VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=157739

Stránka 2 z 3

Re: Prosím o kontrolu logu

Napsal: 08 led 2021 12:02
od Peelie
Inak keď dám spustiť malwarebytes tool ako správca, píše počas toho downloading FIRST 64 ?? a potom to zlýha. Ako keby sa spúšťal tá utilita FIRST a pritom som stiahol malwarebytes tool.

Re: Prosím o kontrolu logu

Napsal: 08 led 2021 22:50
od Conder
Ano, zobrazi sa to pri spustani toho nastroja Malwarebytes Support Tool (mb-support-1.8.0.848.exe). Zobrazi sa nejaka chybova hlaska?

Re: Prosím o kontrolu logu

Napsal: 08 led 2021 23:29
od Peelie
Ano ta co som uviedol.

Re: Prosím o kontrolu logu

Napsal: 11 led 2021 00:06
od Conder
No a po zobrazeni nacitavania s hlaskou "Downloading FRST64.exe" nasleduje co? Aka chybova hlaska?

Re: Prosím o kontrolu logu

Napsal: 11 led 2021 09:57
od Peelie
We were unable to lunch sucssessfully. Please try again.

Re: Prosím o kontrolu logu

Napsal: 12 led 2021 22:10
od Conder
Spusti Windows v nudzovom rezime podla tohto navodu: https://support.microsoft.com/sk-sk/win ... e5e56fe234
V nudzovom rezime potom otvor Malwarebytes a skus spustit sken (podla predchadzajucich navodov)

Re: Prosím o kontrolu logu

Napsal: 13 led 2021 16:10
od Peelie
Posielam výsledok scanu. Podarilo sa spustiť Malwarebytes v núdzovom režime.


Malwarebytes
www.malwarebytes.com

-Podrobnosti denníka-
Dátum skenovania: 13. 1. 2021
Čas skenovania: 12:46
Súbor denníka: ec1b9843-5594-11eb-817d-000000000000.json

-Údaje o softvéri-
Verzia: 4.3.0.98
Verzia súčastí: 1.0.1130
Aktualizovať verziu balíka: 1.0.35675
Licencia: Skúšobná verzia

-Systémové informácie-
OS: Windows 7 Service Pack 1
Procesor: x64
Systém súborov: NTFS
Používateľ: Martin-PC\Martin

-Zhrnutie skenovania-
Typ skenovania: Vlastné skenovanie
Skenovanie bolo spustené: Manuálne
Výsledok: Dokončené
Preskenované objekty: 234726
Zistené hrozby: 2
Hrozby umiestnené do karantény: 2
Uplynulý čas: 3 h, 6 min, 30 s

-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Povolené
Heuristika: Povolené
PUP: Zistiť
PUM: Zistiť

-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)

Modul: 0
(Nezistili sa nijaké škodlivé položky)

Kľúč databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Hodnota databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)

Priečinok: 0
(Nezistili sa nijaké škodlivé položky)

Súbor: 2
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\SURFING PROTECTION\BROWERPROTECT\NP_ASC_PLUGIN.DLL, Umiestené do karantény, 8063, 396386, 1.0.35675, , ame, , 6EA3310070AEFD3E0CE2668DB3FF8BDE, F30FA5E2FE579AB6ADEFFA9C5B1C078FD3DF2DB32783D946D79AED632ABA9FD3
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\SURFING PROTECTION\BROWERPROTECT\ASCPLUGIN_PROTECTION.DLL, Umiestené do karantény, 8063, 396386, 1.0.35675, , ame, , EDF9D5A6EABD82C3A6C44651A3438532, CDC7102A463DC71CC7EEBF1C8FF84D09B09440EF6E011734844675B91A65DBBE

Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)

WMI: 0
(Nezistili sa nijaké škodlivé položky)


(end)

Re: Prosím o kontrolu logu

Napsal: 15 led 2021 21:12
od Conder
Pardon za zdrzanie. Poprosim o nove logy z FRST.

Re: Prosím o kontrolu logu

Napsal: 16 led 2021 09:57
od Peelie
To je v poriadku. Posielam logy.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-01-2021
Ran by Martin (administrator) on MARTIN-PC (16-01-2021 09:52:08)
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\Martin\AppData\Local\Temp\mwb7139.tmp\MBSTIPostRebootService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Seznam.cz, a.s. -> ) C:\Users\Martin\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Seznam.cz, a.s. -> ) C:\Users\Martin\AppData\Roaming\Seznam.cz\bin\szndesktop.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [seznam-listicka-distribuce] => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\Run: [Opera Browser Assistant] => C:\Users\Martin\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Martin\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Martin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2990E96C-8B06-42BE-AD4D-55D150BA7F10} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Martin => F:\1servis\PROGRAMS\Hard Disk Sentinel\HDSentinel.exe
Task: {4FCE8287-F99D-421F-A8BB-94F04C6C99A0} - System32\Tasks\Opera scheduled Autoupdate 1477133455 => C:\Program Files (x86)\Opera\launcher.exe
Task: {64196B48-0E0D-48F9-A169-4E22EEFA744C} - System32\Tasks\Opera scheduled Autoupdate 1588766768 => C:\Users\Martin\AppData\Local\Programs\Opera\launcher.exe [1583256 2021-01-05] (Opera Software AS -> Opera Software)
Task: {776464BC-99BD-4D1E-AB41-9CE8D2E4F386} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-07] (Google Inc -> Google Inc.)
Task: {AD9E773B-3189-4F77-9067-8AB3787B7FB0} - System32\Tasks\Opera scheduled Autoupdate 1497815344 => C:\Program Files (x86)\Opera\launcher.exe
Task: {B63BFCAD-865B-4F42-90A8-A24ABED387A7} - System32\Tasks\Opera scheduled assistant Autoupdate 1588766823 => C:\Users\Martin\AppData\Local\Programs\Opera\launcher.exe [1583256 2021-01-05] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Martin\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {B6FD9B73-770A-4ECA-9D64-9F036E29C6C1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {D037912B-7859-49BC-BFD0-C482F1CF161D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {D685FBD3-3F61-4B51-8098-F5939AE599DB} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Martin\AppData\Local\Temp\scoped_dir2744_29998\esetonlinescanner_sky.exe <==== ATTENTION
Task: {DA19EA11-F8FD-4C36-9BC5-C92AA6DBE2BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-07] (Google Inc -> Google Inc.)
Task: {DE09111B-73DD-4875-876D-C293F20E8F18} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Martin\AppData\Local\Temp\scoped_dir2744_29998\esetonlinescanner_sky.exe <==== ATTENTION
Task: {F96B2165-AA32-4349-B138-0B738423926C} - System32\Tasks\{F529C778-212F-4A4C-A435-C1F3B293A60A} => C:\Windows\system32\pcalua.exe -a C:\Windows\IsUninst.exe -c -f"d:\Thomb raider 3\Uninst.isu"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local: [ActivePolicy] SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{e8baf6a8-c7f7-43b9-aa58-2a9ac8e1b6e2} <==== ATTENTION (Restriction - IP)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0B2F2584-F723-4A83-BF46-B8559A5CFF4A}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8822FF15-14BC-4210-83C2-B21BB7BFC82D}: [DhcpNameServer] 192.168.0.2 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{B5844788-BED4-4849-99BF-940E9B612EC4}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF DefaultProfile: ef26py92.default
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ii5mfmc2.default [2021-01-13]
FF Homepage: Mozilla\SeaMonkey\Profiles\ii5mfmc2.default -> www.google.com
FF NewTab: Mozilla\SeaMonkey\Profiles\ii5mfmc2.default -> about:newtab
FF Extension: (DOM Inspector) - C:\Users\Martin\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ii5mfmc2.default\Extensions\inspector@mozilla.org [2016-09-22] [Legacy]
FF Extension: (ChatZilla) - C:\Users\Martin\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ii5mfmc2.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2015-09-30] [Legacy]
FF Extension: (NoScript) - C:\Users\Martin\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ii5mfmc2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-09-23] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Martin\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ii5mfmc2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-08] [Legacy]
FF Extension: (JavaScript Debugger) - C:\Users\Martin\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ii5mfmc2.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2016-09-22] [Legacy]
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\hziuv0tv.default-release-1597237312874 [2021-01-13]
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ef26py92.default [2021-01-13]
FF Extension: (MEGA) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ef26py92.default\Extensions\firefox@mega.co.nz.xpi [2020-05-01] [UpdateUrl:hxxps://mega.nz/firefox-web-extension-updates.json]
FF Extension: (Seznam doplněk - Esko) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ef26py92.default\Extensions\sko-extension@firma.seznam.cz.xpi [2018-12-05]
FF Extension: (Popup Blocker Ultimate) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ef26py92.default\Extensions\{60B7679C-BED9-11E5-998D-8526BB8E7F8B}.xpi [2020-03-09]
FF Extension: (Seznam doplněk - Email) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ef26py92.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2018-12-05]
FF Extension: (No Name) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ef26py92.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\a8zub8k1.default [2021-01-13]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Martin\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> D:\Adobe\Reader\AIR\nppdf32.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default [2021-01-13]
CHR Extension: (Dokumenty) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-27]
CHR Extension: (Disk Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-27]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-27]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-01]
CHR Extension: (Ace Script) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2019-02-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-09-01]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-09-01]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-02]
CHR HKU\S-1-5-21-515885200-768628804-3900138106-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]

