legacy C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
PUP.Optional.Seznam.cz C:\Program Files (x86)\Seznam.cz
PUP.Optional.Seznam.cz C:\Users\rufus\AppData\Roaming\Seznam.cz

***** [ Files ] *****

PUP.Optional.Legacy C:\Windows\System32\drivers\TFsFltX64.sys
PUP.Optional.Legacy C:\Windows\System32\drivers\TSSKX64.sys

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.InstallCore HKCU\Software\csastats
PUP.Optional.Legacy HKCU\Software\INSTALLPATH\STATUS
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\DOMStorage\hao123.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B5D5DBD-C857-4377-A755-06E50B4AC2B0}
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{639B74F1-0594-432C-97C8-68C8C17A1E1D}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{50F4150A-48B2-417A-BE4C-C83F580FB904}
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{42F49B5D-2408-4A26-8838-BE0985020E40}C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{041A6701-A4D9-48EE-8FF9-E9A1A22792B4}C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E09079CF-22F7-4326-B984-5CD4160C99C9}
PUP.Optional.Legacy HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FA34E628-65FD-4717-9E14-75607B52D703}
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
PUP.Optional.Legacy HKLM\Software\Classes\METNSD
PUP.Optional.Legacy HKLM\Software\Classes\qmgcfiles
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{63332668-8CE1-445D-A5EE-25929176714E}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\DownloadProxy.EXE
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{754DF2CE-51E8-4895-B53C-6381418B84AE}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{754DF2CE-51E8-4895-B53C-6381418B84AE}
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

PUP.Optional.Legacy izito.cz

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 02 kvě 2019 15:37 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 108994
Bydliště: Plzeň
Zdravím!
V ADW ještě klikněte na mazání, a restartujte. Pak dejte nové logy FRST+Addition.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 02 kvě 2019 16:45 
Offline
Návštěvník
Návštěvník

Registrován: 02 kvě 2019 14:21
Příspěvky: 7
Logy co jsem postoval jsou už po čištění ADW, přikládám ještě log co mám jako první z ADW.

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-03.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-29-2019
# Duration: 00:00:03
# OS: Windows 7 Professional
# Cleaned: 39
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Common Files\Tencent
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Program Files\Common Files\Tencent
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\????
Deleted C:\ProgramData\TXQMPC
Deleted C:\ProgramData\Tencent
Deleted C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????
Deleted C:\Users\rufus\AppData\Roaming\Seznam.cz
Deleted C:\Users\rufus\AppData\Roaming\Tencent
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent

***** [ Files ] *****

Deleted C:\Windows\System32\drivers\TFsFltX64.sys
Deleted C:\Windows\System32\drivers\TSSKX64.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\INSTALLPATH\STATUS
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\hao123.com
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B5D5DBD-C857-4377-A755-06E50B4AC2B0}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{639B74F1-0594-432C-97C8-68C8C17A1E1D}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{50F4150A-48B2-417A-BE4C-C83F580FB904}
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Deleted HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
Deleted HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{42F49B5D-2408-4A26-8838-BE0985020E40}C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{041A6701-A4D9-48EE-8FF9-E9A1A22792B4}C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E09079CF-22F7-4326-B984-5CD4160C99C9}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FA34E628-65FD-4717-9E14-75607B52D703}
Deleted HKLM\Software\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Deleted HKLM\Software\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Deleted HKLM\Software\Classes\METNSD
Deleted HKLM\Software\Classes\qmgcfiles
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{63332668-8CE1-445D-A5EE-25929176714E}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\DownloadProxy.EXE
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{754DF2CE-51E8-4895-B53C-6381418B84AE}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{754DF2CE-51E8-4895-B53C-6381418B84AE}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted izito.cz

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5183 octets] - [29/04/2019 20:39:17]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 02 kvě 2019 16:49 
Offline
Návštěvník
Návštěvník

Registrován: 02 kvě 2019 14:21
Příspěvky: 7
Jediné co mne ADW najde je toto, nicméně když dám čištění a opravy restart a pak znovu scan tak tam pořád ten PUP.optional.legacy zůstává.


Přílohy:
Adw2.png
Adw2.png [ 56.64 KiB | Zobrazeno 208 krát ]
Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 02 kvě 2019 17:04 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 108994
Bydliště: Plzeň
Zatím ponechte a dejte nové logy FRST+Addition.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 02 kvě 2019 17:13 
Offline
Návštěvník
Návštěvník

Registrován: 02 kvě 2019 14:21
Příspěvky: 7
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-05.2019
Ran by rufus (02-05-2019 18:11:01)
Running from C:\zz_install\Malware removal
Windows 7 Professional Service Pack 1 (X64) (2019-04-30 16:22:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-874031436-337575524-4057376398-500 - Administrator - Disabled)
Guest (S-1-5-21-874031436-337575524-4057376398-501 - Limited - Disabled)
rufus (S-1-5-21-874031436-337575524-4057376398-1000 - Administrator - Enabled) => C:\Users\rufus

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.171 - Adobe)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
AVerMedia A835 USB DVB-T 2.3.64.28 (HKLM-x32\...\AVerMedia A835 USB DVB-T) (Version: 2.3.64.28 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV 3D (HKLM-x32\...\{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.9.1.18.17080805-GA - AVerMedia Technologies, Inc.) Hidden
AVerTV 3D (HKLM-x32\...\InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.9.1.18.17080805-GA - AVerMedia Technologies, Inc.)
Backup and Sync from Google (HKLM\...\{F9EEDE46-6409-4ECC-8AB6-7062464987A4}) (Version: 3.43.4275.9540 - Google, Inc.)
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.5 - Conexant)
DosPrint 3.4 (HKLM-x32\...\DOSPrint pro podporu tisku z DOSu_is1) (Version: - Daniel Redlich)
DosPrint 4.1.0.0 (HKLM-x32\...\DosPrint 3.93_is1) (Version: - Daniel Redlich)
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
ICQ (verze 10.0.12393) (HKU\S-1-5-21-874031436-337575524-4057376398-1000\...\icq.desktop) (Version: 10.0.12393 - ICQ)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel PROSet Wireless (HKLM-x32\...\ProInst) (Version: - ) Hidden
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.7 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IP Camera Viewer 3 (HKLM-x32\...\IP Camera Viewer_is1) (Version: - DeskShare Inc.)
KALKTISK (HKU\S-1-5-21-874031436-337575524-4057376398-1000\...\KALKTISK) (Version: - )
KALKULY (HKU\S-1-5-21-874031436-337575524-4057376398-1000\...\KALKULY) (Version: - )
KUPDATE (HKU\S-1-5-21-874031436-337575524-4057376398-1000\...\KUPDATE) (Version: - )
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.16 - Lenovo) Hidden
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0037 - Lenovo)
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (HKLM\...\{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}) (Version: - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - )
Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.68.15 - Lenovo Group Limited)
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Software Intel(R) PROSet/Wireless WiFi (HKLM\...\{D61E4101-9E15-4D0E-ABD1-1ABD36B43330}) (Version: 14.03.0000 - Intel Corporation)
Software602 Form Filler (HKLM-x32\...\{9210AEE3-6ECB-4271-A125-1039E94A6A51}) (Version: 4.75 - Software602 a.s.)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.2.8352 - TeamViewer)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
Účetní manager (HKLM-x32\...\{B294D48D-2BCB-430B-8799-F993C6B95730}) (Version: 4.2.1 - Computer Laboratory) Hidden
Účetní manager (HKLM-x32\...\Účetní manager) (Version: 4.2.1 - Computer Laboratory)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll -> No File
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1920,1200
ShortcutWithArgument: C:\Users\rufus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1920,1200

