otevírání oken

Zpráva

#16 Příspěvek od **Conder** » 28 lis 2019 23:46

Poprosim o obidva nove logy z FRST.

LuckyphonyxH · #17 Příspěvek od **LuckyphonyxH** » 29 lis 2019 08:47

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-11-2019 01
Ran by Veronika (29-11-2019 08:45:22)
Running from C:\Users\Veronika\Desktop
Windows 7 Professional Service Pack 1 (X64) (2019-08-21 09:34:47)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-966870082-2284507984-435399636-500 - Administrator - Disabled)
Guest (S-1-5-21-966870082-2284507984-435399636-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-966870082-2284507984-435399636-1002 - Limited - Enabled)
Veronika (S-1-5-21-966870082-2284507984-435399636-1001 - Administrator - Enabled) => C:\Users\Veronika

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
Lenovo EasyCamera (HKLM\...\Lenovo EasyCamera) (Version: 5.8.0.12 - Silicon Motion)
Lenovo EasyCamera (HKLM-x32\...\{FE7AD27A-62B1-44F6-B69C-25D1ECA94F5D}) (Version: 5.8.0.12 - Silicon Motion)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.101.714.2016 - Realtek)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Skype verze 8.54 (HKLM-x32\...\Skype_is1) (Version: 8.54 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{6DF079D7-2A57-4710-81B1-064649FF86FC}) (Version: 2.3.2 - Slimware Utilities Holdings, Inc.) Hidden
SlimDrivers (HKLM-x32\...\SlimDrivers) (Version: 2.3.2 - Slimware Utilities Holdings, Inc.)
Stronghold Crusader Extreme HD (HKLM-x32\...\GOGPACKSTRONGHOLDCRUSADERHD_is1) (Version: 2.0.0.6 - GOG.com)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version: - Microsoft)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2000-01-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-11-26 09:58 - 2019-11-12 18:26 - 001901568 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2019-11-26 09:58 - 2019-11-12 18:26 - 000115712 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2019-11-26 09:58 - 2019-11-12 18:26 - 004636672 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-11-28 23:23 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-966870082-2284507984-435399636-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [{E4159AB9-30DA-4C89-B8EF-3D9F88BCE806}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{765AA769-3E5B-4158-B40D-DA5B67E7A886}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{90778EAF-685A-4D92-A006-E6FA459305F9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C5CE2D95-A52F-4005-AFB9-8E5C3FDCD930}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B55B725D-151C-4022-B88F-3D9E63027A5A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6DE0A74D-3525-43F1-9407-D1D6D1333B62}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E6982795-1F07-4AA8-AEE4-9CFEA3D47E9A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DC8ACFA5-68A9-4A40-88C7-B7817A954038}] => (Allow) C:\Windows\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{EF0AF9BB-19D3-4D80-AE0F-5F1F26FD3619}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{45429B74-7C39-455F-8056-81289327C529}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{DCDEF21B-ABD6-43FB-ACAA-2CC62E34AFE9}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E10BBD03-3CA2-4BD8-85CB-0DBD63AC0C42}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)

==================== Restore Points =========================

26-09-2019 16:08:22 Windows Update
30-09-2019 09:27:49 Windows Update
13-10-2019 09:07:10 Windows Update
22-10-2019 06:16:41 Windows Update
27-10-2019 15:21:43 Windows Update
31-10-2019 19:38:48 Windows Update
15-11-2019 08:02:19 Windows Update
25-11-2019 11:38:05 Windows Update
26-11-2019 10:24:14 Windows Update
26-11-2019 12:31:20 DriverPack 17.11.13
28-11-2019 23:22:03 Restore Point Created by FRST

==================== Faulty Device Manager Devices ============

Name: Autocom CDP+ USB
Description: Autocom CDP+ USB
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: ========================

Application errors:
==================
Error: (11/29/2019 03:15:33 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/28/2019 11:34:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbam.exe, verze: 4.0.0.448, časové razítko: 0x5dd59030
Název chybujícího modulu: mbam.exe, verze: 4.0.0.448, časové razítko: 0x5dd59030
Kód výjimky: 0xc0000005
Posun chyby: 0x0019a1ce
ID chybujícího procesu: 0xe74
Čas spuštění chybující aplikace: 0x01d5a63bfa14f412
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
ID zprávy: 3bb9648b-122f-11ea-ba92-1c7508558ab8

Error: (11/28/2019 11:32:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamtray.exe, verze: 4.0.0.448, časové razítko: 0x5dd5901a
Název chybujícího modulu: Qt5Core.dll, verze: 5.13.2.0, časové razítko: 0x5dcd60b9
Kód výjimky: 0xc0000005
Posun chyby: 0x00198d49
ID chybujícího procesu: 0x948
Čas spuštění chybující aplikace: 0x01d5a63ae0498240
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID zprávy: eed61b85-122e-11ea-ba92-1c7508558ab8

Error: (11/28/2019 11:22:02 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.

Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {841b49aa-adb8-4558-a495-7a46339949fd}

Error: (11/28/2019 10:28:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbam.exe, verze: 4.0.0.448, časové razítko: 0x5dd59030
Název chybujícího modulu: Qt5Core.dll, verze: 5.13.2.0, časové razítko: 0x5dcd60b9
Kód výjimky: 0xc0000005
Posun chyby: 0x001b487e
ID chybujícího procesu: 0x17c4
Čas spuštění chybující aplikace: 0x01d5a632ca628ade
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID zprávy: 08c8c113-1226-11ea-a2ea-1c7508558ab8

Error: (11/28/2019 10:28:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbam.exe, verze: 4.0.0.448, časové razítko: 0x5dd59030
Název chybujícího modulu: Qt5Core.dll, verze: 5.13.2.0, časové razítko: 0x5dcd60b9
Kód výjimky: 0xc0000005
Posun chyby: 0x001b487e
ID chybujícího procesu: 0x17f0
Čas spuštění chybující aplikace: 0x01d5a632c2cea85a
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID zprávy: 02469ccf-1226-11ea-a2ea-1c7508558ab8

Error: (11/28/2019 10:25:46 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program g568A.tmp.exe.

Program: g568A.tmp.exe
Soubor:

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: 00000000
Typ disku: 0

Error: (11/28/2019 10:25:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: g568A.tmp.exe, verze: 0.0.0.0, časové razítko: 0x5db8dac1
Název chybujícího modulu: g568A.tmp.exe, verze: 0.0.0.0, časové razítko: 0x5db8dac1
Kód výjimky: 0xc000001d
Posun chyby: 0x00000000000332fe
ID chybujícího procesu: 0xadc
Čas spuštění chybující aplikace: 0x01d5a63255dfb333
Cesta k chybující aplikaci: C:\Windows\TEMP\g568A.tmp.exe
Cesta k chybujícímu modulu: C:\Windows\TEMP\g568A.tmp.exe
ID zprávy: a39fe94d-1225-11ea-a2ea-1c7508558ab8

System errors:
=============
Error: (11/28/2019 11:36:47 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.

Nová verze podpisu:

Předchozí verze podpisu: 1.305.2893.0

Zdroj aktualizace: Server Microsoft Update

Fáze aktualizace: Stahovat

Zdrojová cesta: http://www.microsoft.com

Typ podpisu: Antivirový program

Typ aktualizace: Úplné

Uživatel: NT AUTHORITY\SYSTEM

Aktuální verze modulu:

Předchozí verze modulu: 1.1.16500.1

Kód chyby: 0x8024001e

Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Error: (11/28/2019 11:36:47 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.

Nová verze podpisu:

Předchozí verze podpisu: 1.305.2893.0

Zdroj aktualizace: Server Microsoft Update

Fáze aktualizace: Stahovat

Zdrojová cesta: http://www.microsoft.com

Typ podpisu: Antivirový program

Typ aktualizace: Úplné

Uživatel: NT AUTHORITY\SYSTEM

Aktuální verze modulu:

Předchozí verze modulu: 1.1.16500.1

Kód chyby: 0x8024001e

Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Error: (11/28/2019 11:21:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (11/28/2019 11:21:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (11/28/2019 11:21:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (11/28/2019 11:21:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Malwarebytes Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/28/2019 10:17:18 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Služba DCOM zjistila chybu %%1084 = Tuto službu nelze spustit v nouzovém režimu. při pokusu o spuštění služby VSS s argumenty za účelem spuštění serveru:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (11/28/2019 07:24:45 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Služba DCOM zjistila chybu %%1068 = Nepodařilo se zahájit závislou službu nebo skupinu. při pokusu o spuštění služby BITS s argumenty za účelem spuštění serveru:
{4991D34B-80A1-4291-83B6-3328366B9097}

