Re: otevírání oken
Napsal: 28 lis 2019 23:46
Poprosim o obidva nove logy z FRST.
- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-11-2019 01
Ran by Veronika (29-11-2019 08:45:22)
Running from C:\Users\Veronika\Desktop
Windows 7 Professional Service Pack 1 (X64) (2019-08-21 09:34:47)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-966870082-2284507984-435399636-500 - Administrator - Disabled)
Guest (S-1-5-21-966870082-2284507984-435399636-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-966870082-2284507984-435399636-1002 - Limited - Enabled)
Veronika (S-1-5-21-966870082-2284507984-435399636-1001 - Administrator - Enabled) => C:\Users\Veronika
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
Lenovo EasyCamera (HKLM\...\Lenovo EasyCamera) (Version: 5.8.0.12 - Silicon Motion)
Lenovo EasyCamera (HKLM-x32\...\{FE7AD27A-62B1-44F6-B69C-25D1ECA94F5D}) (Version: 5.8.0.12 - Silicon Motion)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.101.714.2016 - Realtek)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Skype verze 8.54 (HKLM-x32\...\Skype_is1) (Version: 8.54 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{6DF079D7-2A57-4710-81B1-064649FF86FC}) (Version: 2.3.2 - Slimware Utilities Holdings, Inc.) Hidden
SlimDrivers (HKLM-x32\...\SlimDrivers) (Version: 2.3.2 - Slimware Utilities Holdings, Inc.)
Stronghold Crusader Extreme HD (HKLM-x32\...\GOGPACKSTRONGHOLDCRUSADERHD_is1) (Version: 2.0.0.6 - GOG.com)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version: - Microsoft)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2000-01-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-11-26 09:58 - 2019-11-12 18:26 - 001901568 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2019-11-26 09:58 - 2019-11-12 18:26 - 000115712 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2019-11-26 09:58 - 2019-11-12 18:26 - 004636672 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2019-11-28 23:23 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-966870082-2284507984-435399636-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe No File
FirewallRules: [{E4159AB9-30DA-4C89-B8EF-3D9F88BCE806}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{765AA769-3E5B-4158-B40D-DA5B67E7A886}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{90778EAF-685A-4D92-A006-E6FA459305F9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C5CE2D95-A52F-4005-AFB9-8E5C3FDCD930}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B55B725D-151C-4022-B88F-3D9E63027A5A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6DE0A74D-3525-43F1-9407-D1D6D1333B62}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E6982795-1F07-4AA8-AEE4-9CFEA3D47E9A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DC8ACFA5-68A9-4A40-88C7-B7817A954038}] => (Allow) C:\Windows\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{EF0AF9BB-19D3-4D80-AE0F-5F1F26FD3619}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{45429B74-7C39-455F-8056-81289327C529}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{DCDEF21B-ABD6-43FB-ACAA-2CC62E34AFE9}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E10BBD03-3CA2-4BD8-85CB-0DBD63AC0C42}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
==================== Restore Points =========================
26-09-2019 16:08:22 Windows Update
30-09-2019 09:27:49 Windows Update
13-10-2019 09:07:10 Windows Update
22-10-2019 06:16:41 Windows Update
27-10-2019 15:21:43 Windows Update
31-10-2019 19:38:48 Windows Update
15-11-2019 08:02:19 Windows Update
25-11-2019 11:38:05 Windows Update
26-11-2019 10:24:14 Windows Update
26-11-2019 12:31:20 DriverPack 17.11.13
28-11-2019 23:22:03 Restore Point Created by FRST
==================== Faulty Device Manager Devices ============
Name: Autocom CDP+ USB
Description: Autocom CDP+ USB
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (11/29/2019 03:15:33 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (11/28/2019 11:34:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbam.exe, verze: 4.0.0.448, časové razítko: 0x5dd59030