==================== Loaded Modules (Whitelisted) ==============

2017-02-15 10:10 - 2015-07-14 14:27 - 000036864 _____ (Windows (R) Win 7 DDK provider) [File not signed] C:\Windows\System32\602localmon.dll
2016-05-09 09:52 - 2011-08-19 08:43 - 000360448 ____R (AVerMedia) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
2016-05-09 09:52 - 2011-04-01 08:52 - 000403456 ____R () [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2016-05-09 09:53 - 2012-10-17 09:24 - 000163840 ____R () [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
2018-07-26 12:38 - 2015-02-09 13:32 - 000770048 _____ (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\GraphMaster.dll
2018-07-26 12:38 - 2015-12-14 16:39 - 000194560 _____ (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\CardID.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-04-29 20:35 - 2019-03-13 09:22 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-874031436-337575524-4057376398-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.3.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{73BEB857-F824-4376-B81B-6792D7FA730B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [UDP Query User{03C52FF0-2E8F-4164-8C78-21253F3788A6}C:\install\foscam\ipcamera.exe] => (Allow) C:\install\foscam\ipcamera.exe () [File not signed]
FirewallRules: [TCP Query User{0A47780E-4F03-43CB-BCC0-838FE2FC6CD3}C:\install\foscam\ipcamera.exe] => (Allow) C:\install\foscam\ipcamera.exe () [File not signed]
FirewallRules: [UDP Query User{1F4ACD5B-C3BB-41F1-BE19-92D16B1DDB99}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{98B529B1-E1EE-48A0-A2CF-9DF1416808D1}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A0CF0B41-BCE7-41CC-A8F2-D321CF305032}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D963720B-0F32-4DB4-88FE-41EAAABC2CB7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [UDP Query User{7691EEBF-79AB-446D-A662-C7A9E583F05E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{227D9B2E-5C18-47D1-B7BB-01F5BFC3B7A9}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{F4D5D855-D0EB-4E99-8E5F-2EB5A1F8127E}] => (Allow) C:\Users\rufus\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{EFC78591-81AA-44C8-A941-07AC3D397A06}] => (Allow) C:\Users\rufus\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{0CC5D310-FF32-4725-8995-0C53FC289167}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{357D69E1-A48E-4F2E-8B2F-81E823CFAA7C}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [UDP Query User{572F8F2B-D778-4E08-A998-50C563794E9A}C:\users\rufus\disk google\foscam\ipcamera.exe] => (Block) C:\users\rufus\disk google\foscam\ipcamera.exe () [File not signed]
FirewallRules: [TCP Query User{D49A62A2-CD03-4D65-B3A5-E08D0433DA8E}C:\users\rufus\disk google\foscam\ipcamera.exe] => (Block) C:\users\rufus\disk google\foscam\ipcamera.exe () [File not signed]
FirewallRules: [UDP Query User{E17A0CBE-22A0-44B1-8807-2EBB5BC9C4E3}C:\program files\myphoneexplorer\myphoneexplorer portable.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer portable.exe (F.J. Wechselberger) [File not signed]
FirewallRules: [TCP Query User{6EE229F3-51EE-4F4F-8F98-7C7AE0BD5E43}C:\program files\myphoneexplorer\myphoneexplorer portable.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer portable.exe (F.J. Wechselberger) [File not signed]
FirewallRules: [{024BDC80-00C6-4B96-824C-4296A15CFFC4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe No File
FirewallRules: [{16475A5F-8762-45B0-9F1C-FECEE5527687}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe No File
FirewallRules: [{9E8BE2AF-E96D-45AD-870B-4BCAF7EA32C1}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe No File
FirewallRules: [{06236E89-4D81-4B47-937A-6610E01E7EE5}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe No File
FirewallRules: [{C7D21562-E621-43EF-A01A-F95F5E6E781D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{8B84242A-AC47-450B-B945-A5C9FE852393}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{372CD655-B740-4AB0-AD21-C21F8D893EBA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{2D52A843-0991-4B94-87CF-296BE75DFD05}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{47681363-3A46-4A72-9EA6-E9AAF5B8B27E}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{A1AF8416-42A2-4330-BC62-EB54246535A1}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{26076EB6-7EDC-4A39-933B-8C80A19899CA}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (LENOVO -> )
FirewallRules: [{C754D0EB-551F-4789-8F24-52E942A9F59B}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (LENOVO -> )
FirewallRules: [{132E04A1-BD90-4D2A-8417-322C936B936A}] => (Allow) C:\Program Files (x86)\Deskshare\IP Camera Viewer 3\IP Camera Viewer.exe (Deskshare, Inc. -> Deskshare.com)
FirewallRules: [{A4D17623-CB67-4D9C-8930-633BD05797B4}] => (Allow) C:\Program Files (x86)\Deskshare\IP Camera Viewer 3\IP Camera Viewer.exe (Deskshare, Inc. -> Deskshare.com)
FirewallRules: [{9F6A962C-7E75-4CA6-ACD4-280143844EF7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe No File
FirewallRules: [{81E77BB0-1D68-442C-B79E-52422E067C1C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe No File
FirewallRules: [UDP Query User{198AF84D-40C9-4857-8FB3-0620D272FD90}C:\program files\myphoneexplorer\myphoneexplorer portable.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer portable.exe (F.J. Wechselberger) [File not signed]
FirewallRules: [TCP Query User{655F1550-98DC-43CF-8B02-7D5F70955DE7}C:\program files\myphoneexplorer\myphoneexplorer portable.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer portable.exe (F.J. Wechselberger) [File not signed]
FirewallRules: [{8E12EC51-D4FE-4402-A611-D47B53012D6A}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE No File
FirewallRules: [{DD8CD37C-6369-4FB6-811F-B06EB7907F40}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE No File
FirewallRules: [UDP Query User{3DADAE9A-435A-4690-A8F1-9B9815608180}C:\install\foscam\ipcamera.exe] => (Allow) C:\install\foscam\ipcamera.exe () [File not signed]
FirewallRules: [TCP Query User{77C62C1F-7A30-49EB-A9EB-136E8E40468B}C:\install\foscam\ipcamera.exe] => (Allow) C:\install\foscam\ipcamera.exe () [File not signed]
FirewallRules: [{47B1CFEE-9D00-4CF5-BB5A-C6AB9AF12AA1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{45A3BC7B-D198-45B7-BDBD-4881F6E6F84F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{DF5780D8-BC28-44BF-896E-16C49EDE50FB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{843BA4A2-EC4A-4D79-A9DF-B91BCA8CD769}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/02/2019 05:43:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (05/02/2019 05:43:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (05/02/2019 05:42:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (05/02/2019 05:42:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (05/02/2019 05:34:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/02/2019 03:09:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (05/02/2019 03:09:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (05/02/2019 03:09:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.


System errors:
=============
Error: (05/02/2019 05:34:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Lenovo Platform Service bylo dosaženo časového limitu (30000 ms).

Error: (05/02/2019 03:01:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Lenovo Platform Service bylo dosaženo časového limitu (30000 ms).

Error: (05/02/2019 02:58:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (05/02/2019 02:58:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (05/02/2019 02:58:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (05/02/2019 02:58:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (05/02/2019 02:58:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (05/02/2019 02:58:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.