==================== Memory info ===========================

BIOS: LENOVO 18CN46WW(V2.55) 05/21/2010
Motherboard: LENOVO NITU1
Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
Percentage of memory in use: 87%
Total physical RAM: 3032.6 MB
Available physical RAM: 378.35 MB
Total Virtual: 6063.34 MB
Available Virtual: 3177.93 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:337.07 GB) NTFS

\\?\Volume{cfbaabf1-c3f5-11e9-b0c6-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: B40280FB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-11-2019 01
Ran by Veronika (administrator) on VERONIKA-PC (LENOVO 20023) (29-11-2019 08:43:54)
Running from C:\Users\Veronika\Desktop
Loaded Profiles: Veronika (Available Profiles: Veronika)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-966870082-2284507984-435399636-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-966870082-2284507984-435399636-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-966870082-2284507984-435399636-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [83524968 2019-11-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-25] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D0CAA98-189C-43CC-8C61-6692A66695E5} - System32\Tasks\{E8B74DA1-6F67-48C6-8507-82F8BA07D1D9} => C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe [16544280 2019-11-27] (Malwarebytes Inc -> Malwarebytes)
Task: {211DADC8-BA36-437A-8D5E-A7A46BD89132} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {4826603D-CD07-41A2-B5B1-63593DC685E8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {60FB85AC-B768-4FD5-AFCB-E833938CD1DC} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A08CA1F1-EDF7-475D-B42F-E43C3C153425} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {ADE9E4EB-B17E-452E-A6DC-1D0F270D70A3} - System32\Tasks\SlimDrivers Scan => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [29877336 2018-07-09] (Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.)
Task: {EBFC38AE-BF5B-4ABE-BBFD-E3F91EC0CFD8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {FA9A9017-F87C-41D2-A392-4235B0E01DA1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\SlimDrivers Scan.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{0750AF29-670A-49B3-87A6-18EF5ACF4A94}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{C30AADCB-172C-4238-836F-0A5EB4CAD793}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Internet Explorer:
==================
HKU\S-1-5-21-966870082-2284507984-435399636-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/cs-cz/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-15] (Google Inc -> Google LLC)