Název chybujícího modulu: mbam.exe, verze: 4.0.0.448, časové razítko: 0x5dd59030
Kód výjimky: 0xc0000005
Posun chyby: 0x0019a1ce
ID chybujícího procesu: 0xe74
Čas spuštění chybující aplikace: 0x01d5a63bfa14f412
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
ID zprávy: 3bb9648b-122f-11ea-ba92-1c7508558ab8
Error: (11/28/2019 11:32:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamtray.exe, verze: 4.0.0.448, časové razítko: 0x5dd5901a
Název chybujícího modulu: Qt5Core.dll, verze: 5.13.2.0, časové razítko: 0x5dcd60b9
Kód výjimky: 0xc0000005
Posun chyby: 0x00198d49
ID chybujícího procesu: 0x948
Čas spuštění chybující aplikace: 0x01d5a63ae0498240
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID zprávy: eed61b85-122e-11ea-ba92-1c7508558ab8
Error: (11/28/2019 11:22:02 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {841b49aa-adb8-4558-a495-7a46339949fd}
Error: (11/28/2019 10:28:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbam.exe, verze: 4.0.0.448, časové razítko: 0x5dd59030
Název chybujícího modulu: Qt5Core.dll, verze: 5.13.2.0, časové razítko: 0x5dcd60b9
Kód výjimky: 0xc0000005
Posun chyby: 0x001b487e
ID chybujícího procesu: 0x17c4
Čas spuštění chybující aplikace: 0x01d5a632ca628ade
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID zprávy: 08c8c113-1226-11ea-a2ea-1c7508558ab8
Error: (11/28/2019 10:28:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbam.exe, verze: 4.0.0.448, časové razítko: 0x5dd59030
Název chybujícího modulu: Qt5Core.dll, verze: 5.13.2.0, časové razítko: 0x5dcd60b9
Kód výjimky: 0xc0000005
Posun chyby: 0x001b487e
ID chybujícího procesu: 0x17f0
Čas spuštění chybující aplikace: 0x01d5a632c2cea85a
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID zprávy: 02469ccf-1226-11ea-a2ea-1c7508558ab8
Error: (11/28/2019 10:25:46 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program g568A.tmp.exe.
Program: g568A.tmp.exe
Soubor:
Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.
Další údaje
Hodnota chyby: 00000000
Typ disku: 0
Error: (11/28/2019 10:25:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: g568A.tmp.exe, verze: 0.0.0.0, časové razítko: 0x5db8dac1
Název chybujícího modulu: g568A.tmp.exe, verze: 0.0.0.0, časové razítko: 0x5db8dac1
Kód výjimky: 0xc000001d
Posun chyby: 0x00000000000332fe
ID chybujícího procesu: 0xadc
Čas spuštění chybující aplikace: 0x01d5a63255dfb333
Cesta k chybující aplikaci: C:\Windows\TEMP\g568A.tmp.exe
Cesta k chybujícímu modulu: C:\Windows\TEMP\g568A.tmp.exe
ID zprávy: a39fe94d-1225-11ea-a2ea-1c7508558ab8
System errors:
=============
Error: (11/28/2019 11:36:47 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.305.2893.0
Zdroj aktualizace: Server Microsoft Update
Fáze aktualizace: Stahovat
Zdrojová cesta: http://www.microsoft.com
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Error: (11/28/2019 11:36:47 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware zjistil chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.305.2893.0
Zdroj aktualizace: Server Microsoft Update
Fáze aktualizace: Stahovat
Zdrojová cesta: http://www.microsoft.com
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Error: (11/28/2019 11:21:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (11/28/2019 11:21:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (11/28/2019 11:21:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (11/28/2019 11:21:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Malwarebytes Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/28/2019 10:17:18 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Služba DCOM zjistila chybu %%1084 = Tuto službu nelze spustit v nouzovém režimu. při pokusu o spuštění služby VSS s argumenty za účelem spuštění serveru:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
Error: (11/28/2019 07:24:45 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Služba DCOM zjistila chybu %%1068 = Nepodařilo se zahájit závislou službu nebo skupinu. při pokusu o spuštění služby BITS s argumenty za účelem spuštění serveru:
{4991D34B-80A1-4291-83B6-3328366B9097}
==================== Memory info ===========================
BIOS: LENOVO 18CN46WW(V2.55) 05/21/2010
Motherboard: LENOVO NITU1
Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
Percentage of memory in use: 87%
Total physical RAM: 3032.6 MB
Available physical RAM: 378.35 MB
Total Virtual: 6063.34 MB
Available Virtual: 3177.93 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:337.07 GB) NTFS
\\?\Volume{cfbaabf1-c3f5-11e9-b0c6-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: B40280FB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
- Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-11-2019 01
Ran by Veronika (administrator) on VERONIKA-PC (LENOVO 20023) (29-11-2019 08:43:54)
Running from C:\Users\Veronika\Desktop
Loaded Profiles: Veronika (Available Profiles: Veronika)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-966870082-2284507984-435399636-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-966870082-2284507984-435399636-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-966870082-2284507984-435399636-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [83524968 2019-11-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-25] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0D0CAA98-189C-43CC-8C61-6692A66695E5} - System32\Tasks\{E8B74DA1-6F67-48C6-8507-82F8BA07D1D9} => C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe [16544280 2019-11-27] (Malwarebytes Inc -> Malwarebytes)
Task: {211DADC8-BA36-437A-8D5E-A7A46BD89132} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {4826603D-CD07-41A2-B5B1-63593DC685E8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {60FB85AC-B768-4FD5-AFCB-E833938CD1DC} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A08CA1F1-EDF7-475D-B42F-E43C3C153425} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {ADE9E4EB-B17E-452E-A6DC-1D0F270D70A3} - System32\Tasks\SlimDrivers Scan => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [29877336 2018-07-09] (Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.)
Task: {EBFC38AE-BF5B-4ABE-BBFD-E3F91EC0CFD8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {FA9A9017-F87C-41D2-A392-4235B0E01DA1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\SlimDrivers Scan.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{0750AF29-670A-49B3-87A6-18EF5ACF4A94}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{C30AADCB-172C-4238-836F-0A5EB4CAD793}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Internet Explorer:
==================
HKU\S-1-5-21-966870082-2284507984-435399636-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/cs-cz/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-15] (Google Inc -> Google LLC)
Chrome:
=======
CHR Profile: C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default [2019-11-28]
CHR Extension: (Prezentace) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-21]
CHR Extension: (Dokumenty) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-21]
CHR Extension: (Disk Google) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-08-21]
CHR Extension: (YouTube) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-21]
CHR Extension: (Tabulky) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-08-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-13]
CHR Extension: (Gmail) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-21]
CHR Extension: (Chrome Media Router) - C:\Users\Veronika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-31]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 MBAMInstallerService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe [5217992 2019-11-27] (Malwarebytes Inc -> Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [53800 2018-11-21] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13920 2019-11-25] (SlimWare Utilities Inc. -> )
R3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [197376 2009-10-16] (Microsoft Windows Hardware Compatibility Publisher -> SMI)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-11-28 23:31 - 2019-11-28 23:31 - 000000000 ____D C:\Users\Veronika\AppData\Local\mbam