Opera:
=======
OPR Extension: (AdBlock) - C:\Users\Martin\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2020-04-28]
OPR Extension: (Rich Hints Agent) - C:\Users\Martin\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-10-23]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42096 2016-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.)
R2 MBSTIPostRebootService; C:\Users\Martin\AppData\Local\Temp\mwb7139.tmp\MBSTIPostRebootService.exe [4089456 2021-01-08] (Malwarebytes Inc -> Malwarebytes) <==== ATTENTION
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S2 luminati_net_updater_win_hola_org; "C:/Program Files/Hola/app/net_updater64.exe" --updater win_hola.org [X]
S2 MBAMService; "D:\MB\MBAMService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2012-04-22] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 athur; C:\Windows\System32\DRIVERS\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [197240 2017-12-03] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2021-01-13] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220160 2021-01-13] (Malwarebytes Inc -> Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77496 2021-01-13] (Malwarebytes Inc -> Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2021-01-13] (Malwarebytes Inc -> Malwarebytes)
S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [127088 2021-01-13] (Malwarebytes Inc -> Malwarebytes)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0121.sys [38432 2016-09-18] (SoftEther Corporation -> SoftEther Corporation)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [7947096 2019-01-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S1 staport; C:\Windows\System32\Drivers\staport.sys [44568 2021-01-03] (AVAST Software s.r.o. -> )
S3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2015-08-10] (TunnelBear, Inc. -> The OpenVPN Project)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-06-28] (AnchorFree Inc -> Anchorfree Inc.)
U5 UnlockerDriver5; D:\Nový priečinok\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2016-10-13] (Wondershare Software Co., Ltd. -> Wondershare)
U3 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-16 09:52 - 2021-01-16 09:53 - 000015922 _____ C:\Users\Martin\Desktop\FRST.txt
2021-01-16 09:51 - 2021-01-16 09:52 - 000000000 ____D C:\FRST
2021-01-16 09:50 - 2021-01-16 09:50 - 002281472 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2021-01-14 10:27 - 2021-01-14 10:27 - 032047467 _____ C:\Users\Martin\Downloads\UNCUT - march.pdf
2021-01-13 15:57 - 2021-01-13 15:59 - 000000000 ____D C:\Users\Martin\AppData\LocalLow\IGDump
2021-01-13 15:57 - 2021-01-13 15:57 - 000220160 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-01-13 15:57 - 2021-01-13 15:57 - 000127088 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2021-01-13 15:57 - 2021-01-13 15:57 - 000077496 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2021-01-11 13:44 - 2021-01-13 12:45 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-01-11 13:43 - 2021-01-13 12:40 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-01-11 13:43 - 2021-01-11 13:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-08 11:27 - 2021-01-08 11:27 - 000000000 ____D C:\Users\Martin\AppData\Local\mbam
2021-01-05 11:10 - 2021-01-05 11:10 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-01-05 10:59 - 2021-01-16 09:49 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Seznam.cz
2021-01-05 10:59 - 2021-01-08 11:12 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-01-05 10:59 - 2021-01-05 10:59 - 000001530 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2021-01-05 10:59 - 2021-01-05 10:59 - 000001530 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk
2021-01-05 10:57 - 2021-01-05 10:58 - 062087952 _____ C:\Users\Martin\Downloads\AcroRdrDC1500720033_cs_CZ.exe
2021-01-03 10:48 - 2021-01-03 10:01 - 000585330 _____ C:\Users\Martin\Documents\TDSSKiller.3.1.0.28_03.01.2021_09.56.41_log.txt
2021-01-03 09:41 - 2021-01-03 09:44 - 000000000 ____D C:\Program Files (x86)\GUM144B.tmp
2020-12-31 15:11 - 2020-12-31 15:12 - 006922240 _____ C:\Program Files (x86)\GUT6C89.tmp
2020-12-31 15:11 - 2020-12-31 15:11 - 000000000 ____D C:\Program Files (x86)\GUM6C78.tmp
2020-12-31 15:09 - 2021-01-03 09:39 - 000044568 _____ () C:\Windows\system32\Drivers\staport.sys
2020-12-31 15:06 - 2020-12-31 15:06 - 000000000 ____D C:\Users\Public\Security Sessions
2020-12-31 14:46 - 2020-12-31 14:46 - 000000000 ____D C:\Users\Martin\AppData\Local\Avira
2020-12-30 17:46 - 2020-12-30 17:51 - 000000000 ____D C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb
2020-12-18 15:35 - 2020-12-18 16:17 - 000000000 ____D C:\Users\Martin\AppData\Local\Maxthon

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-16 09:51 - 2009-07-14 05:45 - 000021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-01-16 09:51 - 2009-07-14 05:45 - 000021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-01-16 09:49 - 2009-07-14 06:13 - 000785302 _____ C:\Windows\system32\PerfStringBackup.INI
2021-01-16 09:49 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2021-01-16 09:44 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-01-13 16:00 - 2020-08-12 14:01 - 000000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2021-01-13 12:40 - 2020-07-30 08:47 - 000000522 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-13 10:41 - 2014-08-24 11:31 - 000000000 ____D C:\Users\Martin\AppData\Local\ElevatedDiagnostics
2021-01-08 13:05 - 2020-05-06 13:06 - 000004084 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1588766768
2021-01-05 10:53 - 2014-07-30 18:56 - 000000000 ____D C:\ProgramData\Adobe
2021-01-03 14:11 - 2020-05-06 13:07 - 000004308 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1588766823
2021-01-03 14:11 - 2019-07-21 10:54 - 000003782 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2021-01-03 14:11 - 2019-07-21 10:54 - 000003342 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2021-01-03 14:11 - 2017-06-18 20:49 - 000003860 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1497815344
2021-01-03 14:11 - 2016-11-07 16:20 - 000003370 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-03 14:11 - 2016-11-07 16:20 - 000003242 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-03 14:11 - 2016-10-22 11:50 - 000003836 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1477133455
2021-01-03 14:11 - 2015-01-08 22:31 - 000003116 _____ C:\Windows\system32\Tasks\{F529C778-212F-4A4C-A435-C1F3B293A60A}
2021-01-03 09:44 - 2015-01-27 12:23 - 000000000 ____D C:\Program Files (x86)\Google
2020-12-31 15:13 - 2015-09-03 09:08 - 000413936 _____ C:\Windows\system32\FNTCACHE.DAT
2020-12-31 15:06 - 2015-12-11 18:15 - 000000000 ____D C:\ProgramData\Package Cache
2020-12-31 15:05 - 2018-09-04 13:28 - 000000000 ____D C:\Windows\system32\Tasks\Avira
2020-12-31 14:51 - 2015-09-03 09:10 - 000108008 _____ C:\Users\Martin\AppData\Local\GDIPFONTCACHEV1.DAT
2020-12-31 14:39 - 2014-07-28 18:02 - 000767122 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2020-12-31 12:44 - 2014-11-01 16:21 - 000000000 ____D C:\Windows\Minidump
2020-12-28 13:31 - 2020-12-14 17:28 - 000000000 ____D C:\Users\Martin\AppData\Local\vback
2020-12-27 10:50 - 2014-07-29 12:15 - 000000000 ____D C:\Windows\system32\Macromed
2020-12-27 10:49 - 2014-07-29 12:15 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-12-22 13:16 - 2014-11-20 19:21 - 000000193 _____ C:\Windows\WORDPAD.INI
2020-12-20 11:45 - 2020-03-18 13:28 - 000000000 ____D C:\Users\Martin\AppData\Local\TP-Link