==================== Memory info ===========================

BIOS: LENOVO 8DET70WW (1.40 ) 05/14/2015
Motherboard: LENOVO 4290CZ2
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 58%
Total physical RAM: 8075.23 MB
Available physical RAM: 3367.62 MB
Total Virtual: 16148.67 MB
Available Virtual: 11544.51 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:110.29 GB) NTFS

\\?\Volume{cddb33c3-ec4d-11e5-b630-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 02 kvě 2019 17:14 
Offline
Návštěvník
Návštěvník

Registrován: 02 kvě 2019 14:21
Příspěvky: 7
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-05.2019
Ran by rufus (administrator) on X220 (LENOVO 4290CZ2) (02-05-2019 18:10:08)
Running from C:\zz_install\Malware removal
Loaded Profiles: rufus (Available Profiles: rufus)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
() [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVerMedia) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Ing. Daniel Redlich SOFTWARE -> Daniel Redlich Software) C:\DosPrint\DOSPRINT.EXE
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo -> Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(LENOVO -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [PWMTRV] => C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL [6420264 2018-05-16] (Lenovo -> Lenovo Group Limited)
HKLM-x32\...\Run: [Ucetni manager] => C:\Program Files (x86)\Computer Laboratory\Ucetni manager\umgrrun.exe [810632 2014-02-27] (Petr Zahradnik Computer Laboratory (Petr Zahradnik) -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-874031436-337575524-4057376398-1000\...\Run: [icq.desktop] => C:\Users\rufus\AppData\Roaming\ICQ\bin\icq.exe [28501144 2018-12-04] (LLC Mail.Ru -> )
HKU\S-1-5-18\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd -> Piriform Ltd)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ThinkPad\Bluetooth Software\\BtwCP.dll [2013-05-14] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll [2013-05-14] (Broadcom Corporation -> Broadcom Corporation.)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2018-07-26]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2018-07-26]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-03-17]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk [2018-07-11]
ShortcutTarget: Canon LBP2900 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE (CANON INC. -> CANON INC.)
Startup: C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dosprint.lnk [2019-04-29]
ShortcutTarget: Dosprint.lnk -> C:\DosPrint\DOSPRINT.EXE (Ing. Daniel Redlich SOFTWARE -> Daniel Redlich Software)
Startup: C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google Chrome.lnk [2016-03-17]
ShortcutTarget: Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
Startup: C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2003.lnk [2016-03-18]
ShortcutTarget: Microsoft Office Outlook 2003.lnk -> C:\Windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\outicon.exe () [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {025CB46C-4192-4138-B269-B38A80D883E3} - System32\Tasks\{2379CD0F-3740-4739-89AF-D744D5BDF884} => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
Task: {0CEDF50C-5D89-4D79-BE3A-0755DB8DF0FF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-03-17] (Google Inc -> Google Inc.)
Task: {21D69BFD-1BEC-459D-872C-9D21533DB73B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-10] (Adobe Inc. -> Adobe)
Task: {3D8412E4-4C33-4747-9D19-79549F5DFBC4} - System32\Tasks\{26DD1F3A-C873-42C3-BC6A-70A145CFC461} => C:\Program Files (x86)\Computer Laboratory\Ucetni manager\umgr.exe [10886520 2019-01-27] (Petr Zahradnik Computer Laboratory (Petr Zahradnik) -> Petr Zahradnik)
Task: {5D227A38-B82F-4F4E-A3F7-E3E23E6E5632} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-03-17] (Google Inc -> Google Inc.)
Task: {5DE852AF-F71D-434E-A846-74FC7E30B0E9} - System32\Tasks\{D5B9E629-49C3-4A36-A51D-C6AB2116FCF9} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {6997CC3A-941F-4775-AB58-C29C9AB1ED5E} - System32\Tasks\{DA99EEEC-01A7-433C-B0F8-D6BE3215C42C} => C:\Program Files\MyPhoneExplorer\MyPhoneExplorer portable.exe [5443584 2016-03-30] (F.J. Wechselberger) [File not signed]
Task: {6FDF9770-C977-4AAA-AE1D-65FF10211E82} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2925960 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
Task: {756529BC-46C6-4FA1-AB60-6CE73ED84B7D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13594584 2018-06-24] (Piriform Ltd -> Piriform Ltd)
Task: {80B896D6-CF5A-4718-8234-719221E4617C} - System32\Tasks\{2A24999F-B0CD-4E07-9E4B-B979B0DA6761} => C:\Windows\system32\pcalua.exe -a C:\!Stazeno!\balicky.exe -d C:\!Stazeno!
Task: {94203ED0-243C-451A-8966-7FBA95B640A6} - System32\Tasks\{E20E4AF7-2804-4D9F-9003-D4C1325FB019} => C:\DosPrint\DOSPRINT.EXE [1525984 2010-05-13] (Ing. Daniel Redlich SOFTWARE -> Daniel Redlich Software)
Task: {94722260-A045-4666-B6F1-A70DD1E85AAD} - System32\Tasks\{A794CD0D-D239-4132-9D37-A6678407D7ED} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}\setup.exe" -c -runfromtemp -l0x0405
Task: {957978A9-FF52-456F-A663-68425735F73B} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1586560 2016-09-10] (LENOVO -> )
Task: {A060271E-F03F-4DD1-8DB8-44FF60B7EAA3} - System32\Tasks\{9AF9E41A-FDB1-48BF-9C1D-68F92ED91603} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {A1FF34DC-9620-4566-884A-FA4F41E7DA71} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [3647272 2018-05-16] (Lenovo -> Lenovo Group Limited)
Task: {A7490661-3DDA-4E63-BB68-99472D8C0FB8} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {A7EB99CE-974F-4C61-B915-7BDE1D94CD42} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe
Task: {AEC74547-1144-46B9-A0E3-03AF23AACFF7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AEEE8402-0F0D-4952-BA06-AD8375966F04} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {B16112C8-2AD2-4878-A102-D7F1DACE0B6A} - System32\Tasks\{1EA29469-FE14-4DE5-941A-67193ABC1E91} => C:\Program Files (x86)\TeamViewer\TeamViewer.exe [47406368 2019-04-15] (TeamViewer GmbH -> TeamViewer GmbH)
Task: {B33AA33B-8DC8-415C-A382-8134D46FBE9A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {B4B607CC-7EB1-463B-A744-578751674DCA} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1586560 2016-09-10] (LENOVO -> )
Task: {B5E8DB09-76ED-4251-8313-22DD0952ECF9} - System32\Tasks\{79E72281-7FE4-412E-B1B2-0D105F57A8C6} => C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE [196152 2003-07-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe
Task: {D43860FA-CF77-4BD2-B852-B4F8F47976B0} - System32\Tasks\{17ACF711-1FE5-4C55-A83F-563E38AFD500} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {DB137AB0-2DAD-400A-BBD5-594073D9D259} - System32\Tasks\{94AAE1EB-796B-4B33-BCD4-5A78DA8E0156} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {EE3F0B06-7EF5-4621-99B5-3C0B8EA962C8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-01] (LENOVO -> Lenovo)
Task: {F9D36A14-AD30-43E7-8600-7BA4EBEBAA99} - System32\Tasks\{7CD25E14-5A8C-4630-9D4D-33968A8DCE69} => C:\Program Files (x86)\AVerMedia\AVerTV\AVerTV.exe
Task: {FB9A5AFF-8E43-4B35-A242-C865D09B1ECB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\zz_install\b\AdwCleaner.exe
Task: C:\Windows\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.3.1
Tcpip\..\Interfaces\{54E43542-C16C-4333-853E-4EB7F0CE315B}: [DhcpNameServer] 192.168.3.1