Chrome:
=======
CHR Profile: C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default [2019-11-28]
CHR Extension: (Prezentace) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-21]
CHR Extension: (Dokumenty) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-21]
CHR Extension: (Disk Google) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-08-21]
CHR Extension: (YouTube) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-21]
CHR Extension: (Tabulky) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-08-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-13]
CHR Extension: (Gmail) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-21]
CHR Extension: (Chrome Media Router) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-31]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 MBAMInstallerService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe [5217992 2019-11-27] (Malwarebytes Inc -> Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [53800 2018-11-21] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13920 2019-11-25] (SlimWare Utilities Inc. -> )
R3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [197376 2009-10-16] (Microsoft Windows Hardware Compatibility Publisher -> SMI)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-28 23:31 - 2019-11-28 23:31 - 000000000 ____D C:\Users\Veronika\AppData\Local\mbam
2019-11-28 23:31 - 2019-11-28 23:31 - 000000000 ____D C:\Users\Veronika\AppData\Local\cache
2019-11-28 23:25 - 2019-11-28 23:25 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-11-28 22:16 - 2019-11-29 08:44 - 000011658 _____ C:\Users\Veronika\Desktop\FRST.txt
2019-11-28 19:05 - 2019-11-28 19:20 - 000210310 _____ C:\TDSSKiller.3.1.0.28_28.11.2019_19.05.07_log.txt
2019-11-28 19:03 - 2019-11-28 19:05 - 000070042 _____ C:\Windows\ntbtlog.txt
2019-11-28 18:58 - 2019-11-28 18:58 - 000000000 ____D C:\Users\Veronika\AppData\Local\mbamtray
2019-11-28 04:55 - 2019-11-28 04:54 - 004962800 _____ C:\Users\Veronika\Desktop\tdsskiller.zip
2019-11-28 04:55 - 2019-04-09 19:14 - 005054744 _____ (AO Kaspersky Lab) C:\Users\Veronika\Desktop\TDSSKiller.exe
2019-11-28 04:54 - 2019-11-28 04:54 - 004962800 _____ C:\Users\Veronika\Downloads\tdsskiller.zip
2019-11-27 23:19 - 2019-11-27 23:20 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Veronika\Downloads\rkill (1).com
2019-11-27 23:19 - 2019-11-27 23:19 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Veronika\Downloads\rkill.com
2019-11-27 23:11 - 2019-11-27 23:14 - 054199488 _____ (Malwarebytes ) C:\Users\Veronika\Downloads\mb3-setup-consumer-3.0.5.1299.exe
2019-11-27 23:10 - 2019-11-27 23:10 - 000002980 _____ C:\Windows\system32\Tasks\{E8B74DA1-6F67-48C6-8507-82F8BA07D1D9}
2019-11-27 21:50 - 2019-11-27 21:50 - 000007369 _____ C:\Users\Veronika\Downloads\Addition.txt
2019-11-27 21:32 - 2019-11-29 08:44 - 000000000 ____D C:\FRST
2019-11-27 21:32 - 2019-11-27 21:50 - 000039037 _____ C:\Users\Veronika\Downloads\FRST.txt
2019-11-27 21:30 - 2019-11-27 21:31 - 002262016 _____ (Farbar) C:\Users\Veronika\Desktop\FRST64.exe
2019-11-27 21:25 - 2019-11-27 23:00 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-11-27 21:24 - 2019-11-28 23:36 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-11-27 21:22 - 2019-11-27 21:22 - 000000000 ____D C:\Program Files\Malwarebytes
2019-11-27 21:21 - 2019-11-27 21:22 - 001883976 _____ (Malwarebytes) C:\Users\Veronika\Downloads\MBSetup (1).exe
2019-11-26 12:20 - 2019-11-27 22:54 - 000000000 ____D C:\Program Files (x86)\MachinerData
2019-11-26 12:19 - 2019-11-28 19:01 - 000000000 ____D C:\Program Files (x86)\eCertification
2019-11-26 12:18 - 2019-11-26 12:18 - 005916484 _____ C:\Users\Veronika\Downloads\driver-autocom-cdp-usb_bd2e186.zip
2019-11-26 12:15 - 2019-11-26 12:15 - 013082576 _____ (TweakBit ) C:\Users\Veronika\Downloads\autocom_cdp_usb.exe
2019-11-26 09:58 - 2019-11-26 09:58 - 000001306 _____ C:\Users\Public\Desktop\Skype.lnk
2019-11-26 09:58 - 2019-11-26 09:58 - 000001306 _____ C:\ProgramData\Desktop\Skype.lnk
2019-11-26 09:58 - 2019-11-26 09:58 - 000000000 ____D C:\Users\Veronika\AppData\Roaming\Skype
2019-11-26 09:58 - 2019-11-26 09:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-11-25 18:49 - 2019-11-25 18:49 - 000000000 ____D C:\Program Files (x86)\Company
2019-11-25 18:33 - 2019-11-25 18:33 - 000000000 ____D C:\Program Files (x86)\Opura
2019-11-25 18:30 - 2019-11-26 12:04 - 000000000 ____D C:\Users\Veronika\AppData\Roaming\ActiveX
2019-11-15 14:23 - 2019-11-27 21:06 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-11-15 14:23 - 2019-11-15 14:23 - 000002820 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2019-11-15 14:23 - 2019-11-15 14:23 - 000000000 ____D C:\Program Files\CCleaner
2019-11-15 13:51 - 2019-11-15 13:51 - 000000000 ____D C:\Program Files\Common Files\Tencent
2019-11-15 13:49 - 2019-11-15 13:49 - 000000000 ____D C:\Program Files (x86)\Tencent