==================== Files in the root of some directories ========

2020-12-31 15:11 - 2020-12-31 15:12 - 006922240 _____ () C:\Program Files (x86)\GUT6C89.tmp
2014-05-08 05:05 - 2014-05-08 05:05 - 000000524 _____ () C:\Users\Martin\AppData\Roaming\159 dk orange bl 4.ADO
2015-02-12 06:07 - 2015-02-12 06:07 - 000000213 _____ () C:\Users\Martin\AppData\Roaming\3BSYBS1_DDVW_ErrLog.txt
2013-10-02 03:55 - 2013-10-02 03:55 - 000000940 _____ () C:\Users\Martin\AppData\Roaming\admon.graphics.extension.xml
2014-05-08 06:44 - 2014-05-08 06:44 - 000003523 _____ () C:\Users\Martin\AppData\Roaming\Adobe-Japan1-0
2013-10-02 03:54 - 2013-10-02 03:54 - 000000453 _____ () C:\Users\Martin\AppData\Roaming\Aqtau
2013-10-02 03:54 - 2013-10-02 03:54 - 000000065 _____ () C:\Users\Martin\AppData\Roaming\Bangui
2014-05-08 05:05 - 2014-05-08 05:05 - 000000524 _____ () C:\Users\Martin\AppData\Roaming\BMC blue 4.ADO
2010-07-19 22:16 - 2010-07-19 22:16 - 000004751 _____ () C:\Users\Martin\AppData\Roaming\b_no.jpg
2013-10-02 03:54 - 2013-10-02 03:54 - 000000549 _____ () C:\Users\Martin\AppData\Roaming\Catamarca
2013-10-02 03:55 - 2013-10-02 03:55 - 000001978 _____ () C:\Users\Martin\AppData\Roaming\caution.tif
2014-05-08 06:44 - 2014-05-08 06:44 - 000002828 _____ () C:\Users\Martin\AppData\Roaming\CNS2-V
2013-10-02 03:56 - 2013-10-02 03:56 - 000001266 _____ () C:\Users\Martin\AppData\Roaming\compact.list.item.spacing.xml
2014-05-08 05:05 - 2014-05-08 05:05 - 000000524 _____ () C:\Users\Martin\AppData\Roaming\Cool Gray 9 bl 4.ADO
2015-05-20 02:28 - 2015-05-20 02:28 - 000002176 _____ () C:\Users\Martin\AppData\Roaming\C_Enabled.png
2011-03-21 17:48 - 2011-03-21 17:48 - 000000512 _____ () C:\Users\Martin\AppData\Roaming\data2.cab
2013-10-02 03:55 - 2013-10-02 03:55 - 000002654 _____ () C:\Users\Martin\AppData\Roaming\dbtoepub
2013-10-02 03:56 - 2013-10-02 03:56 - 000001013 _____ () C:\Users\Martin\AppData\Roaming\double.sided.xml
2015-05-20 02:28 - 2015-05-20 02:28 - 000004817 _____ () C:\Users\Martin\AppData\Roaming\dsc_checkup_tile.png
2015-05-20 02:28 - 2015-05-20 02:28 - 000004997 _____ () C:\Users\Martin\AppData\Roaming\dsc_drivers_tile.png
2014-05-08 06:44 - 2014-05-08 06:44 - 000002862 _____ () C:\Users\Martin\AppData\Roaming\dut1995phon.env
2015-05-20 02:28 - 2015-05-20 02:28 - 000004279 _____ () C:\Users\Martin\AppData\Roaming\dxdiag.png
2007-01-16 01:00 - 2007-01-16 01:00 - 000003294 _____ () C:\Users\Martin\AppData\Roaming\Extravagancy.Y
2015-05-20 02:28 - 2015-05-20 02:28 - 000001592 _____ () C:\Users\Martin\AppData\Roaming\forward32.png
2013-10-02 03:54 - 2013-10-02 03:54 - 000001676 _____ () C:\Users\Martin\AppData\Roaming\Gibraltar
2013-10-02 03:56 - 2013-10-02 03:56 - 000005030 _____ () C:\Users\Martin\AppData\Roaming\graphics.xsl
2014-05-08 06:44 - 2014-05-08 06:44 - 000000672 _____ () C:\Users\Martin\AppData\Roaming\gre.fca
2013-10-02 03:54 - 2013-10-02 03:54 - 000000137 _____ () C:\Users\Martin\AppData\Roaming\Guatemala
2015-05-20 02:28 - 2015-05-20 02:28 - 000003291 _____ () C:\Users\Martin\AppData\Roaming\history_report_gray.png
2013-10-02 03:56 - 2013-10-02 03:56 - 000000941 _____ () C:\Users\Martin\AppData\Roaming\htmlhelp.autolabel.xml
2013-10-02 03:56 - 2013-10-02 03:56 - 000000963 _____ () C:\Users\Martin\AppData\Roaming\ignore.image.scaling.xml
2015-05-20 02:28 - 2015-05-20 02:28 - 000002116 _____ () C:\Users\Martin\AppData\Roaming\internetProperties.png
1987-02-02 01:00 - 1987-02-02 01:00 - 000046203 _____ () C:\Users\Martin\AppData\Roaming\Introvert.j6a
2013-10-02 03:56 - 2013-10-02 03:56 - 000001015 _____ () C:\Users\Martin\AppData\Roaming\javahelp.encoding.xml
2015-05-20 02:28 - 2015-05-20 02:28 - 000004676 _____ () C:\Users\Martin\AppData\Roaming\lid_closure.png
2014-05-08 05:05 - 2014-05-08 05:05 - 000000117 _____ () C:\Users\Martin\AppData\Roaming\More Saturated.hdt
2013-10-02 03:54 - 2013-10-02 03:54 - 000000097 _____ () C:\Users\Martin\AppData\Roaming\Nairobi
2013-10-02 03:56 - 2013-10-02 03:56 - 000001093 _____ () C:\Users\Martin\AppData\Roaming\navig.graphics.xml
2015-05-20 02:28 - 2015-05-20 02:28 - 000001519 _____ () C:\Users\Martin\AppData\Roaming\not_applicable_2.png
2015-05-20 02:28 - 2015-05-20 02:28 - 000001315 _____ () C:\Users\Martin\AppData\Roaming\pcdrfingerprintreader.p5m
2015-05-20 02:28 - 2015-05-20 02:28 - 000000781 _____ () C:\Users\Martin\AppData\Roaming\phone.png
2014-05-08 05:08 - 2014-05-08 05:08 - 000001433 _____ () C:\Users\Martin\AppData\Roaming\Plastic - Violet Purple, Strong & Flexible.3PP
2014-05-08 06:44 - 2014-05-08 06:44 - 000000972 _____ () C:\Users\Martin\AppData\Roaming\pol.fca
2013-10-02 03:55 - 2013-10-02 03:55 - 000001597 _____ () C:\Users\Martin\AppData\Roaming\projectteam.xml
2013-10-02 03:56 - 2013-10-02 03:56 - 000001085 _____ () C:\Users\Martin\AppData\Roaming\qanda.inherit.numeration.xml
2015-05-20 02:28 - 2015-05-20 02:28 - 000004156 _____ () C:\Users\Martin\AppData\Roaming\quick-test.png
2014-05-08 06:44 - 2014-05-08 06:44 - 000000889 _____ () C:\Users\Martin\AppData\Roaming\README_gu.txt
2014-05-08 06:44 - 2014-05-08 06:44 - 000001614 _____ () C:\Users\Martin\AppData\Roaming\s29.png
2015-05-20 02:28 - 2015-05-20 02:28 - 000003676 _____ () C:\Users\Martin\AppData\Roaming\save.png
2013-10-02 03:56 - 2013-10-02 03:56 - 000000883 _____ () C:\Users\Martin\AppData\Roaming\section.autolabel.xml
2013-10-02 03:56 - 2013-10-02 03:56 - 000001102 _____ () C:\Users\Martin\AppData\Roaming\section.title.level5.properties.xml
2015-05-20 02:28 - 2015-05-20 02:28 - 000001421 _____ () C:\Users\Martin\AppData\Roaming\security.png
2015-05-20 02:28 - 2015-05-20 02:28 - 000002649 _____ () C:\Users\Martin\AppData\Roaming\sysinfopage_forfile.css
2015-05-20 02:14 - 2015-05-20 02:14 - 000000110 _____ () C:\Users\Martin\AppData\Roaming\tweakChkDsk_ar.p5p
2015-05-20 02:14 - 2015-05-20 02:14 - 000000095 _____ () C:\Users\Martin\AppData\Roaming\tweakChkDsk_it.p5p
2015-05-20 02:14 - 2015-05-20 02:14 - 000000112 _____ () C:\Users\Martin\AppData\Roaming\tweakChkDsk_nl.p5p
2015-05-20 02:14 - 2015-05-20 02:14 - 000001728 _____ () C:\Users\Martin\AppData\Roaming\tweakNetworkingManual_ko.p5p
2013-10-02 03:56 - 2013-10-02 03:56 - 000001323 _____ () C:\Users\Martin\AppData\Roaming\ulink.show.xml
2015-05-20 02:28 - 2015-05-20 02:28 - 000001543 _____ () C:\Users\Martin\AppData\Roaming\user_attention.png
2017-10-17 20:40 - 2017-10-17 20:40 - 000009029 _____ () C:\Users\Martin\AppData\Local\recently-used.xbel
2015-06-16 16:54 - 2015-06-16 16:54 - 000000000 _____ () C:\Users\Martin\AppData\Local\Temp.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-01-13 11:44
==================== End of FRST.txt ========================