Internet Explorer:
==================
HKU\S-1-5-21-874031436-337575524-4057376398-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=en-us
DPF: HKLM-x32 {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} hxxp://90.179.137.14/codebase/DVM_IPCam2.ocx
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation) [File not signed]
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: ulxx95zd.default
FF ProfilePath: C:\Users\rufus\AppData\Roaming\Mozilla\Firefox\Profiles\ulxx95zd.default [2019-04-30]
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [No File]
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2018-01-08] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-29] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-29] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.jrbrno.cz/L3_S2_Z57","hxxps://www.fastshare.cz/8709075/ordinace-v-ruzove-zahrade-2-795-dil-ferova-nabidk-sg-hd.mp4#.Wo1nGYPOU-U","hxxps://www.brno.cz/sprava-mesta/dokumenty-mesta/zapisy-z-rady-mesta-brna/?cislo=3334&rok=2017&dokument=2&platnost=1","hxxps://www.brno.cz/sprava-mesta/dokumenty-mesta/zapisy-ze-zastupitelstva-mesta-brna/?cislo=3346&rok=2017&dokument=3&platnost=1","hxxps://moje.o2.cz/firma/index.jsp","hxxps://moje.o2.cz/firma/index.jsp"
CHR Profile: C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default [2019-05-02]
CHR Extension: (Prezentace) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-30]
CHR Extension: (Dokumenty) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-30]
CHR Extension: (Disk Google) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-30]
CHR Extension: (YouTube) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-30]
CHR Extension: (uBlock Origin) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-04-30]
CHR Extension: (Vyhledávání Google) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2019-04-30]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-04-30]
CHR Extension: (Tabulky) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-30]
CHR Extension: (Avast Online Security) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-30]
CHR Extension: (Gmail) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\rufus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-30]
CHR Profile: C:\Users\rufus\AppData\Local\Google\Chrome\User Data\System Profile [2019-04-30]
CHR HKU\S-1-5-21-874031436-337575524-4057376398-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-874031436-337575524-4057376398-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [360448 2011-08-19] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]
S4 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [326160 2018-05-16] (LENOVO -> Lenovo.)
S4 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2017-04-13] (Foxit Software Incorporated -> Foxit Software Inc.)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2019-04-04] (Microsoft Corporation) [File not signed]
S2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [710144 2016-09-06] (LENOVO -> Lenovo.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11795800 2019-04-15] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 5U877; C:\Windows\System32\DRIVERS\5U877.sys [166016 2011-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Ricoh co.,Ltd.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205400 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254128 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196000 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320624 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [57888 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166848 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1031000 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476776 2019-05-02] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220640 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385848 2019-05-02] (AVAST Software s.r.o. -> AVAST Software)
S3 btwampfl; C:\Windows\system32\drivers\btwampfl.sys [598808 2012-12-04] (Broadcom Corporation -> Broadcom Corporation.)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [5363200 2013-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [342528 2013-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-05-02] (Malwarebytes Corporation -> Malwarebytes)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwNs64.sys [8615936 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2018-02-04] (PAIPTAC Driver -> )
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated -> Synaptics Incorporated)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-02 17:34 - 2019-05-02 17:34 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-05-02 15:16 - 2019-05-02 18:10 - 000000000 ____D C:\FRST
2019-05-02 15:12 - 2019-05-02 15:12 - 000001659 _____ C:\aaa.txt
2019-05-02 14:58 - 2019-05-02 15:00 - 000204170 _____ C:\Windows\ntbtlog.txt
2019-04-30 19:07 - 2019-04-30 19:07 - 000001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-04-30 19:07 - 2019-04-30 19:07 - 000001031 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-04-30 18:30 - 2019-04-30 18:22 - 000000000 ____D C:\Windows\Panther
2019-04-30 18:28 - 2019-04-30 18:28 - 000262144 _____ C:\Windows\system32\config\userdiff
2019-04-30 18:27 - 2019-05-02 14:31 - 000087296 _____ C:\Users\rufus\AppData\Local\GDIPFONTCACHEV1.DAT
2019-04-30 18:27 - 2019-04-30 18:27 - 000001443 _____ C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-04-30 18:27 - 2019-04-30 18:27 - 000001409 _____ C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2019-04-30 18:26 - 2019-04-30 18:26 - 001574018 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-04-30 18:22 - 2019-04-30 18:22 - 000000020 ___SH C:\Users\rufus\ntuser.ini
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\Šablony
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\Poslední
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\Okolní síť
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\Dokumenty
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\Data aplikací
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\ProgramData\Šablony
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\ProgramData\Plocha
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\ProgramData\Oblíbené položky
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\ProgramData\Dokumenty
2019-04-30 18:22 - 2019-04-30 18:22 - 000000000 _SHDL C:\ProgramData\Data aplikací
2019-04-30 18:21 - 2019-04-30 18:14 - 000000000 ___HD C:\$WINDOWS.~Q
2019-04-30 18:11 - 2019-04-30 18:18 - 000000000 ___HD C:\$INPLACE.~TR
2019-04-30 18:11 - 2019-04-30 18:11 - 000022924 _____ C:\Windows\system32\emptyregdb.dat
2019-04-30 18:07 - 2019-04-30 18:07 - 000000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2019-04-30 18:07 - 2019-04-30 18:07 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2019-04-30 18:07 - 2019-04-30 18:07 - 000000000 ____D C:\Users\Default\AppData\Local\AVG
2019-04-30 18:07 - 2019-04-30 18:07 - 000000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2019-04-30 18:07 - 2019-04-30 18:07 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2019-04-30 18:07 - 2019-04-30 18:07 - 000000000 ____D C:\Users\Default User\AppData\Local\AVG
2019-04-30 17:36 - 2019-04-30 18:22 - 000000000 ____D C:\Users\rufus
2019-04-30 17:36 - 2019-04-30 17:36 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2019-04-30 17:36 - 2019-04-30 17:36 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\Šablony
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\Soubory cookie
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\Poslední
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\Okolní tiskárny
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\Okolní síť
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\Nabídka Start
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\Dokumenty
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\Documents\Obrázky
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\Documents\Hudba
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\Documents\Filmy
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\Data aplikací
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-04-30 17:36 - 2019-04-30 17:36 - 000000000 _SHDL C:\Users\rufus\AppData\Local\Data aplikací
2019-04-30 17:36 - 2011-04-12 10:45 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Media Center Programs
2019-04-30 17:35 - 2019-04-30 17:39 - 000000000 ____D C:\Program Files\CONEXANT
2019-04-30 17:35 - 2019-04-30 17:35 - 000000264 _____ C:\Windows\Tasks\Synaptics TouchPad Enhancements.job
2019-04-30 17:35 - 2019-04-30 17:35 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2019-04-30 17:34 - 2019-04-30 17:34 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2019-04-30 17:34 - 2019-04-30 17:34 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2019-04-30 17:34 - 2019-04-30 17:34 - 000000000 ____D C:\Program Files\Synaptics
2019-04-30 17:34 - 2019-04-30 17:34 - 000000000 ____D C:\Intel
2019-04-30 16:48 - 2019-04-30 16:48 - 000003170 _____ C:\Users\rufus\Desktop\Soubor Windows Compatibility Report.htm
2019-04-30 16:46 - 2019-04-30 16:46 - 000002544 _____ C:\Windows\diagwrn.xml
2019-04-30 16:46 - 2019-04-30 16:46 - 000001890 _____ C:\Windows\diagerr.xml
2019-04-30 16:28 - 2019-04-30 17:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-04-30 16:28 - 2019-04-30 16:28 - 000001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-04-30 16:24 - 2019-05-02 14:38 - 000476776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-04-30 16:24 - 2019-05-02 14:38 - 000385848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-04-30 16:24 - 2019-04-30 16:23 - 000220640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-04-30 16:24 - 2019-04-30 16:23 - 000166848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-04-30 16:24 - 2019-04-30 16:23 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-04-30 16:24 - 2019-04-30 16:23 - 000088160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-04-30 16:24 - 2019-04-30 16:23 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-04-30 16:24 - 2019-04-30 16:22 - 001031000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-04-30 16:24 - 2019-04-30 16:22 - 000320624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-04-30 16:24 - 2019-04-30 16:22 - 000254128 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-04-30 16:24 - 2019-04-30 16:22 - 000205400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-04-30 16:24 - 2019-04-30 16:22 - 000196000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-04-30 16:24 - 2019-04-30 16:22 - 000057888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-04-30 16:24 - 2019-04-30 16:22 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-04-30 16:23 - 2019-04-30 16:22 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-04-30 16:22 - 2019-04-30 17:38 - 000000000 ____D C:\Program Files\AVAST Software
2019-04-30 13:17 - 2019-04-30 13:17 - 008810312 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online_x64.exe
2019-04-29 20:39 - 2019-05-02 15:00 - 000000258 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2019-04-29 20:36 - 2019-04-30 18:00 - 000000000 ____D C:\Users\rufus\AppData\Local\mbamtray
2019-04-29 20:36 - 2019-04-30 18:00 - 000000000 ____D C:\Users\rufus\AppData\Local\mbam
2019-04-29 20:36 - 2019-04-30 17:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-29 20:36 - 2019-04-29 20:36 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-29 20:35 - 2019-04-30 17:41 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-29 20:35 - 2019-04-30 17:39 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-29 20:35 - 2019-04-29 20:39 - 000000000 ____D C:\AdwCleaner
2019-04-29 20:35 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-04-29 20:28 - 2019-04-30 17:39 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-04-29 20:28 - 2019-04-30 11:59 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-29 20:28 - 2019-04-29 20:28 - 000002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2019-04-29 20:25 - 2019-04-30 17:40 - 000000000 ____D C:\Program Files (x86)\ThinkPad
2019-04-29 20:25 - 2019-04-29 20:25 - 000003020 _____ C:\Windows\System32\Tasks\PMTask
2019-04-29 20:25 - 2018-05-16 06:08 - 002873128 _____ (Lenovo Group Limited) C:\Windows\system32\PWMCP64V.cpl
2019-04-29 20:25 - 2018-05-16 06:08 - 002693416 _____ (Lenovo Group Limited) C:\Windows\PWMBTHLV.EXE
2019-04-29 20:25 - 2018-05-16 06:08 - 000039264 _____ (Lenovo Group Limited) C:\Windows\system32\Drivers\TPPWR64V.SYS
2019-04-29 20:25 - 2018-05-16 06:08 - 000029512 _____ (Lenovo.) C:\Windows\system32\Drivers\DZHDD64.SYS
2019-04-29 20:19 - 2019-04-30 18:00 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-04-29 20:19 - 2019-04-30 17:40 - 000000000 ____D C:\Program Files (x86)\VS Revo Group
2019-04-29 20:19 - 2019-04-29 20:19 - 000001264 _____ C:\Users\rufus\Desktop\Revo Uninstaller.lnk
2019-04-29 11:11 - 2019-04-29 11:11 - 000002954 _____ C:\Windows\System32\Tasks\{1EA29469-FE14-4DE5-941A-67193ABC1E91}
2019-04-26 19:39 - 2019-05-02 15:10 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-04-15 07:23 - 2019-05-02 14:38 - 000000077 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2019-04-04 14:55 - 2010-06-19 14:26 - 000159504 _____ () C:\Windows\SysWOW64\DVM_IPCam2.ocx
2019-04-04 14:55 - 2010-06-19 14:26 - 000159504 _____ () C:\Windows\DVM_IPCam2.ocx
2019-04-04 14:52 - 2019-04-04 14:53 - 000000000 ____D C:\a
2019-04-04 14:50 - 2019-04-04 14:49 - 000120194 _____ C:\Windows\SysWOW64\Dvm_ipcam2.rar
2019-04-04 14:49 - 2019-04-04 14:49 - 000120194 _____ C:\Windows\Dvm_ipcam2.rar
2019-04-04 14:21 - 2019-04-04 14:21 - 000000000 ___HD C:\Windows\msdownld.tmp
2019-04-04 14:21 - 2013-10-14 18:00 - 000028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2019-04-04 14:17 - 2019-04-04 14:17 - 006026240 ____N (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 004305920 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 001359360 ____N (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 001155072 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000942592 ____N (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000940032 ____N (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-04-04 14:17 - 2019-04-04 14:17 - 000814080 ____N (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000645120 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000620032 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000235008 ____N (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000194048 ____N (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000131072 ____N (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000114688 ____N (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-04-04 14:17 - 2019-04-04 14:17 - 000111616 ____N (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000088064 ____N (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000077824 ____N (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000064000 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000060416 ____N (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000048640 ____N (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000047616 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-04-04 14:17 - 2019-04-04 14:17 - 000004096 ____N (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000010752 ____N (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000010752 ____N (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000009728 ____N (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000009728 ____N (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000005632 ____N (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000005632 ____N (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000005632 ____N (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000005632 ____N (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000004096 ____N (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000004096 ____N (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000003584 ____N (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000003584 ____N (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000003072 ____N (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000003072 ____N (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000003072 ____N (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000003072 ____N (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000002560 ____N (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2019-04-04 14:13 - 2019-04-04 14:13 - 000002560 ____N (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2019-04-04 14:03 - 2019-04-30 18:01 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Mozilla
2019-04-04 14:03 - 2019-04-30 18:00 - 000000000 ____D C:\Users\rufus\AppData\Local\Mozilla