2019-11-28 23:31 - 2019-11-28 23:31 - 000000000 ____D C:\Users\Veronika\AppData\Local\cache
2019-11-28 23:25 - 2019-11-28 23:25 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-11-28 22:16 - 2019-11-29 08:44 - 000011658 _____ C:\Users\Veronika\Desktop\FRST.txt
2019-11-28 19:05 - 2019-11-28 19:20 - 000210310 _____ C:\TDSSKiller.3.1.0.28_28.11.2019_19.05.07_log.txt
2019-11-28 19:03 - 2019-11-28 19:05 - 000070042 _____ C:\Windows\ntbtlog.txt
2019-11-28 18:58 - 2019-11-28 18:58 - 000000000 ____D C:\Users\Veronika\AppData\Local\mbamtray
2019-11-28 04:55 - 2019-11-28 04:54 - 004962800 _____ C:\Users\Veronika\Desktop\tdsskiller.zip
2019-11-28 04:55 - 2019-04-09 19:14 - 005054744 _____ (AO Kaspersky Lab) C:\Users\Veronika\Desktop\TDSSKiller.exe
2019-11-28 04:54 - 2019-11-28 04:54 - 004962800 _____ C:\Users\Veronika\Downloads\tdsskiller.zip
2019-11-27 23:19 - 2019-11-27 23:20 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Veronika\Downloads\rkill (1).com
2019-11-27 23:19 - 2019-11-27 23:19 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Veronika\Downloads\rkill.com
2019-11-27 23:11 - 2019-11-27 23:14 - 054199488 _____ (Malwarebytes ) C:\Users\Veronika\Downloads\mb3-setup-consumer-3.0.5.1299.exe
2019-11-27 23:10 - 2019-11-27 23:10 - 000002980 _____ C:\Windows\system32\Tasks\{E8B74DA1-6F67-48C6-8507-82F8BA07D1D9}
2019-11-27 21:50 - 2019-11-27 21:50 - 000007369 _____ C:\Users\Veronika\Downloads\Addition.txt
2019-11-27 21:32 - 2019-11-29 08:44 - 000000000 ____D C:\FRST
2019-11-27 21:32 - 2019-11-27 21:50 - 000039037 _____ C:\Users\Veronika\Downloads\FRST.txt
2019-11-27 21:30 - 2019-11-27 21:31 - 002262016 _____ (Farbar) C:\Users\Veronika\Desktop\FRST64.exe
2019-11-27 21:25 - 2019-11-27 23:00 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-11-27 21:24 - 2019-11-28 23:36 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-11-27 21:22 - 2019-11-27 21:22 - 000000000 ____D C:\Program Files\Malwarebytes
2019-11-27 21:21 - 2019-11-27 21:22 - 001883976 _____ (Malwarebytes) C:\Users\Veronika\Downloads\MBSetup (1).exe
2019-11-26 12:20 - 2019-11-27 22:54 - 000000000 ____D C:\Program Files (x86)\MachinerData
2019-11-26 12:19 - 2019-11-28 19:01 - 000000000 ____D C:\Program Files (x86)\eCertification
2019-11-26 12:18 - 2019-11-26 12:18 - 005916484 _____ C:\Users\Veronika\Downloads\driver-autocom-cdp-usb_bd2e186.zip
2019-11-26 12:15 - 2019-11-26 12:15 - 013082576 _____ (TweakBit ) C:\Users\Veronika\Downloads\autocom_cdp_usb.exe
2019-11-26 09:58 - 2019-11-26 09:58 - 000001306 _____ C:\Users\Public\Desktop\Skype.lnk
2019-11-26 09:58 - 2019-11-26 09:58 - 000001306 _____ C:\ProgramData\Desktop\Skype.lnk
2019-11-26 09:58 - 2019-11-26 09:58 - 000000000 ____D C:\Users\Veronika\AppData\Roaming\Skype
2019-11-26 09:58 - 2019-11-26 09:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-11-25 18:49 - 2019-11-25 18:49 - 000000000 ____D C:\Program Files (x86)\Company
2019-11-25 18:33 - 2019-11-25 18:33 - 000000000 ____D C:\Program Files (x86)\Opura
2019-11-25 18:30 - 2019-11-26 12:04 - 000000000 ____D C:\Users\Veronika\AppData\Roaming\ActiveX
2019-11-15 14:23 - 2019-11-27 21:06 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-11-15 14:23 - 2019-11-15 14:23 - 000002820 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2019-11-15 14:23 - 2019-11-15 14:23 - 000000000 ____D C:\Program Files\CCleaner
2019-11-15 13:51 - 2019-11-15 13:51 - 000000000 ____D C:\Program Files\Common Files\Tencent
2019-11-15 13:49 - 2019-11-15 13:49 - 000000000 ____D C:\Program Files (x86)\Tencent
2019-11-15 13:45 - 2019-11-26 10:40 - 001560632 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-11-15 07:43 - 2019-11-15 13:48 - 000633144 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2019-11-15 07:43 - 2019-11-15 13:48 - 000545080 _____ (Microsoft Corporation) C:\Windows\system32\vcamp140.dll
2019-11-15 07:43 - 2019-11-15 13:48 - 000440120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140.dll