==================== Accounts: =============================

Administrator (S-1-5-21-515885200-768628804-3900138106-500 - Administrator - Disabled)
Guest (S-1-5-21-515885200-768628804-3900138106-501 - Limited - Disabled)
Martin (S-1-5-21-515885200-768628804-3900138106-1000 - Administrator - Enabled) => C:\Users\Martin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F37078EA-4B6A-1D6F-6FED-3EDF2117B42C}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.35.1 - Asmedia Technology)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: - )
Indeo® Software (HKLM-x32\...\Indeo® Software) (Version: - )
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MotoGP URT 3 (HKLM-x32\...\MotoGP URT 3_is1) (Version: - THQ)
Opera Stable 73.0.3856.329 (HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\Opera 73.0.3856.329) (Version: 73.0.3856.329 - Opera Software)
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Quake II (HKLM-x32\...\Quake2UninstallKey) (Version: - )
Seznam Software (HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\SeznamInstall) (Version: 2.1.35 - Seznam.cz)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tomb Raider III (HKLM-x32\...\Tomb Raider III) (Version: - )
TP-Link Archer T2U Plus Driver (HKLM-x32\...\{D646A985-33A6-4D98-973F-44CC267BD834}) (Version: 2.1.0 - TP-Link)
TP-LINK Wireless Client Utility (HKLM-x32\...\{7A2A107B-9695-423F-9462-8F17C178BD35}) (Version: 7.0 - TP-LINK)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [.Akclap5962] -> {8a9b264c-eb61-4135-a455-0f6767c09462} => C:\Users\Martin\AppData\Roaming\kclap5962\kclap5962.dll [2016-07-08] (BEIJING KUWO TECHNOLOGY CO.,LTD. -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers2: [duba_64bit] -> {DDEA5705-1BB0-4C03-AC1E-8FF9716A0D51} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\MB\mbshlext.dll -> No File
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => D:\Nový priečinok\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [duba_64bit] -> {DDEA5705-1BB0-4C03-AC1E-8FF9716A0D51} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-07-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\MB\mbshlext.dll -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => D:\Nový priečinok\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.yvu9] => C:\Windows\SysWOW64\iyvu9_32.dll [56320 2000-06-22] () [File not signed]
HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-14] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [msacm.iac2] => C:\Windows\SysWOW64\iac25_32.ax [197632 2009-07-14] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [vidc.iv41] => C:\Windows\SysWOW64\ir41_32.ax [839680 2009-07-14] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [vidc.iv31] => C:\Windows\SysWOW64\ir32_32.dll [197632 2009-07-14] (Microsoft Windows -> Intel(R) Corporation)
HKLM\...\Drivers32: [vidc.iv32] => C:\Windows\SysWOW64\ir32_32.dll [197632 2009-07-14] (Microsoft Windows -> Intel(R) Corporation)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2015-07-28 21:45 - 2015-07-28 21:45 - 000127488 _____ () [File not signed] C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [127]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\19294763.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\46505285.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\69658559.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dump_61A1F6F0.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\19294763.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\46505285.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\69658559.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dump_61A1F6F0.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-515885200-768628804-3900138106-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-515885200-768628804-3900138106-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxps://www.msn.com/en-xl/?ocid=iehp
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-515885200-768628804-3900138106-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-515885200-768628804-3900138106-1000 -> {A8A2381B-85B6-4030-B763-863A4F470EAD} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-11-07] (Google Inc -> Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-11-07] (Google Inc -> Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-11-07] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-11-07] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-515885200-768628804-3900138106-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-11-07] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2018-10-25 09:56 - 000000128 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.0 www.mefeedia.com
0.0.0.0 www.mefeedia.com
0.0.0.0 delivery.anchorfree.us/land.php

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-515885200-768628804-3900138106-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: Avira SystrayStartTrigger => "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
MSCONFIG\startupreg: iSkysoft Helper Compact.exe => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
MSCONFIG\startupreg: Spotify => C:\Users\Martin\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Martin\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: TIDAL => C:\Users\Martin\AppData\Local\TIDAL\update.exe --processStart TIDAL.exe --process-start-args " -autostart -minimized"
MSCONFIG\startupreg: Vivaldi Update Notifier => "D:\zde\html\vivaldi\Application\update_notifier.exe"
MSCONFIG\startupreg: ZPNConnect => C:\Program Files (x86)\ZPN Connect\ZpnCli.exe