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-02 18:09 - 2017-05-11 17:23 - 000000000 ____D C:\zz_install
2019-05-02 17:40 - 2016-03-30 13:08 - 000000000 ____D C:\!Stazeno!
2019-05-02 17:38 - 2011-04-12 10:34 - 000671630 _____ C:\Windows\system32\perfh005.dat
2019-05-02 17:38 - 2011-04-12 10:34 - 000142194 _____ C:\Windows\system32\perfc005.dat
2019-05-02 17:38 - 2009-07-14 07:13 - 001590786 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-02 17:38 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-05-02 17:35 - 2016-03-17 19:42 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-05-02 17:34 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-02 16:03 - 2009-07-14 06:45 - 000021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-02 16:03 - 2009-07-14 06:45 - 000021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-02 15:10 - 2018-03-08 09:42 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-05-02 14:29 - 2009-07-14 06:45 - 000353256 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-30 18:30 - 2009-07-14 07:32 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2019-04-30 18:27 - 2009-07-14 06:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2019-04-30 18:22 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2019-04-30 18:22 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Windows NT
2019-04-30 18:20 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\oobe
2019-04-30 18:12 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\Registration
2019-04-30 18:11 - 2017-12-06 21:07 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-04-30 18:11 - 2016-03-17 16:57 - 000000000 ____D C:\Windows\System32\Tasks\TVT
2019-04-30 18:11 - 2016-03-17 16:57 - 000000000 ____D C:\Windows\System32\Tasks\Lenovo
2019-04-30 18:11 - 2009-07-14 05:20 - 000000000 __RSD C:\Windows\Media
2019-04-30 18:01 - 2019-04-01 12:50 - 000000000 ____D C:\Users\rufus\Desktop\Autogramiáda paní Mileny Flodrové __ Novináři jižní Moravy_files
2019-04-30 18:01 - 2019-01-15 17:37 - 000000000 ____D C:\Users\rufus\Desktop\MojeBanka_files
2019-04-30 18:01 - 2018-11-09 17:10 - 000000000 ____D C:\Users\rufus\Desktop\Dotace Město brno 2018_files
2019-04-30 18:01 - 2018-07-03 11:28 - 000000000 ____D C:\Users\rufus\Desktop\Kalkul PDF
2019-04-30 18:01 - 2018-04-18 16:23 - 000000000 ____D C:\Users\rufus\Desktop\Aktuálně - Cena Jiřího Ortena_files
2019-04-30 18:01 - 2018-02-04 20:46 - 000000000 ____D C:\Users\rufus\AppData\Roaming\PwrMgr
2019-04-30 18:01 - 2018-02-04 19:08 - 000000000 ____D C:\Users\rufus\Downloads\microsoft office 2013
2019-04-30 18:01 - 2018-02-04 19:05 - 000000000 ____D C:\Users\rufus\AppData\Roaming\uTorrent
2019-04-30 18:01 - 2018-02-04 19:05 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2019-04-30 18:01 - 2017-11-08 09:07 - 000000000 ____D C:\Users\rufus\Desktop\Barum Polaris 3 165_70 R14 81T od 822 Kč - Heureka.cz_files
2019-04-30 18:01 - 2017-10-17 18:32 - 000000000 ____D C:\Users\rufus\Desktop\Kegelovy cviky_files
2019-04-30 18:01 - 2017-09-01 11:57 - 000000000 ____D C:\Users\rufus\Desktop\ŽZ dobre rano_files
2019-04-30 18:01 - 2017-05-11 17:31 - 000000000 ____D C:\Users\rufus\Documents\OCCT
2019-04-30 18:01 - 2017-02-17 13:50 - 000000000 ____D C:\Users\rufus\Desktop\Mluvnické pády _ Pišme správně_files
2019-04-30 18:01 - 2017-02-15 10:10 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Software602
2019-04-30 18:01 - 2017-01-17 11:43 - 000000000 ____D C:\Users\rufus\Desktop\Brno - Oznámení od společného zástupce - formulář k odeslání_files
2019-04-30 18:01 - 2016-11-10 10:48 - 000000000 ____D C:\Users\rufus\Documents\Garmin
2019-04-30 18:01 - 2016-06-21 16:34 - 000000000 ___RD C:\Users\rufus\Documents\Scanned Documents
2019-04-30 18:01 - 2016-06-21 16:34 - 000000000 ____D C:\Users\rufus\Documents\Fax
2019-04-30 18:01 - 2016-05-09 10:05 - 000000000 ____D C:\Users\rufus\Documents\AVerTV
2019-04-30 18:01 - 2016-04-19 15:32 - 000000000 ____D C:\Users\rufus\Documents\IP Camera Viewer
2019-04-30 18:01 - 2016-04-18 13:11 - 000000000 ____D C:\Users\rufus\AppData\Roaming\TuneUp Software
2019-04-30 18:01 - 2016-04-15 10:52 - 000000000 ____D C:\Users\rufus\Documents\BlazeVideo
2019-04-30 18:01 - 2016-04-14 16:16 - 000000000 ____D C:\Users\rufus\Languages
2019-04-30 18:01 - 2016-03-30 15:03 - 000000000 ____D C:\Users\rufus\AppData\Roaming\vlc
2019-04-30 18:01 - 2016-03-24 14:27 - 000000000 ____D C:\Users\rufus\Documents\PeliCo
2019-04-30 18:01 - 2016-03-23 11:34 - 000000000 ____D C:\Users\rufus\Documents\CD_KALKUL
2019-04-30 18:01 - 2016-03-23 11:33 - 000000000 ____D C:\Users\rufus\AppData\Roaming\PeliCo
2019-04-30 18:01 - 2016-03-18 18:16 - 000000000 ___RD C:\Users\rufus\Disk Google
2019-04-30 18:01 - 2016-03-17 19:42 - 000000000 ____D C:\Users\rufus\AppData\Roaming\TeamViewer
2019-04-30 18:01 - 2016-03-17 19:19 - 000000000 ____D C:\Users\rufus\Desktop\Hard Disk Sentinel 4.6 r
2019-04-30 18:01 - 2016-03-17 17:22 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2019-04-30 18:01 - 2016-03-17 16:46 - 000000000 ____D C:\Users\rufus\Desktop\HWiNFO32
2019-04-30 18:00 - 2018-02-22 10:37 - 000000000 ____D C:\Users\rufus\AppData\LocalLow\Temp
2019-04-30 18:00 - 2018-02-04 20:08 - 000000000 ____D C:\Users\rufus\AppData\Local\Lenovo
2019-04-30 18:00 - 2018-01-31 14:29 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Kastner software
2019-04-30 18:00 - 2018-01-26 14:19 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KALKTISK
2019-04-30 18:00 - 2018-01-22 17:31 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Avast Tuneup
2019-04-30 18:00 - 2018-01-10 16:52 - 000000000 ____D C:\Users\rufus\AppData\Local\Turbo
2019-04-30 18:00 - 2018-01-10 16:45 - 000000000 ____D C:\Users\rufus\AppData\Local\IIIQF
2019-04-30 18:00 - 2017-12-13 13:29 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KUPDATE
2019-04-30 18:00 - 2017-06-29 07:54 - 000000000 ____D C:\Users\rufus\AppData\Roaming\AVAST Software
2019-04-30 18:00 - 2017-05-11 17:31 - 000000000 ____D C:\Users\rufus\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
2019-04-30 18:00 - 2017-05-11 17:24 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Hard Disk Sentinel
2019-04-30 18:00 - 2017-04-27 07:34 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Google