2019-11-15 07:43 - 2019-11-15 13:48 - 000400184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcamp140.dll
2019-11-15 07:43 - 2019-11-15 13:48 - 000395592 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2019-11-15 07:43 - 2019-11-15 13:48 - 000333632 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2019-11-15 07:43 - 2019-11-15 13:48 - 000267592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib140.dll
2019-11-15 07:43 - 2019-11-15 13:48 - 000244032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\concrt140.dll
2019-11-15 07:43 - 2019-11-15 13:48 - 000185144 _____ (Microsoft Corporation) C:\Windows\system32\vcomp140.dll
2019-11-15 07:43 - 2019-11-15 13:48 - 000138560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcomp140.dll
2019-11-15 07:43 - 2019-11-15 13:48 - 000087880 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2019-11-15 07:43 - 2019-11-15 13:48 - 000083792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140.dll
2019-11-15 07:42 - 2019-11-15 13:55 - 000000000 ____D C:\Users\Veronika\AppData\Roaming\Tencent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-11-29 08:02 - 2009-07-14 05:45 - 000014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-11-29 08:02 - 2009-07-14 05:45 - 000014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-11-28 23:37 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-11-28 23:23 - 2019-08-21 10:34 - 000000000 ____D C:\Users\Veronika
2019-11-28 23:23 - 2009-07-14 04:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-11-28 00:03 - 2019-08-21 10:37 - 000000000 ____D C:\Windows\system32\Tasks\Games
2019-11-27 22:51 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-11-27 20:10 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-11-26 12:42 - 2019-08-21 11:02 - 000000000 ____D C:\Program Files\CONEXANT
2019-11-26 12:39 - 2019-08-21 11:26 - 000000000 ____D C:\Windows\Panther
2019-11-26 12:08 - 2019-08-21 12:01 - 000000000 ____D C:\Windows\system32\MRT
2019-11-26 12:02 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-11-26 10:52 - 2019-08-21 12:01 - 127230528 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-11-26 10:48 - 2019-08-22 10:56 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2019-11-26 10:48 - 2009-07-14 03:34 - 000000581 _____ C:\Windows\win.ini
2019-11-26 10:40 - 2009-07-14 16:18 - 000669274 _____ C:\Windows\system32\perfh005.dat
2019-11-26 10:40 - 2009-07-14 16:18 - 000141342 _____ C:\Windows\system32\perfc005.dat
2019-11-26 10:40 - 2009-07-14 06:13 - 001560632 _____ C:\Windows\system32\PerfStringBackup.INI
2019-11-26 09:31 - 2019-08-21 12:04 - 000000000 ____D C:\Users\Veronika\Desktop\Honza
2019-11-25 13:09 - 2019-08-21 10:43 - 000013920 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2019-11-25 12:57 - 2009-07-14 06:09 - 000000000 ____D C:\Windows\system32\Tasks\WPD
2019-11-25 08:52 - 2019-08-21 11:11 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-25 08:52 - 2019-08-21 11:11 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-11-25 08:52 - 2019-08-21 11:11 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-11-25 07:21 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2019-11-20 19:18 - 2019-08-21 10:43 - 000000470 _____ C:\Windows\Tasks\SlimDrivers Scan.job
2019-11-15 16:00 - 2019-09-21 15:00 - 000000000 ____D C:\Users\Veronika\Documents\Stronghold Crusader
2019-11-15 13:37 - 2019-10-27 16:00 - 000000264 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2019-11-15 13:37 - 2019-10-27 16:00 - 000000000 ____D C:\ProgramData\Delphi
2019-11-15 13:36 - 2019-10-27 15:59 - 000000000 ____D C:\Users\Veronika\AppData\Roaming\Delphi
2019-11-15 07:43 - 2019-08-21 11:09 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-12 22:03 - 2019-08-21 10:52 - 000748816 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-10-31 19:19 - 2019-08-21 12:29 - 000000000 ____D C:\Users\Veronika\Desktop\Verča
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-11-29 00:30
==================== End of FRST.txt ========================
Otvor poznamkovy blok (Win+R -> notepad -> enter)