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{646DCD8D-DF44-49C1-8F8E-C9FF2902413E}] => (Allow) D:\PROGRAMY\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A2AD1C24-3EE8-4850-8E35-DFBB4C259DAA}] => (Allow) D:\PROGRAMY\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D7B9C5CE-4AC8-48C1-BD71-B357B8BF3E5F}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [File not signed]
FirewallRules: [{9A8EE00C-D15B-4081-98BC-A1B3116BD335}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [File not signed]
FirewallRules: [{E15D46E9-0EA6-489E-9917-B27393EA56A1}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Tomb Raider Legend\trl.exe (Eidos Inc.) [File not signed]
FirewallRules: [{B12F4E68-0197-4558-B750-D4D26A9EAC50}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Tomb Raider Legend\trl.exe (Eidos Inc.) [File not signed]
FirewallRules: [TCP Query User{C5EB449F-BED4-49D4-8CE4-ADA02F25B1F3}C:\users\martin\appdata\roaming\xmusicupdate\xmusicserver.exe] => (Allow) C:\users\martin\appdata\roaming\xmusicupdate\xmusicserver.exe (杭州缪斯客网络科技有限公司 -> xiami)
FirewallRules: [UDP Query User{E20D8B8E-7B76-46C2-9AC2-8FCEA7D0CA8B}C:\users\martin\appdata\roaming\xmusicupdate\xmusicserver.exe] => (Allow) C:\users\martin\appdata\roaming\xmusicupdate\xmusicserver.exe (杭州缪斯客网络科技有限公司 -> xiami)
FirewallRules: [TCP Query User{916542B8-37B2-4B45-8060-109345C8D7D2}D:\motogp urt 3\motogp.exe] => (Allow) D:\motogp urt 3\motogp.exe () [File not signed]
FirewallRules: [UDP Query User{94383437-B0C7-46BF-8400-48F5FAA98512}D:\motogp urt 3\motogp.exe] => (Allow) D:\motogp urt 3\motogp.exe () [File not signed]
FirewallRules: [{4340AC80-268D-4F82-98E3-E4FE4E6330BE}] => (Allow) LPort=58172
FirewallRules: [{7F90DB53-54DC-467F-B390-D2E4D32DC869}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{50D55F4D-4E3B-41B2-A715-3ECA3D36AE4A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9FE49B77-DD32-436C-BCF3-3F2E7A138D35}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{156B5BE0-89CD-4A0C-9D50-93A6ABE80ADF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FC1D952F-5E1F-4A2D-8A00-7F2DAB0A4362}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Quake\Winquake.exe () [File not signed]
FirewallRules: [{18D07B99-F756-477C-A3F8-9A0E0671E1AE}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Quake\Winquake.exe () [File not signed]
FirewallRules: [{E4DE097F-E158-4E61-AF35-6722290BF174}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Quake\qwcl.exe () [File not signed]
FirewallRules: [{528A0558-DB36-443A-970A-4BE62F812E2F}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Quake\qwcl.exe () [File not signed]
FirewallRules: [{96BD2439-CF1D-4FFD-A2D3-2C51B89B4E94}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Quake\Glquake.exe () [File not signed]
FirewallRules: [{B587AAA2-75F6-4894-800A-E35868546DD4}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Quake\Glquake.exe () [File not signed]
FirewallRules: [{EA984656-E4B7-4B8B-898D-9986FA114EFB}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Quake\glqwcl.exe () [File not signed]
FirewallRules: [{9FD3D1A5-524A-4C0F-9EF3-ECB25CE0FD4F}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Quake\glqwcl.exe () [File not signed]
FirewallRules: [{48884CF9-C9F6-4B7B-9618-519346195568}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Doom 3\Doom3.exe (id Software) [File not signed]
FirewallRules: [{567B0639-D3DD-4FFE-A048-2B77CADBD5F6}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Doom 3\Doom3.exe (id Software) [File not signed]
FirewallRules: [{DFBD8EE5-F740-42B6-A2AB-6A21270C36C0}] => (Allow) D:\PROGRAMY\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{27B11473-F9D8-410F-9C78-6F50A32938CD}] => (Allow) D:\PROGRAMY\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{77265782-1673-4971-9015-3242B795AFD4}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Tomb Raider (IV) The Last Revelation\tomb4.exe () [File not signed]
FirewallRules: [{1378041D-0AAC-4736-9316-F58DB6F5D296}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Tomb Raider (IV) The Last Revelation\tomb4.exe () [File not signed]
FirewallRules: [{3343048D-CB83-403B-9590-C86A67F302B0}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Ultimate Doom\base\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{DDC707A2-7CCE-45D4-AC71-4CED9833256E}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Ultimate Doom\base\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{5B93A129-36D2-44F2-ADDD-B66A0A4E4028}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Portal\hl2.exe (Valve -> )
FirewallRules: [{5B1E9D5E-BAE6-48F2-A668-38CBDD0A3F61}] => (Allow) D:\PROGRAMY\Steam\steamapps\common\Portal\hl2.exe (Valve -> )
FirewallRules: [TCP Query User{A8186A9F-348F-41F8-9193-C1E00E438A16}D:\motogp urt 3\motogp.exe] => (Block) D:\motogp urt 3\motogp.exe () [File not signed]
FirewallRules: [UDP Query User{E285566E-D64D-4500-885E-74FDD1149332}D:\motogp urt 3\motogp.exe] => (Block) D:\motogp urt 3\motogp.exe () [File not signed]
FirewallRules: [{0EAC026A-F042-4768-8CBF-FD0B8DF8E2DD}] => (Allow) C:\Users\Martin\AppData\Local\Programs\Opera\73.0.3856.284\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{21258AE2-A1A4-4465-838F-9C3F99363929}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{98C156FD-A928-4EF3-BCF6-07C6AD0666EA}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{DFA12FF2-AE78-4B11-AF59-446F287F445F}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{9573238F-0E31-4266-ABD6-56398490E6F4}] => (Allow) C:\Users\Martin\AppData\Local\Programs\Opera\73.0.3856.329\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

13-08-2020 12:07:50 Plánovaný kontrolný bod
20-08-2020 13:52:05 Plánovaný kontrolný bod
27-08-2020 15:15:13 Plánovaný kontrolný bod
05-09-2020 10:02:38 Plánovaný kontrolný bod
13-09-2020 13:17:40 Plánovaný kontrolný bod
21-09-2020 13:23:00 Plánovaný kontrolný bod
29-09-2020 14:23:08 Plánovaný kontrolný bod
11-10-2020 12:57:07 Plánovaný kontrolný bod
20-10-2020 14:18:00 Plánovaný kontrolný bod
28-10-2020 11:09:22 Plánovaný kontrolný bod
07-11-2020 16:15:50 Plánovaný kontrolný bod
15-11-2020 14:03:14 Plánovaný kontrolný bod
31-12-2020 14:41:30 Inštalátor modulov systému Windows
31-12-2020 15:06:42 Removed Avira Home Guard
31-12-2020 15:26:16 Removed Adobe Acrobat Reader DC - Slovak.
05-01-2021 10:41:10 Installed Adobe Reader XI - Slovak.
05-01-2021 10:53:35 Removed Adobe Reader XI - Slovak.
05-01-2021 10:59:01 Installed Adobe Acrobat Reader DC - Czech.
13-01-2021 11:52:17 Plánovaný kontrolný bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/16/2021 09:53:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab> s chybou: Pri spracovaní reťazca certifikátov sa reťazec ukončil pri koreňovom certifikáte, pretože dôveryhodný poskytovateľ ho nepovažuje za dôveryhodný.
.

Error: (01/16/2021 09:53:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab> s chybou: Pri spracovaní reťazca certifikátov sa reťazec ukončil pri koreňovom certifikáte, pretože dôveryhodný poskytovateľ ho nepovažuje za dôveryhodný.
.

Error: (01/16/2021 09:53:12 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab> s chybou: Pri spracovaní reťazca certifikátov sa reťazec ukončil pri koreňovom certifikáte, pretože dôveryhodný poskytovateľ ho nepovažuje za dôveryhodný.
.

Error: (01/16/2021 09:53:12 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab> s chybou: Pri spracovaní reťazca certifikátov sa reťazec ukončil pri koreňovom certifikáte, pretože dôveryhodný poskytovateľ ho nepovažuje za dôveryhodný.
.

Error: (01/16/2021 09:53:12 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab> s chybou: Pri spracovaní reťazca certifikátov sa reťazec ukončil pri koreňovom certifikáte, pretože dôveryhodný poskytovateľ ho nepovažuje za dôveryhodný.
.

Error: (01/16/2021 09:53:12 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab> s chybou: Pri spracovaní reťazca certifikátov sa reťazec ukončil pri koreňovom certifikáte, pretože dôveryhodný poskytovateľ ho nepovažuje za dôveryhodný.
.