2019-04-30 18:00 - 2017-02-15 10:09 - 000000000 ____D C:\Users\rufus\AppData\Roaming\602Installer
2019-04-30 18:00 - 2016-11-04 14:21 - 000000000 ____D C:\Users\rufus\AppData\Local\Tvsukernel
2019-04-30 18:00 - 2016-10-13 09:24 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Garmin
2019-04-30 18:00 - 2016-04-20 09:59 - 000000000 ____D C:\Users\rufus\AppData\LocalLow\Adobe
2019-04-30 18:00 - 2016-04-20 09:42 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Adobe
2019-04-30 18:00 - 2016-04-20 09:12 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online
2019-04-30 18:00 - 2016-04-20 09:12 - 000000000 ____D C:\Users\rufus\AppData\Roaming\ImperiaOnline
2019-04-30 18:00 - 2016-04-18 13:14 - 000000000 ____D C:\Users\rufus\AppData\Roaming\AVG
2019-04-30 18:00 - 2016-04-18 13:07 - 000000000 ____D C:\Users\rufus\AppData\Local\MFAData
2019-04-30 18:00 - 2016-03-31 13:53 - 000000000 ____D C:\Users\rufus\AppData\Local\Nico Mak Computing
2019-04-30 18:00 - 2016-03-30 13:19 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2019-04-30 18:00 - 2016-03-30 13:19 - 000000000 ____D C:\Users\rufus\AppData\Roaming\ICQ
2019-04-30 18:00 - 2016-03-23 11:36 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DOSBox-0.72
2019-04-30 18:00 - 2016-03-23 11:32 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KALKULY
2019-04-30 18:00 - 2016-03-18 17:16 - 000000000 ____D C:\Users\rufus\AppData\Local\Spoon
2019-04-30 18:00 - 2016-03-17 19:56 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Foxit Software
2019-04-30 18:00 - 2016-03-17 19:56 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Foxit AgentInformation
2019-04-30 18:00 - 2016-03-17 19:43 - 000000000 ____D C:\Users\rufus\AppData\Local\TeamViewer
2019-04-30 18:00 - 2016-03-17 17:22 - 000000000 ____D C:\Users\rufus\AppData\Roaming\GHISLER
2019-04-30 18:00 - 2016-03-17 17:19 - 000000000 ____D C:\Users\rufus\AppData\Local\Google
2019-04-30 18:00 - 2016-03-17 17:02 - 000000000 ____D C:\Users\rufus\AppData\Roaming\Intel
2019-04-30 18:00 - 2016-03-17 16:42 - 000000000 ____D C:\Users\rufus\AppData\Local\VirtualStore
2019-04-30 17:49 - 2017-08-11 12:25 - 000000000 ____D C:\Users\rufus\AppData\Local\Apps\2.0
2019-04-30 17:49 - 2017-07-10 10:35 - 000000000 ____D C:\Users\rufus\AppData\Local\AVAST Software
2019-04-30 17:49 - 2016-10-13 09:24 - 000000000 ____D C:\Users\rufus\AppData\Local\Garmin_Ltd._or_its_subsid
2019-04-30 17:49 - 2016-05-09 09:55 - 000000000 ____D C:\Users\rufus\AppData\Local\AVerMedia
2019-04-30 17:49 - 2016-04-20 14:06 - 000000000 ____D C:\Users\rufus\AppData\Local\CEF
2019-04-30 17:49 - 2016-04-18 13:07 - 000000000 ____D C:\Users\rufus\AppData\Local\AvgSetupLog
2019-04-30 17:49 - 2016-04-18 13:07 - 000000000 ____D C:\Users\rufus\AppData\Local\Avg2015
2019-04-30 17:49 - 2016-04-18 13:07 - 000000000 ____D C:\Users\rufus\AppData\Local\Avg
2019-04-30 17:49 - 2016-04-07 10:31 - 000000000 ____D C:\Users\rufus\.android
2019-04-30 17:49 - 2016-03-23 11:35 - 000000000 ____D C:\Users\rufus\AppData\Local\ElevatedDiagnostics
2019-04-30 17:49 - 2016-03-18 17:19 - 000000000 ____D C:\Users\rufus\AppData\Local\DeskShare Data
2019-04-30 17:49 - 2016-03-17 19:57 - 000000000 ____D C:\Users\rufus\AppData\Local\Foxit Reader
2019-04-30 17:49 - 2016-03-17 19:54 - 000000000 ____D C:\Users\rufus\AppData\Local\Adobe
2019-04-30 17:49 - 2016-03-17 17:33 - 000000000 ____D C:\Users\rufus\AppData\Local\GHISLER
2019-04-30 17:49 - 2016-03-17 17:16 - 000000000 ____D C:\Users\rufus\AppData\Local\Broadcom
2019-04-30 17:46 - 2019-01-07 08:22 - 000000000 ____D C:\Windows\SysWOW64\0
2019-04-30 17:46 - 2016-04-20 10:20 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-04-30 17:44 - 2016-04-20 10:20 - 000000000 ____D C:\Windows\system32\Macromed
2019-04-30 17:44 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2019-04-30 17:42 - 2016-04-18 12:51 - 000000000 ____D C:\Windows\pss
2019-04-30 17:42 - 2016-03-31 13:57 - 000000000 ____D C:\Windows\system32\appmgmt
2019-04-30 17:42 - 2011-04-12 10:45 - 000000000 ____D C:\Windows\ShellNew
2019-04-30 17:41 - 2019-01-28 11:04 - 000000000 ___HD C:\ProgramData\{3DE8FCFA-3EE0-4B1D-8945-C11D6AD0E3AB}
2019-04-30 17:41 - 2019-01-28 11:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Computer Laboratory Účetní manager
2019-04-30 17:41 - 2018-05-04 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-04-30 17:41 - 2018-02-04 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-04-30 17:41 - 2018-01-31 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FORM studio
2019-04-30 17:41 - 2018-01-31 14:28 - 000000000 ____D C:\ProgramData\KASTNER software
2019-04-30 17:41 - 2017-12-11 13:41 - 000000000 ____D C:\ProgramData\Help
2019-04-30 17:41 - 2017-08-28 07:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-04-30 17:41 - 2017-07-03 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2019-04-30 17:41 - 2017-07-03 09:26 - 000000000 ____D C:\ProgramData\Foxit Software
2019-04-30 17:41 - 2017-06-29 07:50 - 000000000 ____D C:\ProgramData\AVAST Software
2019-04-30 17:41 - 2017-05-02 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DosPrint
2019-04-30 17:41 - 2016-10-13 09:24 - 000000000 ____D C:\ProgramData\Garmin
2019-04-30 17:41 - 2016-10-04 12:03 - 000000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2019-04-30 17:41 - 2016-05-09 09:56 - 000000000 ____D C:\ProgramData\AVerTV 3D
2019-04-30 17:41 - 2016-05-09 09:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVerMedia
2019-04-30 17:41 - 2016-04-20 09:13 - 000000000 ____D C:\ProgramData\NortonInstaller
2019-04-30 17:41 - 2016-04-20 09:13 - 000000000 ____D C:\ProgramData\Norton
2019-04-30 17:41 - 2016-04-18 13:08 - 000000000 ____D C:\ProgramData\Avg
2019-04-30 17:41 - 2016-04-18 13:07 - 000000000 ____D C:\ProgramData\MFAData
2019-04-30 17:41 - 2016-03-31 13:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-04-30 17:41 - 2016-03-23 14:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Printer Uninstaller
2019-04-30 17:41 - 2016-03-18 18:50 - 000000000 ____D C:\ProgramData\Computer Laboratory
2019-04-30 17:41 - 2016-03-18 17:16 - 000000000 ____D C:\ProgramData\DeskShare
2019-04-30 17:41 - 2016-03-17 19:56 - 000000000 ____D C:\Users\Public\Foxit Software