2019-11-15 13:45 - 2019-11-26 10:40 - 001560632 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-11-15 07:43 - 2019-11-15 13:48 - 000633144 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2019-11-15 07:43 - 2019-11-15 13:48 - 000545080 _____ (Microsoft Corporation) C:\Windows\system32\vcamp140.dll
2019-11-15 07:43 - 2019-11-15 13:48 - 000440120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140.dll
2019-11-15 07:43 - 2019-11-15 13:48 - 000400184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcamp140.dll
2019-11-15 07:43 - 2019-11-15 13:48 - 000395592 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2019-11-15 07:43 - 2019-11-15 13:48 - 000333632 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2019-11-15 07:43 - 2019-11-15 13:48 - 000267592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib140.dll
2019-11-15 07:43 - 2019-11-15 13:48 - 000244032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\concrt140.dll
2019-11-15 07:43 - 2019-11-15 13:48 - 000185144 _____ (Microsoft Corporation) C:\Windows\system32\vcomp140.dll
2019-11-15 07:43 - 2019-11-15 13:48 - 000138560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcomp140.dll
2019-11-15 07:43 - 2019-11-15 13:48 - 000087880 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2019-11-15 07:43 - 2019-11-15 13:48 - 000083792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140.dll
2019-11-15 07:42 - 2019-11-15 13:55 - 000000000 ____D C:\Users\Veronika\AppData\Roaming\Tencent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-29 08:02 - 2009-07-14 05:45 - 000014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-11-29 08:02 - 2009-07-14 05:45 - 000014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-11-28 23:37 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-11-28 23:23 - 2019-08-21 10:34 - 000000000 ____D C:\Users\Veronika
2019-11-28 23:23 - 2009-07-14 04:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-11-28 00:03 - 2019-08-21 10:37 - 000000000 ____D C:\Windows\system32\Tasks\Games
2019-11-27 22:51 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-11-27 20:10 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-11-26 12:42 - 2019-08-21 11:02 - 000000000 ____D C:\Program Files\CONEXANT
2019-11-26 12:39 - 2019-08-21 11:26 - 000000000 ____D C:\Windows\Panther
2019-11-26 12:08 - 2019-08-21 12:01 - 000000000 ____D C:\Windows\system32\MRT
2019-11-26 12:02 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-11-26 10:52 - 2019-08-21 12:01 - 127230528 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-11-26 10:48 - 2019-08-22 10:56 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2019-11-26 10:48 - 2009-07-14 03:34 - 000000581 _____ C:\Windows\win.ini
2019-11-26 10:40 - 2009-07-14 16:18 - 000669274 _____ C:\Windows\system32\perfh005.dat
2019-11-26 10:40 - 2009-07-14 16:18 - 000141342 _____ C:\Windows\system32\perfc005.dat
2019-11-26 10:40 - 2009-07-14 06:13 - 001560632 _____ C:\Windows\system32\PerfStringBackup.INI
2019-11-26 09:31 - 2019-08-21 12:04 - 000000000 ____D C:\Users\Veronika\Desktop\Honza
2019-11-25 13:09 - 2019-08-21 10:43 - 000013920 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2019-11-25 12:57 - 2009-07-14 06:09 - 000000000 ____D C:\Windows\system32\Tasks\WPD
2019-11-25 08:52 - 2019-08-21 11:11 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-25 08:52 - 2019-08-21 11:11 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-11-25 08:52 - 2019-08-21 11:11 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-11-25 07:21 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2019-11-20 19:18 - 2019-08-21 10:43 - 000000470 _____ C:\Windows\Tasks\SlimDrivers Scan.job
2019-11-15 16:00 - 2019-09-21 15:00 - 000000000 ____D C:\Users\Veronika\Documents\Stronghold Crusader
2019-11-15 13:37 - 2019-10-27 16:00 - 000000264 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2019-11-15 13:37 - 2019-10-27 16:00 - 000000000 ____D C:\ProgramData\Delphi
2019-11-15 13:36 - 2019-10-27 15:59 - 000000000 ____D C:\Users\Veronika\AppData\Roaming\Delphi
2019-11-15 07:43 - 2019-08-21 11:09 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-12 22:03 - 2019-08-21 10:52 - 000748816 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-10-31 19:19 - 2019-08-21 12:29 - 000000000 ____D C:\Users\Veronika\Desktop\Verča

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2019-11-29 00:30
==================== End of FRST.txt ========================

#18 Příspěvek od **Conder** » 29 lis 2019 14:26

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
```
Start
Zip: C:\FRST\Quarantine
End
```
Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Na ploche by sa mal vytvorit ZIP archiv s aktualnym datumom a casom v nazve, nahraj ho napr. na leteckaposta.cz (alebo na ine ulozisko) a posli odkaz na stiahnutie.

LuckyphonyxH · #19 Příspěvek od **LuckyphonyxH** » 29 lis 2019 17:51

Díky moc už nebude potřeba vzhledem k dlouhé odezvě fora jsem se rozhodl pc schodit naformatovat disk a nainstalovat win 10

#20 Příspěvek od **Conder** » 30 lis 2019 17:53

OK, nie je zaco

VIRY.CZ

otevírání oken

Re: otevírání oken

Re: otevírání oken

Re: otevírání oken

Re: otevírání oken

Re: otevírání oken