Error: (01/16/2021 09:53:12 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab> s chybou: Pri spracovaní reťazca certifikátov sa reťazec ukončil pri koreňovom certifikáte, pretože dôveryhodný poskytovateľ ho nepovažuje za dôveryhodný.
.

Error: (01/16/2021 09:53:10 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab> s chybou: Pri spracovaní reťazca certifikátov sa reťazec ukončil pri koreňovom certifikáte, pretože dôveryhodný poskytovateľ ho nepovažuje za dôveryhodný.
.


System errors:
=============
Error: (01/16/2021 09:44:36 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (01/16/2021 09:44:33 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (01/16/2021 09:44:32 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (01/16/2021 09:44:26 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (01/16/2021 09:44:26 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
staport

Error: (01/16/2021 09:44:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Malwarebytes Service zlyhalo kvôli nasledujúcej chybe:
Systém nemôže nájsť zadaný súbor.

Error: (01/16/2021 09:44:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Luminati Net Updater (win_hola.org) zlyhalo kvôli nasledujúcej chybe:
Systém nemôže nájsť zadaný súbor.

Error: (01/16/2021 09:44:19 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa nepodarilo spustiť.

Cesta k modulu: C:\Windows\system32\athExt.dll
Kód chyby: 126


Windows Defender:
===================================
Date: 2018-09-06 11:08:41.156
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{AE98B6B0-B283-436D-B583-8F2BFBCEDAF1}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2018-09-06 11:08:37.365
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{7078D724-96C6-46FD-A887-ACE1D1591977}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2018-09-06 11:07:54.903
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{3B58ABC9-4977-4189-B41B-3D214B4BA97C}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

CodeIntegrity:
===================================

Date: 2021-01-16 09:53:32.908
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2021-01-16 09:53:32.908
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2021-01-16 09:53:32.908
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2021-01-16 09:53:32.908
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2021-01-16 09:53:12.660
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2021-01-16 09:53:12.660
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2021-01-16 09:44:09.306
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-16 09:44:09.306
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 0705 08/22/2011
Motherboard: ASUSTeK Computer INC. M5A97
Processor: AMD Athlon(tm) II X3 460 Processor
Percentage of memory in use: 30%
Total physical RAM: 8154.46 MB
Available physical RAM: 5696.36 MB
Total Virtual: 16307.1 MB
Available Virtual: 13828.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:107.32 GB) (Free:13.67 GB) NTFS
Drive d: () (Fixed) (Total:358.34 GB) (Free:327.7 GB) NTFS

\\?\Volume{3ccbebad-1674-11e4-ba11-806e6f6e6963}\ (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: A4C80B1C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=107.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=358.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Re: Prosím o kontrolu logu

Napsal: 17 led 2021 02:33
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Folder: C:\Users\Martin\AppData\LocalLow\IGDump
Folder: C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb
ExportKey: HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local

HKLM-x32\...\Run: [seznam-listicka-distribuce] => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Martin\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Martin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
BootExecute: autocheck autochk * sdnclean64.exe
Task: {D685FBD3-3F61-4B51-8098-F5939AE599DB} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Martin\AppData\Local\Temp\scoped_dir2744_29998\esetonlinescanner_sky.exe <==== ATTENTION
Task: {DE09111B-73DD-4875-876D-C293F20E8F18} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Martin\AppData\Local\Temp\scoped_dir2744_29998\esetonlinescanner_sky.exe <==== ATTENTION
Task: {F96B2165-AA32-4349-B138-0B738423926C} - System32\Tasks\{F529C778-212F-4A4C-A435-C1F3B293A60A} => C:\Windows\system32\pcalua.exe -a C:\Windows\IsUninst.exe -c -f"d:\Thomb raider 3\Uninst.isu"
FF Extension: (No Name) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ef26py92.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Martin\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
2021-01-13 15:57 - 2021-01-13 15:59 - 000000000 ____D C:\Users\Martin\AppData\LocalLow\IGDump
2021-01-03 09:41 - 2021-01-03 09:44 - 000000000 ____D C:\Program Files (x86)\GUM144B.tmp
2020-12-31 15:11 - 2020-12-31 15:12 - 006922240 _____ C:\Program Files (x86)\GUT6C89.tmp
2020-12-31 15:11 - 2020-12-31 15:11 - 000000000 ____D C:\Program Files (x86)\GUM6C78.tmp
2020-12-30 17:46 - 2020-12-30 17:51 - 000000000 ____D C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb
2020-12-31 15:11 - 2020-12-31 15:12 - 006922240 _____ () C:\Program Files (x86)\GUT6C89.tmp
2015-06-16 16:54 - 2015-06-16 16:54 - 000000000 _____ () C:\Users\Martin\AppData\Local\Temp.dat
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} =>  -> No File
ContextMenuHandlers2: [duba_64bit] -> {DDEA5705-1BB0-4C03-AC1E-8FF9716A0D51} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\MB\mbshlext.dll -> No File
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers4: [duba_64bit] -> {DDEA5705-1BB0-4C03-AC1E-8FF9716A0D51} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\MB\mbshlext.dll -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} =>  -> No File
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [127]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\19294763.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\46505285.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\69658559.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dump_61A1F6F0.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\19294763.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\46505285.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\69658559.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dump_61A1F6F0.sys => ""="Driver"
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah skopiruj a vloz do dalsej odpovede

Re: Prosím o kontrolu logu

Napsal: 17 led 2021 09:45
od Peelie
Fix result of Farbar Recovery Scan Tool (x64) Version: 16-01-2021
Ran by Martin (17-01-2021 09:38:40) Run:1
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Folder: C:\Users\Martin\AppData\LocalLow\IGDump
Folder: C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb
ExportKey: HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local

HKLM-x32\...\Run: [seznam-listicka-distribuce] => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Martin\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Martin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
BootExecute: autocheck autochk * sdnclean64.exe
Task: {D685FBD3-3F61-4B51-8098-F5939AE599DB} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Martin\AppData\Local\Temp\scoped_dir2744_29998\esetonlinescanner_sky.exe <==== ATTENTION
Task: {DE09111B-73DD-4875-876D-C293F20E8F18} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Martin\AppData\Local\Temp\scoped_dir2744_29998\esetonlinescanner_sky.exe <==== ATTENTION
Task: {F96B2165-AA32-4349-B138-0B738423926C} - System32\Tasks\{F529C778-212F-4A4C-A435-C1F3B293A60A} => C:\Windows\system32\pcalua.exe -a C:\Windows\IsUninst.exe -c -f"d:\Thomb raider 3\Uninst.isu"
FF Extension: (No Name) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ef26py92.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Martin\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
2021-01-13 15:57 - 2021-01-13 15:59 - 000000000 ____D C:\Users\Martin\AppData\LocalLow\IGDump
2021-01-03 09:41 - 2021-01-03 09:44 - 000000000 ____D C:\Program Files (x86)\GUM144B.tmp
2020-12-31 15:11 - 2020-12-31 15:12 - 006922240 _____ C:\Program Files (x86)\GUT6C89.tmp
2020-12-31 15:11 - 2020-12-31 15:11 - 000000000 ____D C:\Program Files (x86)\GUM6C78.tmp
2020-12-30 17:46 - 2020-12-30 17:51 - 000000000 ____D C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb
2020-12-31 15:11 - 2020-12-31 15:12 - 006922240 _____ () C:\Program Files (x86)\GUT6C89.tmp
2015-06-16 16:54 - 2015-06-16 16:54 - 000000000 _____ () C:\Users\Martin\AppData\Local\Temp.dat
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers2: [duba_64bit] -> {DDEA5705-1BB0-4C03-AC1E-8FF9716A0D51} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\MB\mbshlext.dll -> No File
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [duba_64bit] -> {DDEA5705-1BB0-4C03-AC1E-8FF9716A0D51} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\MB\mbshlext.dll -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [127]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\19294763.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\46505285.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\69658559.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dump_61A1F6F0.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\19294763.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\46505285.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\69658559.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dump_61A1F6F0.sys => ""="Driver"
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 7
Average :
Sum : 4588815
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========