2019-04-30 17:41 - 2016-03-17 19:56 - 000000000 ____D C:\ProgramData\Foxit ContentPlatform
2019-04-30 17:41 - 2016-03-17 19:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2019-04-30 17:41 - 2016-03-17 19:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2019-04-30 17:41 - 2016-03-17 17:02 - 000000000 ____D C:\ProgramData\Intel
2019-04-30 17:41 - 2016-03-17 16:56 - 000000000 ____D C:\ProgramData\Lenovo
2019-04-30 17:41 - 2011-04-12 10:45 - 000000000 ___RD C:\Users\Public\Recorded TV
2019-04-30 17:41 - 2009-07-14 07:32 - 000000000 ____D C:\Windows\Downloaded Program Files
2019-04-30 17:41 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\IME
2019-04-30 17:40 - 2019-01-28 11:03 - 000000000 ____D C:\Program Files (x86)\Computer Laboratory
2019-04-30 17:40 - 2018-01-31 14:28 - 000000000 ____D C:\Program Files (x86)\KASTNER software
2019-04-30 17:40 - 2017-07-03 09:26 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2019-04-30 17:40 - 2017-02-15 10:09 - 000000000 ____D C:\Program Files (x86)\Software602
2019-04-30 17:40 - 2016-05-09 09:52 - 000000000 ____D C:\Program Files (x86)\AVerMedia
2019-04-30 17:40 - 2016-04-20 09:16 - 000000000 ____D C:\ProgramData\Adobe
2019-04-30 17:40 - 2016-04-18 13:08 - 000000000 ____D C:\Program Files (x86)\AVG
2019-04-30 17:40 - 2016-03-30 15:03 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2019-04-30 17:40 - 2016-03-23 11:36 - 000000000 ____D C:\Program Files (x86)\DOSBox-0.72
2019-04-30 17:40 - 2016-03-23 11:32 - 000000000 ____D C:\Program Files (x86)\PeliCo
2019-04-30 17:40 - 2016-03-18 17:16 - 000000000 ____D C:\Program Files (x86)\Deskshare
2019-04-30 17:40 - 2016-03-18 16:44 - 000000000 ____D C:\Program Files (x86)\MSECache
2019-04-30 17:40 - 2016-03-17 19:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Works
2019-04-30 17:40 - 2016-03-17 19:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2019-04-30 17:40 - 2016-03-17 19:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-04-30 17:40 - 2016-03-17 19:20 - 000000000 ____D C:\Program Files (x86)\Elaborate Bytes
2019-04-30 17:40 - 2016-03-17 17:18 - 000000000 ____D C:\Program Files (x86)\Google
2019-04-30 17:40 - 2016-03-17 17:11 - 000000000 ____D C:\Program Files (x86)\Intel
2019-04-30 17:40 - 2016-03-17 17:11 - 000000000 ____D C:\Program Files (x86)\Integrated Camera Driver
2019-04-30 17:40 - 2016-03-17 17:10 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-04-30 17:40 - 2016-03-17 17:10 - 000000000 ____D C:\Program Files (x86)\Chicony Electronics Co.,Ltd
2019-04-30 17:40 - 2016-03-17 17:02 - 000000000 ____D C:\Program Files (x86)\Cisco
2019-04-30 17:40 - 2016-03-17 16:57 - 000000000 ____D C:\Program Files (x86)\Lenovo
2019-04-30 17:39 - 2018-09-14 16:28 - 000000000 ____D C:\Program Files (x86)\AdwCleaner
2019-04-30 17:39 - 2018-05-04 13:10 - 000000000 ____D C:\Program Files\VideoLAN
2019-04-30 17:39 - 2018-03-29 07:57 - 000000000 ____D C:\Program Files\Google
2019-04-30 17:39 - 2018-02-02 14:33 - 000000000 ____D C:\Program Files\Software602
2019-04-30 17:39 - 2017-12-21 19:31 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2019-04-30 17:39 - 2016-10-13 09:24 - 000000000 ____D C:\Program Files\DIFX
2019-04-30 17:39 - 2016-03-30 13:12 - 000000000 ____D C:\Program Files\MyPhoneExplorer
2019-04-30 17:39 - 2016-03-17 17:22 - 000000000 ____D C:\Program Files\totalcmd
2019-04-30 17:39 - 2016-03-17 17:14 - 000000000 ____D C:\Program Files\ThinkPad
2019-04-30 17:39 - 2016-03-17 17:10 - 000000000 ____D C:\Program Files\Lenovo
2019-04-30 17:39 - 2016-03-17 17:02 - 000000000 ____D C:\Program Files\Intel
2019-04-30 17:39 - 2016-03-17 17:02 - 000000000 ____D C:\Program Files\Common Files\Intel
2019-04-30 17:38 - 2018-02-04 16:12 - 000000000 ____D C:\Program Files\CCleaner
2019-04-30 17:38 - 2017-12-06 21:07 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2019-04-30 17:38 - 2016-03-31 13:57 - 000000000 ____D C:\Program Files\7-Zip
2019-04-30 17:38 - 2016-03-23 14:53 - 000000000 ____D C:\Program Files\Canon
2019-04-30 17:36 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\sysprep
2019-04-30 17:32 - 2011-04-12 10:45 - 000000000 ____D C:\Windows\CSC
2019-04-30 12:00 - 2016-04-20 09:53 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-04-29 13:26 - 2016-03-18 18:09 - 000002592 _____ C:\Users\rufus\intlname.ols
2019-04-28 04:11 - 2016-03-18 18:13 - 000001988 _____ C:\Users\Public\Desktop\Google Docs.lnk
2019-04-26 18:24 - 2019-03-26 11:39 - 000002906 _____ C:\Windows\System32\Tasks\{E20E4AF7-2804-4D9F-9003-D4C1325FB019}
2019-04-26 18:24 - 2018-02-04 16:12 - 000002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-04-26 18:24 - 2018-01-26 19:26 - 000002978 _____ C:\Windows\System32\Tasks\{79E72281-7FE4-412E-B1B2-0D105F57A8C6}
2019-04-26 18:24 - 2018-01-26 18:35 - 000002986 _____ C:\Windows\System32\Tasks\{2379CD0F-3740-4739-89AF-D744D5BDF884}
2019-04-26 18:24 - 2018-01-10 16:31 - 000003066 _____ C:\Windows\System32\Tasks\{2A24999F-B0CD-4E07-9E4B-B979B0DA6761}
2019-04-26 18:24 - 2016-12-22 09:49 - 000002760 _____ C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2019-04-26 18:24 - 2016-04-20 10:20 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-04-26 18:24 - 2016-04-06 18:13 - 000002958 _____ C:\Windows\System32\Tasks\{17ACF711-1FE5-4C55-A83F-563E38AFD500}
2019-04-26 18:24 - 2016-03-17 17:18 - 000003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-26 18:24 - 2016-03-17 17:18 - 000003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-24 08:57 - 2016-03-17 19:22 - 000000384 _____ C:\Windows\ODBC.INI
2019-04-24 08:57 - 2009-07-14 04:34 - 000000499 _____ C:\Windows\win.ini
2019-04-23 15:39 - 2019-02-01 10:08 - 000000000 ____D C:\DPP
2019-04-11 09:28 - 2019-01-29 13:23 - 000002992 _____ C:\Windows\System32\Tasks\{26DD1F3A-C873-42C3-BC6A-70A145CFC461}
2019-04-11 07:57 - 2016-03-17 17:19 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-10 08:16 - 2016-04-20 10:20 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-04-10 08:16 - 2016-04-20 10:20 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-04 16:49 - 2018-05-04 13:11 - 000000915 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-04-04 16:43 - 2018-10-03 16:46 - 000000000 ____D C:\fu 2018

==================== Files in the root of some directories =======

2016-04-15 11:00 - 2016-04-15 11:00 - 000005120 _____ () C:\Users\rufus\AppData\Roaming\GiftBag.db

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 02 kvě 2019 17:58 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 108994
Bydliště: Plzeň
Otevřte poznámkový blok a zkopírujte do něj:

Citace:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0CEDF50C-5D89-4D79-BE3A-0755DB8DF0FF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-03-17] (Google Inc -> Google Inc.)
Task: {5D227A38-B82F-4F4E-A3F7-E3E23E6E5632} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-03-17] (Google Inc -> Google Inc.)
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
C:\Windows\System32\Tasks\{1EA29469-FE14-4DE5-941A-67193ABC1E91}
C:\Windows\msdownld.tmp
C:\ProgramData\{3DE8FCFA-3EE0-4B1D-8945-C11D6AD0E3AB}
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End


Uložte do C:\zz_install\Malware removal jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 02 kvě 2019 18:08 
Offline
Návštěvník
Návštěvník

Registrován: 02 kvě 2019 14:21
Příspěvky: 7
Děkuji, udělal jsem vše dle návodu, tady je log.

Nicméně vypadá to že se nic nezměnilo většina programu nejde spustit, při pokusu o spuštění to vyhodí chybovou hlášku Systém Windows nemůže najít položku...

Fix result of Farbar Recovery Scan Tool (x64) Version: 01-05.2019
Ran by rufus (02-05-2019 19:01:45) Run:1
Running from C:\zz_install\Malware removal
Loaded Profiles: rufus (Available Profiles: rufus)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0CEDF50C-5D89-4D79-BE3A-0755DB8DF0FF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-03-17] (Google Inc -> Google Inc.)
Task: {5D227A38-B82F-4F4E-A3F7-E3E23E6E5632} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-03-17] (Google Inc -> Google Inc.)
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
C:\Windows\System32\Tasks\{1EA29469-FE14-4DE5-941A-67193ABC1E91}
C:\Windows\msdownld.tmp
C:\ProgramData\{3DE8FCFA-3EE0-4B1D-8945-C11D6AD0E3AB}
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0CEDF50C-5D89-4D79-BE3A-0755DB8DF0FF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0CEDF50C-5D89-4D79-BE3A-0755DB8DF0FF}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D227A38-B82F-4F4E-A3F7-E3E23E6E5632}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D227A38-B82F-4F4E-A3F7-E3E23E6E5632}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@qq.com/npAndroidAssistant => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.8 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.1 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf => removed successfully
C:\Windows\System32\Tasks\{1EA29469-FE14-4DE5-941A-67193ABC1E91} => moved successfully
C:\Windows\msdownld.tmp => moved successfully
C:\ProgramData\{3DE8FCFA-3EE0-4B1D-8945-C11D6AD0E3AB} => moved successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7804941 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 14038992 B
Edge => 0 B
Chrome => 486627243 B
Firefox => 8956976 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 73080 B
Public => 0 B
ProgramData => 0 B
systemprofile => 82889 B
systemprofile32 => 66228 B
LocalService => 132244 B
NetworkService => 0 B
rufus => 34554566 B

RecycleBin => 2402211638 B
EmptyTemp: => 2.8 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:02:29 ====


Nahoru
 Profil  
Odpovědět s citací  
PříspěvekNapsal: 02 kvě 2019 18:57 
Offline
Site Admin
Site Admin
Uživatelský avatar

Registrován: 30 říj 2003 13:42
Příspěvky: 108994
Bydliště: Plzeň
Smazáno. Zkuste obnovu systému k datu, kdy korektně fungoval.

_________________
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.


Nahoru
 Profil  
Odpovědět s citací  
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Odpovědět na téma  [ Příspěvků: 11 ] 

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: Žádní registrovaní uživatelé


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Přispějete na provoz fóra?