========================= Folder: C:\Users\Martin\AppData\LocalLow\IGDump ========================


====== End of Folder: ======


========================= Folder: C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb ========================

2019-03-14 15:20 - 2019-03-14 15:20 - 000018232 ____A [E2F648AE40D234A3892E1455B4DBBE05] (Microsoft Corporation) C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb\api-ms-win-core-file-l1-2-0.dll
2019-03-14 15:20 - 2019-03-14 15:20 - 000018232 ____A [E479444BDD4AE4577FD32314A68F5D28] (Microsoft Corporation) C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb\api-ms-win-core-file-l2-1-0.dll
2019-03-14 15:20 - 2019-03-14 15:20 - 000020792 ____A [EFF11130BFE0D9C90C0026BF2FB219AE] (Microsoft Corporation) C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb\api-ms-win-core-localization-l1-2-0.dll
2019-03-14 15:20 - 2019-03-14 15:20 - 000018744 ____A [D0289835D97D103BAD0DD7B9637538A1] (Microsoft Corporation) C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb\api-ms-win-core-processthreads-l1-1-1.dll
2019-03-14 15:20 - 2019-03-14 15:20 - 000018744 ____A [0D1AA99ED8069BA73CFD74B0FDDC7B3A] (Microsoft Corporation) C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb\api-ms-win-core-synch-l1-2-0.dll
2019-03-14 15:20 - 2019-03-14 15:20 - 000018224 ____A [BABF80608FD68A09656871EC8597296C] (Microsoft Corporation) C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb\api-ms-win-core-timezone-l1-1-0.dll
2019-03-14 15:20 - 2019-03-14 15:20 - 000022328 ____A [72E28C902CD947F9A3425B19AC5A64BD] (Microsoft Corporation) C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb\api-ms-win-crt-convert-l1-1-0.dll
2019-03-14 15:20 - 2019-03-14 15:20 - 000018736 ____A [AC290DAD7CB4CA2D93516580452EDA1C] (Microsoft Corporation) C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb\api-ms-win-crt-environment-l1-1-0.dll
2019-03-14 15:20 - 2019-03-14 15:20 - 000020280 ____A [AEC2268601470050E62CB8066DD41A59] (Microsoft Corporation) C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb\api-ms-win-crt-filesystem-l1-1-0.dll
2019-03-14 15:20 - 2019-03-14 15:20 - 000019256 ____A [93D3DA06BF894F4FA21007BEE06B5E7D] (Microsoft Corporation) C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb\api-ms-win-crt-heap-l1-1-0.dll
2019-03-14 15:20 - 2019-03-14 15:20 - 000018744 ____A [A2F2258C32E3BA9ABF9E9E38EF7DA8C9] (Microsoft Corporation) C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb\api-ms-win-crt-locale-l1-1-0.dll
2019-03-14 15:20 - 2019-03-14 15:20 - 000028984 ____A [8B0BA750E7B15300482CE6C961A932F0] (Microsoft Corporation) C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb\api-ms-win-crt-math-l1-1-0.dll
2019-03-14 15:20 - 2019-03-14 15:20 - 000026424 ____A [35FC66BD813D0F126883E695664E7B83] (Microsoft Corporation) C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb\api-ms-win-crt-multibyte-l1-1-0.dll
2019-03-14 15:20 - 2019-03-14 15:20 - 000022840 ____A [41A348F9BEDC8681FB30FA78E45EDB24] (Microsoft Corporation) C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb\api-ms-win-crt-runtime-l1-1-0.dll
2019-03-14 15:20 - 2019-03-14 15:20 - 000024368 ____A [FEFB98394CB9EF4368DA798DEAB00E21] (Microsoft Corporation) C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb\api-ms-win-crt-stdio-l1-1-0.dll
2019-03-14 15:20 - 2019-03-14 15:20 - 000023488 ____A [404604CD100A1E60DFDAF6ECF5BA14C0] (Microsoft Corporation) C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb\api-ms-win-crt-string-l1-1-0.dll
2019-03-14 15:20 - 2019-03-14 15:20 - 000020792 ____A [849F2C3EBF1FCBA33D16153692D5810F] (Microsoft Corporation) C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb\api-ms-win-crt-time-l1-1-0.dll
2019-03-14 15:20 - 2019-03-14 15:20 - 000018744 ____A [B52A0CA52C9C207874639B62B6082242] (Microsoft Corporation) C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb\api-ms-win-crt-utility-l1-1-0.dll
2019-03-14 15:20 - 2019-03-14 15:20 - 000137168 ____A [EAE9273F8CDCF9321C6C37C244773139] (Mozilla Foundation) C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb\mozglue.dll
2019-03-14 15:20 - 2019-03-14 15:20 - 000440120 ____A [109F0F02FD37C84BFC7508D4227D7ED5] (Microsoft Corporation) C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb\msvcp140.dll
2019-03-14 15:20 - 2019-03-14 15:20 - 001245136 ____A [02CC7B8EE30056D5912DE54F1BDFC219] (Mozilla Foundation) C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb\nss3.dll
2019-03-14 15:20 - 2019-03-14 15:20 - 000083784 ____A [7587BF9CB4147022CD5681B015183046] (Microsoft Corporation) C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb\vcruntime140.dll

====== End of Folder: ======

================== ExportKey: ===================

[HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local]
"ActivePolicy"="SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{e8baf6a8-c7f7-43b9-aa58-2a9ac8e1b6e2}"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecFilter{d7ae2bb3-37e5-4c40-9823-c58774dd6e89}]
"className"="ipsecFilter"
"name"="ipsecFilter{d7ae2bb3-37e5-4c40-9823-c58774dd6e89}"
"ipsecName"="Filter1"
"ipsecID"="{d7ae2bb3-37e5-4c40-9823-c58774dd6e89}"
"ipsecDataType"="256"
"ipsecData"="b520dc80c82ed111a89e00a0248d3021a60400001100000002000000000002000000000002000000000011431ae6ff120a499a06299ff29cfd3a01000000000000000000000000000000ffffffff00000000060000000000bd0100000000020000000000 (the data entry has 2228 more characters)."
"whenChanged"="1609346672"
"ipsecOwnersReference"="SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecNFA{be87f8fc-4389-4753-8483-5315b5e630ca}"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{765fd4b3-d8df-4b65-9718-4d238664196a}]
"className"="ipsecISAKMPPolicy"
"name"="ipsecISAKMPPolicy{765fd4b3-d8df-4b65-9718-4d238664196a}"
"ipsecID"="{765fd4b3-d8df-4b65-9718-4d238664196a}"
"ipsecDataType"="256"
"ipsecData"="b820dc80c82ed111a89e00a0248d3021c0000000b3d45f76dfd8654b97184d238664196a00000000000000000000000000000000000000008070000000000000000000000000000000000000000000000200000000000000030000004000000008000000 (the data entry has 226 more characters)."
"whenChanged"="1609346670"
"ipsecOwnersReference"="SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{e8baf6a8-c7f7-43b9-aa58-2a9ac8e1b6e2}"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{16f48853-a822-4cda-bbaa-e96375495cf9}]
"className"="ipsecNegotiationPolicy"
"name"="ipsecNegotiationPolicy{16f48853-a822-4cda-bbaa-e96375495cf9}"
"ipsecName"="FilteraAtion1"
"ipsecID"="{16f48853-a822-4cda-bbaa-e96375495cf9}"
"ipsecNegotiationPolicyAction"="{3f91a819-7647-11d1-864d-d46a00000000}"
"ipsecNegotiationPolicyType"="{62f49e10-6c37-11d1-864c-14a300000000}"
"ipsecDataType"="256"
"ipsecData"="b920dc80c82ed111a89e00a0248d3021040000000000000000"
"whenChanged"="1609346672"
"ipsecOwnersReference"="SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecNFA{be87f8fc-4389-4753-8483-5315b5e630ca}"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{7606ceae-202e-4f53-82a1-28b512903cee}]
"className"="ipsecNegotiationPolicy"
"name"="ipsecNegotiationPolicy{7606ceae-202e-4f53-82a1-28b512903cee}"
"ipsecID"="{7606ceae-202e-4f53-82a1-28b512903cee}"
"ipsecNegotiationPolicyAction"="{8a171dd3-77e3-11d1-8659-a04f00000000}"
"ipsecNegotiationPolicyType"="{62f49e13-6c37-11d1-864c-14a300000000}"
"ipsecDataType"="256"
"ipsecData"="b920dc80c82ed111a89e00a0248d3021a40000000200000000000000000000000000000000000000010000000300000002000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 (the data entry has 170 more characters)."
"whenChanged"="1609346671"
"ipsecOwnersReference"="SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecNFA{128a628a-0cdf-452f-bab8-2a6f3ed76ebd}"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{128a628a-0cdf-452f-bab8-2a6f3ed76ebd}]
"className"="ipsecNFA"
"name"="ipsecNFA{128a628a-0cdf-452f-bab8-2a6f3ed76ebd}"
"ipsecID"="{128a628a-0cdf-452f-bab8-2a6f3ed76ebd}"
"ipsecDataType"="256"
"ipsecData"="00acbb118d49d111863900a0248d30212a0000000100000005000000020000000000fdffffff0200000000000000000000000000000000000200000000000101010101010101010101010101010101000000050000000000000001010101010101010101 (the data entry has 30 more characters)."
"ipsecNegotiationPolicyReference"="SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecNegotiationPolicy{7606ceae-202e-4f53-82a1-28b512903cee}"
"whenChanged"="1609346671"
"ipsecOwnersReference"="SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{e8baf6a8-c7f7-43b9-aa58-2a9ac8e1b6e2}"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{be87f8fc-4389-4753-8483-5315b5e630ca}]
"className"="ipsecNFA"
"name"="ipsecNFA{be87f8fc-4389-4753-8483-5315b5e630ca}"
"ipsecName"="Rule1"
"ipsecID"="{be87f8fc-4389-4753-8483-5315b5e630ca}"
"ipsecDataType"="256"
"ipsecData"="00acbb118d49d111863900a0248d30212a0000000100000005000000020000000000fdffffff0200000000000000000000000000010000000200000000000101010101010101010101010101010101000000050000000000000001010101010101010101 (the data entry has 30 more characters)."
"ipsecNegotiationPolicyReference"="SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecNegotiationPolicy{16f48853-a822-4cda-bbaa-e96375495cf9}"
"ipsecFilterReference"="SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecFilter{d7ae2bb3-37e5-4c40-9823-c58774dd6e89}"
"whenChanged"="1609346672"
"ipsecOwnersReference"="SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{e8baf6a8-c7f7-43b9-aa58-2a9ac8e1b6e2}"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecPolicy{e8baf6a8-c7f7-43b9-aa58-2a9ac8e1b6e2}]
"className"="ipsecPolicy"
"name"="ipsecPolicy{e8baf6a8-c7f7-43b9-aa58-2a9ac8e1b6e2}"
"ipsecName"="qianye"
"ipsecID"="{e8baf6a8-c7f7-43b9-aa58-2a9ac8e1b6e2}"
"ipsecDataType"="256"
"ipsecData"="632120224c4fd111863b00a0248d302104000000302a000000"
"ipsecISAKMPReference"="SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecISAKMPPolicy{765fd4b3-d8df-4b65-9718-4d238664196a}"
"whenChanged"="1609346672"
"ipsecNFAReference"="SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecNFA{be87f8fc-4389-4753-8483-5315b5e630ca}*SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecNFA{128a628a-0cdf-452f-bab8-2a6f3ed76e (the data entry has 3 more characters)."

=== End of ExportKey ===
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce" => removed successfully
"HKU\S-1-5-21-515885200-768628804-3900138106-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate" => removed successfully
"HKU\S-1-5-21-515885200-768628804-3900138106-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop" => removed successfully
HKLM\System\CurrentControlSet\Control\Session Manager\\"BootExecute"="autocheck autochk *" => value restored successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D685FBD3-3F61-4B51-8098-F5939AE599DB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D685FBD3-3F61-4B51-8098-F5939AE599DB}" => removed successfully
C:\Windows\System32\Tasks\EOSv3 Scheduler onLogOn => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE09111B-73DD-4875-876D-C293F20E8F18}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE09111B-73DD-4875-876D-C293F20E8F18}" => removed successfully
C:\Windows\System32\Tasks\EOSv3 Scheduler onTime => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F96B2165-AA32-4349-B138-0B738423926C} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F96B2165-AA32-4349-B138-0B738423926C} => removed successfully
C:\Windows\System32\Tasks\{F529C778-212F-4A4C-A435-C1F3B293A60A} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F529C778-212F-4A4C-A435-C1F3B293A60A} => removed successfully
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ef26py92.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => path removed successfully
"HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com" => removed successfully
"HKU\S-1-5-21-515885200-768628804-3900138106-1000\Software\Mozilla\Firefox\Extensions\\acewebextension_unlisted@acestream.org" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\caljgklbbfbcjjanaijlacgncafpegll => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh => removed successfully
C:\Users\Martin\AppData\LocalLow\IGDump => moved successfully
C:\Program Files (x86)\GUM144B.tmp => moved successfully
C:\Program Files (x86)\GUT6C89.tmp => moved successfully
C:\Program Files (x86)\GUM6C78.tmp => moved successfully
C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb => moved successfully
"C:\Program Files (x86)\GUT6C89.tmp" => not found
C:\Users\Martin\AppData\Local\Temp.dat => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SpyEmergency => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\duba_64bit => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MBAMShlExt => removed successfully
HKLM\Software\Classes\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3} => could not remove. Access Denied.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\###MegaContextMenuExt => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\duba_64bit => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\SpyEmergency => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\MBAMShlExt => removed successfully
HKLM\Software\Classes\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3} => could not remove. Access Denied.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SpyEmergency => removed successfully
C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\19294763.sys => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\46505285.sys => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\69658559.sys => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\dump_61A1F6F0.sys => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\19294763.sys => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\46505285.sys => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\69658559.sys => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\dump_61A1F6F0.sys => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5163963 B
Java, Flash, Steam htmlcache => 194727079 B
Windows/system/drivers => 4167545 B
Edge => 0 B
Chrome => 783327 B
Firefox => 109992078 B
Opera => 283980417 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 288 B
LocalService => 288 B
NetworkService => 288 B
Martin => 7507028 B

RecycleBin => 0 B
EmptyTemp: => 586.2 MB temporary data Removed.

================================

Re: Prosím o kontrolu logu

Napsal: 17 led 2021 21:10
od Conder
Ako to momentalne vyzera s PC?

Mas programy Seznam Software (a Seznam doplnky v prehliadacoch) a Google Toolbar nainstalovane umyselne? Ak nie, odporucam ich odinstalovat.

Re: Prosím o kontrolu logu

Napsal: 17 led 2021 22:13
od Peelie
Nie je ziadny problem.

Re: Prosím o kontrolu logu

Napsal: 17 led 2021 22:23
od Conder
OK, este odporucam spustit nasledovne:
:arrow: Spusti kontrolu integrity systemovych suborov:
  • Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
  • Skopiruj a spusti prikaz:

    Kód: Vybrat vše

    sfc /scannow
  • Po dokonceni skopiruj a spusti tento prikaz:

    Kód: Vybrat vše

    findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt"
  • Na ploche sa vytvori subor sfcdetails.txt, zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
  • Restartuj PC a napis ako sa chova PC
Ak nebudu ziadne problemy, tak potom staci uz iba upratat po nastrojoch.

Re: Prosím o kontrolu logu

Napsal: 17 led 2021 23:03
od Peelie
Dobre.Dakujem za cas a ochotu.
Všechny časy jsou v UTC+01:00
Stránka 2 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz