Můžu poprosit o kontrolu logu? Díky

[joj]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenka at 2018-02-06 22:05:42
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 54 GB (22%) free of 250 GB
Total RAM: 3231 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:05:54, on 6.2.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18838)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Program Files\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
C:\Program Files\Keepvid\KeepVid Pro (Desktop)\KeepVidProUpdateHelper.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\system32\igfxEM.exe
C:\Windows\system32\igfxHK.exe
C:\Windows\system32\igfxTray.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Lenka\Desktop\RSIT.exe
C:\Program Files\trend micro\Lenka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: KeepVid Pro 4.10.0 - {F9B65201-3D7F-48DA-AAB3-57A6FAD648FD} - C:\PROGRA~1\Keepvid\KEEPVI~1\BROWSE~1\KVBROW~1.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe" -s
O4 - HKLM\..\Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Aimersoft Helper Compact.exe] C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
O4 - HKLM\..\Run: [KeepVidProUpdateHelper.exe] C:\Program Files\Keepvid\KeepVid Pro (Desktop)\KeepVidProUpdateHelper.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Otevřít obrázek v aplikaci &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~1\Office\1029\phdintl.dll/phdContext.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: WSKVAllmytubechrome - {91AB862D-07B8-4A85 - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\Windows\system32\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Intel Corporation - C:\Windows\system32\IProsetMonitor.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: WD SSD Dashboard Service - Western Digital Corporation or its affiliates - C:\Program Files\Western Digital\SSD Dashboard\WDSSDDashboardService.exe
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files\Wondershare\WAF\2.4.3.230\WsAppService.exe
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Unknown owner - C:\Program Files\Wondershare\New TunesGo\DriverInstall.exe (file missing)

--
End of file - 9795 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\ic09uv5j.default

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-18 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-09 820672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2017-06-02 193136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9B65201-3D7F-48DA-AAB3-57A6FAD648FD}]
KeepVid Pro 4.10.0 - C:\PROGRA~1\Keepvid\KEEPVI~1\BROWSE~1\KVBROW~1.DLL [2017-09-06 633464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2017-06-02 193136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [2016-11-17 8046080]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2016-09-20 71168]
"USB3MON"=C:\Program Files\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [2016-08-18 299504]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-12-21 246120]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2017-10-18 67896]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"Aimersoft Helper Compact.exe"=C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2016-10-08 2138272]
"KeepVidProUpdateHelper.exe"=C:\Program Files\Keepvid\KeepVid Pro (Desktop)\KeepVidProUpdateHelper.exe [2017-09-06 33912]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2017-07-14 267064]
"NeroFilterCheck"=C:\Windows\system32\NeroCheck.exe [2006-01-12 155648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2017-05-19 7619288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-18 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-02-06 22:05:43 ----D---- C:\Program Files\trend micro
2018-02-06 11:56:06 ----D---- C:\ProgramData\SWCUTemp
2018-02-03 14:17:27 ----D---- C:\Users\Lenka\AppData\Roaming\Macromedia
2018-02-03 14:16:52 ----D---- C:\Program Files\TP-Link
2018-01-07 16:48:36 ----D---- C:\Users\Lenka\AppData\Roaming\Hewlett-Packard
2018-01-07 16:31:00 ----D---- C:\System.sav
2018-01-07 16:30:47 ----D---- C:\ProgramData\Hewlett-Packard
2018-01-07 16:30:06 ----D---- C:\Users\Lenka\AppData\Roaming\hpqLog
2018-01-07 16:09:14 ----D---- C:\Program Files\Hewlett-Packard

======List of files/folders modified in the last 1 month======

2018-02-06 22:05:54 ----D---- C:\Windows\Prefetch
2018-02-06 22:05:43 ----RD---- C:\Program Files
2018-02-06 22:04:56 ----SHD---- C:\System Volume Information
2018-02-06 22:01:41 ----D---- C:\Windows\Temp
2018-02-06 18:18:17 ----D---- C:\Windows\System32
2018-02-06 18:18:13 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2018-02-06 18:18:10 ----D---- C:\Windows\system32\Macromed
2018-02-06 14:12:40 ----D---- C:\Windows\inf
2018-02-06 14:12:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-02-06 12:06:27 ----D---- C:\Windows\system32\config
2018-02-06 11:56:21 ----A---- C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-02-06 11:56:06 ----HD---- C:\ProgramData
2018-02-03 17:43:51 ----D---- C:\Users\Lenka\AppData\Roaming\vlc
2018-02-03 14:46:34 ----D---- C:\Windows\system32\NDF
2018-02-03 14:17:00 ----HD---- C:\Program Files\InstallShield Installation Information
2018-02-03 14:16:59 ----SHD---- C:\Windows\Installer
2018-02-03 14:16:56 ----SHD---- C:\Config.Msi
2018-02-03 08:43:02 ----D---- C:\Windows\system32\wdi
2018-02-02 14:10:56 ----D---- C:\Windows\system32\LogFiles
2018-02-02 13:51:19 ----SD---- C:\ProgramData\Microsoft
2018-01-23 17:13:34 ----D---- C:\Users\Lenka\AppData\Roaming\Canon
2018-01-20 11:18:14 ----D---- C:\Users\Lenka\AppData\Roaming\dvdcss
2018-01-16 16:46:54 ----D---- C:\Windows\system32\FxsTmp
2018-01-13 14:34:02 ----D---- C:\Windows
2018-01-13 14:33:20 ----A---- C:\Windows\GSetup.ini
2018-01-13 13:11:20 ----SHD---- C:\$Recycle.Bin
2018-01-12 19:16:41 ----D---- C:\Program Files\Mozilla Maintenance Service
2018-01-12 19:16:40 ----D---- C:\Program Files\Mozilla Firefox
2018-01-11 15:30:09 ----D---- C:\Windows\system32\drivers
2018-01-07 17:14:05 ----RSD---- C:\Windows\assembly
2018-01-07 16:09:29 ----D---- C:\Windows\system32\Tasks
2018-01-07 16:09:15 ----RSD---- C:\Windows\Fonts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2017-12-21 157376]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2017-12-21 276696]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2017-12-21 50344]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-12-21 70832]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-12-21 294680]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2016-09-20 623096]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2016-09-20 28128]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2017-12-21 158224]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2017-12-21 255584]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2017-12-21 118144]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-09-13 39784]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-12-21 99528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-12-21 783104]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-01-11 390256]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-01-11 123880]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-12-21 151328]
R2 npf;NetGroup Packet Filter Driver; \??\C:\Windows\system32\drivers\npf.sys [2017-01-02 36600]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\Windows\system32\DRIVERS\e1d6232.sys [2016-07-26 424400]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2017-10-20 7105520]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2016-11-17 4243968]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2016-11-21 394216]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2016-08-18 402432]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2016-08-18 829952]
R3 MEI;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriver.sys [2016-09-22 170560]
R3 NAL;Nal Service ; \??\C:\Windows\system32\Drivers\iqvw32.sys [2016-09-01 44496]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-12-21 42824]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 94208]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 NAVENG;NAVENG; \??\C:\Program Files\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20170602.003\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Program Files\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20170602.003\NAVEX15.SYS []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2016-12-21 45056]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2017-10-11 67384]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-12-21 301168]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 390416]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2017-11-21 332144]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2016-09-20 17976]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2017-10-20 310768]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2016-08-24 258104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2016-10-05 177440]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2016-10-05 419616]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 WD SSD Dashboard Service;WD SSD Dashboard Service; C:\Program Files\Western Digital\SSD Dashboard\WDSSDDashboardService.exe [2016-11-15 1706496]
R2 WsAppService;Wondershare Application Framework Service; C:\Program Files\Wondershare\WAF\2.4.3.230\WsAppService.exe [2017-09-27 493280]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2017-12-21 5906816]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2017-07-14 570168]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 cphs;Intel(R) Content Protection HECI Service; C:\Windows\system32\IntelCpHeciSvc.exe [2017-10-20 494056]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2017-06-02 153752]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-06 272384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2017-06-02 153752]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2017-06-02 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-10-14 104960]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2016-07-26 737576]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-18 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2018-01-12 175568]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-12 159960]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WsDrvInst;Wondershare Driver Install Service; C:\Program Files\Wondershare\New TunesGo\DriverInstall.exe []
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-04-21 47224]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

[Kodlz]

Ahoj,
Poprosim o vlozeni logu FRST.txt a Addition.txt z aplikace FRSTLauncher.exe (Farbar Recovery Scan Tool). Navod naleznes zde: https://forum.viry.cz/viewtopic.php?f=13&t=152707
Obsah Additional.txt muzes vlozit rovnou sem do vlakna.

[joj]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27.01.2018
Ran by Lenka (administrator) on FERDA (07-02-2018 16:20:57)
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka (Available Profiles: Lenka)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Western Digital Corporation or its affiliates) C:\Program Files\Western Digital\SSD Dashboard\WDSSDDashboardService.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AimerSoft) C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
() C:\Program Files\Keepvid\KeepVid Pro (Desktop)\KeepVidProUpdateHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Wondershare) C:\Program Files\Wondershare\WAF\2.4.3.230\WsAppService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [8046080 2016-11-17] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation)
HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [299504 2016-08-18] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2017-12-21] (AVAST Software)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-10-18] (Apple Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (AimerSoft)
HKLM\...\Run: [KeepVidProUpdateHelper.exe] => C:\Program Files\Keepvid\KeepVid Pro (Desktop)\KeepVidProUpdateHelper.exe [33912 2017-09-06] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [267064 2017-07-14] (Apple Inc.)
HKLM\...\Run: [NeroFilterCheck] => C:\Windows\system32\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7619288 2017-05-19] (Piriform Ltd)
HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\...\MountPoints2: {1a3863ce-476d-11e7-9c0d-806e6f6e6963} - E:\Run.exe
HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\...\MountPoints2: {e97c08e7-4785-11e7-aeaf-806e6f6e6963} - E:\Run.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.3 10.0.0.2
Tcpip\..\Interfaces\{CEC3D050-C806-4EE6-9657-231DED88C200}: [DhcpNameServer] 10.0.0.3 10.0.0.2

Internet Explorer:
==================
HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-09] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2017-06-02] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: KeepVid Pro 4.10.0 -> {F9B65201-3D7F-48DA-AAB3-57A6FAD648FD} -> C:\Program Files\Keepvid\KeepVid Pro (Desktop)\BrowserPlugin\KVBrowserAppMgr.dll [2017-09-06] ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2017-06-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-1569389982-1034148263-1110634828-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2017-06-02] (Google Inc.)
Handler: WSKVAllmytubechrome - {91AB862D-07B8-4A85 - No File

FireFox:
========
FF DefaultProfile: ic09uv5j.default
FF ProfilePath: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\ic09uv5j.default [2018-02-07]
FF Extension: (Flash Video Downloader) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\ic09uv5j.default\Extensions\artur.dubovoy@gmail.com.xpi [2018-02-03]
FF Extension: (Avast SafePrice) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\ic09uv5j.default\Extensions\sp@avast.com.xpi [2017-12-13]
FF Extension: (Avast Online Security) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\ic09uv5j.default\Extensions\wrc@avast.com.xpi [2017-10-06]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\ic09uv5j.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2018-01-14]
FF Extension: (Facebook Video Downloader) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\ic09uv5j.default\Extensions\{36ea170d-2586-45fb-9f48-5f6b6fd59da7}.xpi [2018-01-14]
FF HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\...\Firefox\Extensions: [KVAllmytube@KeepVid.com] - C:\Program Files\Keepvid\KeepVid Pro (Desktop)\BrowserPlugin\kvallmytube@keepvid.com_xpi
FF Extension: (KeepVid Pro) - C:\Program Files\Keepvid\KeepVid Pro (Desktop)\BrowserPlugin\kvallmytube@keepvid.com_xpi [2017-10-05] [Legacy]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-07-05]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.mysearchresults.com/?c=3523&t=01
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default [2018-02-07]
CHR Extension: (Překladač Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (Prezentace) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Twitter Secret Emoticons) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgogdobdhhbmdamdjmfomfdoobllbpd [2017-06-02]
CHR Extension: (Dokumenty) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-02]
CHR Extension: (YouTube) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-02]
CHR Extension: (Chrome IG Story) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2017-10-09]
CHR Extension: (Image Downloader) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2017-10-28]
CHR Extension: (Tipli do prohlížeče) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2017-11-25]
CHR Extension: (Video Downloader professional) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2017-08-03]
CHR Extension: (Avast SafePrice) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-23]
CHR Extension: (Bulk Image Downloader) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\facoldpeadablbngjnohbmgaehknhcaj [2018-01-14]
CHR Extension: (Tabulky) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (PhotoLive - Download Facebook Photos!) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpjnpabklnaaifclgealaepelncljadk [2018-01-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-04]
CHR Extension: (Avast Online Security) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-16]
CHR Extension: (Video Downloader GetThemAll) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm [2017-08-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Transcribe: transcribe audio/interviews fast!) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogokenmicnjdfhmhocanoemnddmpcjjm [2017-06-02]
CHR Extension: (Gmail) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-02]
CHR Extension: (Chrome Media Router) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-07]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5906816 2017-12-21] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2017-12-21] (AVAST Software)
S2 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [494056 2017-10-20] (Intel Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [310768 2017-10-20] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [737576 2016-07-26] (Intel(R) Corporation)
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [258104 2016-08-24] (Intel Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-05] (Intel Corporation)
R2 WD SSD Dashboard Service; C:\Program Files\Western Digital\SSD Dashboard\WDSSDDashboardService.exe [1706496 2016-11-15] (Western Digital Corporation or its affiliates) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.230\WsAppService.exe [493280 2017-09-27] (Wondershare)
S3 WsDrvInst; C:\Program Files\Wondershare\New TunesGo\DriverInstall.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [158224 2017-12-21] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [255584 2017-12-21] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [157376 2017-12-21] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [276696 2017-12-21] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [50344 2017-12-21] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [118144 2017-12-21] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42824 2017-12-21] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [39784 2017-09-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [123880 2018-01-11] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [99528 2017-12-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [70832 2017-12-21] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783104 2017-12-21] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [390256 2018-01-11] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [151328 2017-12-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [294680 2017-12-21] (AVAST Software)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d6232.sys [424400 2016-07-26] (Intel Corporation)
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [623096 2016-09-20] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28128 2016-09-20] (Intel Corporation)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [402432 2016-08-18] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [829952 2016-08-18] (Intel Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\TeeDriver.sys [170560 2016-09-22] (Intel Corporation)
R3 NAL; C:\Windows\system32\Drivers\iqvw32.sys [44496 2016-09-01] (Intel Corporation )
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-01-02] (Riverbed Technology, Inc.)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 NAVENG; \??\C:\Program Files\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20170602.003\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20170602.003\NAVEX15.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-07 16:06 - 2018-02-07 16:06 - 000032019 _____ C:\Users\Lenka\Desktop\Addition.txt
2018-02-07 16:05 - 2018-02-07 16:21 - 000017979 _____ C:\Users\Lenka\Desktop\FRST.txt
2018-02-07 16:05 - 2018-02-07 16:20 - 000000000 ____D C:\FRST
2018-02-07 15:49 - 2018-02-07 15:49 - 001754112 _____ (Farbar) C:\Users\Lenka\Desktop\FRST.exe
2018-02-07 15:32 - 2018-02-07 15:32 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-02-06 22:05 - 2018-02-06 22:05 - 000000000 ____D C:\Program Files\trend micro
2018-02-06 19:21 - 2018-02-06 19:21 - 000055339 _____ C:\Users\Lenka\Downloads\Katalog_2013_Prehled_konektoru.pdf
2018-02-06 19:18 - 2018-02-06 19:18 - 000711889 _____ C:\Users\Lenka\Downloads\N_EIM_1H_Navod_obecny_na_instalaci_vyrobku_ABB.pdf
2018-02-04 17:44 - 2018-02-04 17:54 - 784691685 _____ C:\Users\Lenka\Downloads\Hra o trony S07E07 720p CZ dabing.mkv
2018-02-03 14:17 - 2018-02-03 14:17 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\Macromedia
2018-02-03 14:16 - 2018-02-03 14:16 - 000002091 _____ C:\Users\Public\Desktop\tpPLC.lnk
2018-02-03 14:16 - 2018-02-03 14:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-Link
2018-02-03 14:16 - 2018-02-03 14:16 - 000000000 ____D C:\Program Files\TP-Link
2018-02-03 13:47 - 2018-02-03 13:58 - 308874155 _____ C:\Users\Lenka\Downloads\Greys.Anatomy.S14E11.HDTV.x264-KILLERS.mkv
2018-02-03 13:46 - 2018-02-03 14:00 - 510488302 _____ C:\Users\Lenka\Downloads\V_pasti.S01E05.TVRip.XviD.CZ.avi
2018-02-03 13:46 - 2018-02-03 13:58 - 423755894 _____ C:\Users\Lenka\Downloads\V pasti s01e06 (krimi 2016) CZ dab.avi
2018-02-01 16:25 - 2018-02-01 16:25 - 000033870 _____ C:\Users\Lenka\Desktop\5CF4ABFE8747.cfg
2018-02-01 15:56 - 2018-02-01 16:36 - 1095186966 _____ C:\Users\Lenka\Downloads\Most.Bron.Broen.S04E05.720p.WEB-DL.H.264.Cz.tit.mkv
2018-01-30 20:08 - 2018-01-30 20:08 - 003832670 _____ C:\Users\Lenka\Downloads\1910012098_TL-WPA4220_V3_User Guide.pdf
2018-01-30 20:07 - 2018-01-30 20:07 - 001418104 _____ C:\Users\Lenka\Downloads\TL-WPA4220KIT_V1_UG (1).pdf
2018-01-28 18:56 - 2018-01-28 18:56 - 001418104 _____ C:\Users\Lenka\Downloads\TL-WPA4220KIT_V1_UG.pdf
2018-01-26 16:54 - 2018-01-26 16:54 - 000056608 _____ C:\Users\Lenka\Downloads\A180118_JAN_011_DANE_2017_MALY3.XLSX
2018-01-26 16:53 - 2018-01-26 16:54 - 000237874 _____ C:\Users\Lenka\Downloads\A180115_JAN_021_DANE_2017_SESLEVOU.XLSX
2018-01-24 18:58 - 2018-01-24 19:11 - 1111739012 _____ C:\Users\Lenka\Downloads\Most.Bron.Broen.S04E04.720p.WEB-DL.H.264.Cz.tit.mkv
2018-01-24 18:55 - 2018-01-24 18:55 - 000000000 ____D C:\Users\Lenka\Downloads\Greys-Anatomy-12x032
2018-01-23 17:20 - 2018-01-23 17:20 - 001128514 _____ C:\Users\Lenka\Downloads\25416000719_0 (1).pdf
2018-01-21 18:09 - 2018-01-21 18:09 - 001128514 _____ C:\Users\Lenka\Downloads\25416000719_0.pdf
2018-01-21 16:11 - 2018-01-21 16:11 - 001397535 _____ C:\Users\Lenka\Downloads\netis_E1+_Datasheet.pdf
2018-01-21 15:30 - 2018-01-21 15:30 - 000178184 _____ C:\Users\Lenka\Desktop\6142257869_728.pdf
2018-01-19 18:45 - 2018-01-19 19:00 - 272910343 _____ C:\Users\Lenka\Downloads\Greys.Anatomy.S14E09.HDTV.x264-SVA.mkv
2018-01-18 18:15 - 2018-01-18 18:15 - 032024776 _____ C:\Users\Lenka\Downloads\vlc-2.2.8-win64 (1).exe
2018-01-18 16:59 - 2018-01-18 16:59 - 032024776 _____ C:\Users\Lenka\Downloads\vlc-2.2.8-win64.exe
2018-01-18 16:47 - 2018-01-18 16:47 - 000000000 ____D C:\Users\Lenka\AppData\LocalLow\Temp
2018-01-17 18:19 - 2018-01-17 18:19 - 000056553 _____ C:\Users\Lenka\Downloads\A180115_JAN_021_DANE_2017_MALY2.XLSX
2018-01-16 22:03 - 2018-01-16 22:16 - 1110895906 _____ C:\Users\Lenka\Downloads\Most.Bron.Broen.S04E03.720p.WEB-DL.H.264.Cz.tit (1).mkv
2018-01-16 21:32 - 2018-01-16 21:32 - 000911295 _____ C:\Users\Lenka\Downloads\AntiTwin_Setup.exe
2018-01-16 16:43 - 2018-01-16 16:43 - 000074110 _____ C:\Users\Lenka\Downloads\2506-0873500947-148916111.pdf
2018-01-15 21:13 - 2018-01-15 21:26 - 1110895906 _____ C:\Users\Lenka\Downloads\Most.Bron.Broen.S04E03.720p.WEB-DL.H.264.Cz.tit.mkv
2018-01-14 22:00 - 2018-01-14 22:00 - 006975080 _____ (Antibody Software ) C:\Users\Lenka\Downloads\bid_5_18_setup.exe
2018-01-14 16:20 - 2018-01-14 17:19 - 1104506158 _____ C:\Users\Lenka\Downloads\House of Cards S05E13 CzTit.avi
2018-01-14 16:20 - 2018-01-14 17:19 - 1091851740 _____ C:\Users\Lenka\Downloads\House of Cards S05E12 CzTit.avi
2018-01-14 16:20 - 2018-01-14 17:16 - 1012549154 _____ C:\Users\Lenka\Downloads\House of Cards S05E10 CzTit.avi
2018-01-14 16:20 - 2018-01-14 17:10 - 811772242 _____ C:\Users\Lenka\Downloads\House of Cards S05E11 CzTit.avi
2018-01-14 16:18 - 2018-01-14 17:17 - 1350357534 _____ C:\Users\Lenka\Downloads\House of Cards S05E09 CzTit.avi
2018-01-14 14:00 - 2018-01-14 14:30 - 1358231848 _____ C:\Users\Lenka\Downloads\House of Cards S05E08 CzTit.avi
2018-01-14 14:00 - 2018-01-14 14:28 - 1199796574 _____ C:\Users\Lenka\Downloads\House of Cards S05E07 CzTit.avi
2018-01-14 13:18 - 2018-01-14 13:44 - 1205334512 _____ C:\Users\Lenka\Downloads\House of Cards S05E05 CzTit.avi
2018-01-14 13:18 - 2018-01-14 13:44 - 1004741650 _____ C:\Users\Lenka\Downloads\House of Cards S05E06 CzTit.avi
2018-01-14 11:47 - 2018-01-14 12:12 - 1129981704 _____ C:\Users\Lenka\Downloads\House of Cards S05E04 CzTit.avi
2018-01-14 11:47 - 2018-01-14 12:10 - 1021130586 _____ C:\Users\Lenka\Downloads\House of Cards S05E03 CzTit.avi
2018-01-14 10:49 - 2018-01-14 11:17 - 1166863252 _____ C:\Users\Lenka\Downloads\House of Cards S05E01 CzTit.avi
2018-01-14 10:49 - 2018-01-14 11:16 - 1300840528 _____ C:\Users\Lenka\Downloads\House of Cards S05E02 CzTit.avi
2018-01-13 15:07 - 2018-01-13 15:19 - 996570072 _____ C:\Users\Lenka\Downloads\Po Strništi Bos (2017)(cz).avi
2018-01-12 18:57 - 2018-01-12 18:57 - 007040152 _____ (Solvusoft Corporation ) C:\Users\Lenka\Downloads\Setup_DriverDoc_2016 (1).exe
2018-01-12 18:56 - 2018-01-12 18:56 - 007040152 _____ (Solvusoft Corporation ) C:\Users\Lenka\Downloads\Setup_DriverDoc_2016.exe
2018-01-12 17:27 - 2018-01-12 17:27 - 000000000 ____D C:\Users\Lenka\Downloads\Pošta
2018-01-11 19:57 - 2018-01-11 20:00 - 000000000 ____D C:\Users\Lenka\Downloads\The Crown 2
2018-01-11 19:55 - 2018-01-11 19:57 - 000000000 ____D C:\Users\Lenka\Downloads\The Crown
2018-01-11 18:35 - 2018-01-11 18:35 - 000102829 _____ C:\Users\Lenka\Downloads\VypisZUctu_3660673204_3 (1).pdf
2018-01-09 19:56 - 2018-01-09 20:08 - 1084806217 _____ C:\Users\Lenka\Downloads\Most.Bron.Broen.S04E02.720p.WEB-DL.H.264.Cz.tit.mkv
2018-01-09 19:25 - 2018-01-09 19:55 - 1103708192 _____ C:\Users\Lenka\Downloads\Most.Bron.Broen.S04E01.720p.WEB-DL.H.264.Cz.tit.mkv
2018-01-09 19:24 - 2018-01-09 19:24 - 000038826 _____ C:\Users\Lenka\Downloads\Most-(Bron)-s04e02.srt
2018-01-09 19:23 - 2018-01-09 19:49 - 705062976 _____ C:\Users\Lenka\Downloads\Most-(Bron)-s04e02-(titulky-v-obraze-jsou-prekryte).mkv
2018-01-09 19:23 - 2018-01-09 19:49 - 702316366 _____ C:\Users\Lenka\Downloads\Most-(Bron)-s04e01-(titulky-v-obraze-jsou-prekryte).mkv
2018-01-09 19:23 - 2018-01-09 19:23 - 000032179 _____ C:\Users\Lenka\Downloads\Most-(Bron)-s04e01.srt
2018-01-09 18:33 - 2018-01-09 18:33 - 007172032 _____ (AVAST Software) C:\Users\Lenka\Downloads\avast_free_antivirus_setup_online.exe
2018-01-08 18:23 - 2018-01-08 18:26 - 000000000 ____D C:\Users\Lenka\Downloads\Počtyřech 1
2018-01-08 18:19 - 2018-01-08 18:23 - 000000000 ____D C:\Users\Lenka\Downloads\Počtyřech 2

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-07 16:12 - 2017-06-02 22:22 - 000669580 _____ C:\Windows\system32\perfh005.dat
2018-02-07 16:12 - 2017-06-02 22:22 - 000141738 _____ C:\Windows\system32\perfc005.dat
2018-02-07 16:12 - 2010-11-20 22:01 - 001586648 _____ C:\Windows\system32\PerfStringBackup.INI
2018-02-07 16:12 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2018-02-07 15:44 - 2017-06-02 09:11 - 000002178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-07 15:41 - 2009-07-14 05:34 - 000025680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-02-07 15:41 - 2009-07-14 05:34 - 000025680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-02-07 15:34 - 2017-06-03 14:40 - 000000000 ____D C:\Users\Lenka\AppData\LocalLow\Mozilla
2018-02-07 15:34 - 2017-06-03 14:26 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2018-02-07 15:34 - 2017-06-03 14:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-02-07 15:32 - 2017-11-23 15:44 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-02-07 15:32 - 2017-06-02 09:21 - 000000000 __SHD C:\Users\Lenka\IntelGraphicsProfiles
2018-02-07 15:31 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-02-06 18:18 - 2017-06-08 18:38 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2018-02-06 18:18 - 2017-06-08 18:38 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2018-02-06 18:18 - 2017-06-08 18:38 - 000000000 ____D C:\Windows\system32\Macromed
2018-02-03 17:43 - 2017-06-03 15:45 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\vlc
2018-02-03 14:46 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\NDF
2018-02-03 14:17 - 2017-06-02 09:19 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2018-02-02 13:51 - 2009-07-14 03:37 - 000000000 __RHD C:\Users\Public\Libraries
2018-01-23 17:13 - 2017-06-14 16:57 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\Canon
2018-01-20 11:18 - 2017-08-23 17:30 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\dvdcss
2018-01-16 16:46 - 2009-07-14 05:52 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-01-16 16:42 - 2017-10-03 17:44 - 000000000 ____D C:\Users\Lenka\Desktop\Moje
2018-01-13 14:33 - 2017-06-02 09:10 - 000000010 _____ C:\Windows\GSetup.ini
2018-01-13 14:22 - 2009-07-14 05:53 - 000032522 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-01-11 15:30 - 2017-06-02 16:14 - 000390256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-01-11 15:30 - 2017-06-02 16:14 - 000123880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-01-08 18:15 - 2009-07-14 05:33 - 000419688 _____ C:\Windows\system32\FNTCACHE.DAT

Some files in TEMP:
====================
2017-06-07 13:29 - 2017-07-09 14:31 - 000360600 _____ (Apowersoft) C:\Users\Lenka\AppData\Local\Temp\ApowersoftAutoUpdater.exe
2017-11-14 15:02 - 2017-11-14 15:20 - 000000000 _____ () C:\Users\Lenka\AppData\Local\Temp\{ABE7E03F-1556-438E-890B-59DBF6EF304C}-GoogleUpdateSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-28 11:41

==================== End of FRST.txt ============================

[joj]

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27.01.2018
Ran by Lenka (07-02-2018 16:21:18)
Running from C:\Users\Lenka\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2017-06-02 05:41:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1569389982-1034148263-1110634828-500 - Administrator - Disabled)
Guest (S-1-5-21-1569389982-1034148263-1110634828-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1569389982-1034148263-1110634828-1002 - Limited - Enabled)
Lenka (S-1-5-21-1569389982-1034148263-1110634828-1000 - Administrator - Enabled) => C:\Users\Lenka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Aimersoft Helper Compact 2.5.2 (HKLM\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft)
Aktualizace ovladače pro aplikaci Centrum zařízení Windows Mobile (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
Apowersoft Video Stahovač V6.2.3 (HKLM\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.2.3 - APOWERSOFT LIMITED)
Apple Mobile Device Support (HKLM\...\{2218B6FE-7215-4EC9-B0E7-F47674AFA2F5}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
ArcSoft PhotoBase 3 (HKLM\...\{C1D14C0D-FDAA-4DF2-8441-A902805CCE8C}) (Version: - )
ArcSoft PhotoStudio 5 (HKLM\...\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}) (Version: - )
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software)
BitTorrent (HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\...\BitTorrent) (Version: 7.10.0.43917 - BitTorrent Inc.)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform)
Centrum zařízení Windows Mobile (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
CrystalDiskInfo 7.5.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.5.0 - Crystal Dew World)
Disk Check 1.0 (HKLM\...\Disk Check_is1) (Version: - Puran Software)
Duplicate Cleaner Pro 3.2.6 (HKLM\...\Duplicate Cleaner Pro) (Version: 3.2.6 - DigitalVolcano Software Ltd)
Electrum (HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\...\Electrum) (Version: 3.0.2 - Electrum Technologies GmbH)
Google Drive (HKLM\...\{9BC95947-92FD-438B-A168-C01F9A5B7292}) (Version: 2.34.7529.6838 - Google, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 64.0.3282.140 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM\...\{583FEF17-F156-46E6-B26B-2ED76724834C}) (Version: 12.8.47.1 - HP Inc.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1035 - Intel Corporation)
Intel(R) Network Connections 21.1.29.0 (HKLM\...\PROSetDX) (Version: 21.1.29.0 - Intel)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) USB 3.0\3.1 eXtensible Host Controller Driver (HKLM\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 5.0.0.32 - Intel Corporation)
iTunes (HKLM\...\{BE5DD9B6-9DF7-4163-A39E-E2141C7A7488}) (Version: 12.6.2.20 - Apple Inc.)
KeepVid Pro(Build 6.4.1.1) (HKLM\...\KeepVid Pro_is1) (Version: 6.4.1.1 - KeepVid Studio)
Kodi (HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\...\Kodi) (Version: - XBMC-Foundation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft PhotoDraw 2000 Verze 2 (HKLM\...\{3C5EA394-1029-11D2-A2CB-00C04F72F31D}) (Version: 2.00.00.1118 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 58.0.1 (x86 cs) (HKLM\...\Mozilla Firefox 58.0.1 (x86 cs)) (Version: 58.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.1.6602 - Mozilla)
Podpora aplikací Apple (32bitová) (HKLM\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7989 - Realtek Semiconductor Corp.)
SafeZone Stable 4.58.2552.909 (HKLM\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 9.0a - Ghisler Software GmbH)
TP-Link PLC Utility (HKLM\...\{A79B7C66-DC26-417A-8BB5-B48721B45623}) (Version: 2.2.2758.8 - TP-Link) Hidden
TP-Link PLC Utility (HKLM\...\InstallShield_{A79B7C66-DC26-417A-8BB5-B48721B45623}) (Version: 2.2.2758.8 - TP-Link)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WD SSD Dashboard (HKLM\...\WD SSD Dashboard) (Version: 2.2.0.5 - Western Digital Corporation or its affiliates)
WD SSD Dashboard Service (HKLM\...\{33FF4CF4-2BC4-488F-9020-74AC3243979A}) (Version: 1.1.0 - Western Digital Corporation or its affiliates)
WinRAR 5.00 beta 6 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.6 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-12-21] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-12-21] (AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2017-11-10] (Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-06-19] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-12-21] (AVAST Software)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2017-11-10] (Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-12-21] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-06-19] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E49D47C-FCBE-4408-B8F5-941CDCD7F5EE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-06-02] (Google Inc.)
Task: {15A7807D-B6CC-4191-A9B8-0245BC1F96A8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_28_0_0_161_pepper.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {2D017C91-48C5-4F20-8872-9EE8F18804E6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-05-19] (Piriform Ltd)
Task: {3D4DDD64-B574-420F-9545-113FF23E1034} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation)
Task: {62D2D20A-0F5F-4773-9B6E-5B729D033D11} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {728C0A04-178A-489E-A5A8-0F57BB7EDD29} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {749907BB-8555-4AF8-84F4-8FB946DCDA25} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-01-06] (AVAST Software)
Task: {7854ACF2-09D2-474A-A7E5-F33072C04A98} - System32\Tasks\{DB243CD2-139A-49D4-B71F-AB3B8DED7F6C} => C:\Windows\system32\pcalua.exe -a "C:\Users\Lenka\Downloads\Nero 9+crack pre 32-64bit\Nero v9.4.13.2d.exe" -d "C:\Users\Lenka\Downloads\Nero 9+crack pre 32-64bit"
Task: {8410631E-5016-4C7D-BC90-6BBF2B88030E} - System32\Tasks\SafeZone scheduled Autoupdate 1496416633 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {84387F99-7D57-4701-9D80-DDD093FEE308} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-10-19] (HP Inc.)
Task: {A3A5A860-E3DD-4330-A011-8DF12F805DE6} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-12-21] (AVAST Software)
Task: {A4C87C0A-8201-439B-9DDC-4A36806B32D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-10-19] (HP Inc.)
Task: {E7FE6F83-3274-4087-9E70-0EA046A159A4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {F739755F-2968-463A-B0A8-D3728E69C81E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-06-02] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-12-21 16:28 - 2017-12-21 16:28 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-12-21 16:28 - 2017-12-21 16:28 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll
2017-12-21 16:28 - 2017-12-21 16:28 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-12-21 16:28 - 2017-12-21 16:28 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-12-21 16:28 - 2017-12-21 16:28 - 000196248 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
2018-02-06 19:58 - 2018-02-06 19:58 - 005777040 _____ () C:\Program Files\AVAST Software\Avast\defs\18020602\algo.dll
2017-12-21 16:28 - 2017-12-21 16:28 - 000745408 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-12-21 16:28 - 2017-12-21 16:28 - 000148936 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2017-12-21 16:28 - 2017-12-21 16:28 - 000293944 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-02-07 15:33 - 2018-02-07 15:33 - 005777040 _____ () C:\Program Files\AVAST Software\Avast\defs\18020700\algo.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-10-18 23:52 - 2017-10-18 23:52 - 001042232 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-05-08 23:45 - 2017-05-08 23:45 - 000080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-07-11 15:17 - 2017-07-11 15:17 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-12-21 16:28 - 2017-12-21 16:28 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-10-05 18:35 - 2016-10-08 16:03 - 001506304 _____ () C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\DAQExp.dll
2017-10-05 18:35 - 2016-07-21 09:54 - 000137728 _____ () C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\CBSCreateVC.dll
2017-10-05 18:35 - 2017-09-06 09:16 - 000033912 _____ () C:\Program Files\Keepvid\KeepVid Pro (Desktop)\KeepVidProUpdateHelper.exe
2017-07-14 10:28 - 2017-07-14 10:28 - 001041720 _____ () C:\Program Files\iTunes\libxml2.dll
2017-07-14 10:28 - 2017-07-14 10:28 - 000080184 _____ () C:\Program Files\iTunes\zlib1.dll
2017-05-19 19:17 - 2017-05-19 19:17 - 000065536 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2017-12-21 16:28 - 2017-12-21 16:28 - 000196816 _____ () c:\Program Files\AVAST Software\Avast\vaarclient.dll
2017-10-20 16:54 - 2017-10-20 16:54 - 000415216 _____ () C:\Windows\system32\igfxTray.exe
2016-10-05 20:17 - 2016-10-05 20:17 - 001243936 _____ () C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.3 - 10.0.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{71FFE616-4CE2-4F57-886D-430F17B14728}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{D989CE4D-9379-4FEE-AE79-A3AC458AC991}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D19E74B8-5E60-4787-8BB6-544240B5D62A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{551E3768-52B5-4D7A-9853-3F37A39AB47B}C:\windows.old\program files\apowersoft\video download capture 6\rtmpsrv.exe] => (Block) C:\windows.old\program files\apowersoft\video download capture 6\rtmpsrv.exe
FirewallRules: [UDP Query User{F374447C-E911-4AEF-A054-8356BBEFC2C3}C:\windows.old\program files\apowersoft\video download capture 6\rtmpsrv.exe] => (Block) C:\windows.old\program files\apowersoft\video download capture 6\rtmpsrv.exe
FirewallRules: [{47252CE5-6052-4DA9-9BE5-3AFCC3E92E57}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe
FirewallRules: [{E17267A1-FF37-480E-902E-7CEA16BE7F04}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe
FirewallRules: [{32D72335-8B32-43A3-AE00-4B0DF30CC5CE}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\rtmpsrv.exe
FirewallRules: [{7F458DDC-8C39-49F6-B3A9-95FBB758DAB0}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\rtmpsrv.exe
FirewallRules: [{5B0533AA-E0E1-4EFB-A441-AB31A18FBC6F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{57D7B94B-0D90-47AF-BC49-6A0D1701585C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{623EB767-D40E-43FC-B9DB-B881852BF135}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe
FirewallRules: [UDP Query User{4F13DA49-5DB3-4E29-87F5-C93D11B26332}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe
FirewallRules: [{FA593A41-FA0F-4122-B2D3-F1281DF9D6CB}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{4A1A063E-0943-450A-A7F2-47D3BB3B03FB}] => (Allow) C:\Users\Lenka\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{93692808-CA47-4AF2-A65C-63AEF9A2BE89}] => (Allow) C:\Users\Lenka\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{5AC50D73-0988-4B84-9D2D-3328A936B0BC}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{48EFD1F7-A881-49EE-B191-049F57136856}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{8E23D96A-942C-407E-9D01-FC987BB66053}] => (Allow) C:\Users\Lenka\AppData\Local\Temp\7zS6088\HPDiagnosticCoreUI.exe
FirewallRules: [{CCBD7907-F883-44D4-91BE-B7891450DF5B}] => (Allow) C:\Users\Lenka\AppData\Local\Temp\7zS6088\HPDiagnosticCoreUI.exe
FirewallRules: [{AB22B66E-D5DF-4D52-A8D7-5C7E079A4EE9}] => (Allow) C:\Users\Lenka\AppData\Local\Temp\7zS27CD\HPDiagnosticCoreUI.exe
FirewallRules: [{1B70C456-44B6-4A5D-8631-943370E325D2}] => (Allow) C:\Users\Lenka\AppData\Local\Temp\7zS27CD\HPDiagnosticCoreUI.exe
FirewallRules: [{7E310C54-91C7-4484-9796-7652FB7981BC}] => (Allow) C:\Users\Lenka\AppData\Local\Temp\7zS5A16\HPDiagnosticCoreUI.exe
FirewallRules: [{9C17C4BF-A7BB-4FAC-A8DF-CCE74ABC3073}] => (Allow) C:\Users\Lenka\AppData\Local\Temp\7zS5A16\HPDiagnosticCoreUI.exe
FirewallRules: [{8CC0F3DA-97A4-465B-B4C6-86AAA5D4CFD9}] => (Allow) C:\Users\Lenka\AppData\Local\Temp\7zS6A9B\HPDiagnosticCoreUI.exe
FirewallRules: [{FCF95937-AB59-4E47-84F5-6FC097820367}] => (Allow) C:\Users\Lenka\AppData\Local\Temp\7zS6A9B\HPDiagnosticCoreUI.exe
FirewallRules: [{6741E54F-F27B-4E5A-B4F8-D8C574C38329}] => (Allow) C:\Users\Lenka\AppData\Local\Temp\7zS7989\HPDiagnosticCoreUI.exe
FirewallRules: [{6A7C4345-6D0D-48B2-BE9D-2716FC928C7A}] => (Allow) C:\Users\Lenka\AppData\Local\Temp\7zS7989\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{CC1077E9-65F8-4330-93BA-C7C57434BD2F}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files\tp-link\tp-link plc utility\tpplc.exe
FirewallRules: [UDP Query User{0E1E2E50-7F42-4040-B1F0-0A90CA97E05B}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files\tp-link\tp-link plc utility\tpplc.exe
FirewallRules: [TCP Query User{65E13700-B2BE-47AF-99E8-D918D2A141A4}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Block) C:\program files\tp-link\tp-link plc utility\tpplc.exe
FirewallRules: [UDP Query User{F557EEF3-3829-4EED-911B-E787ED196FCA}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Block) C:\program files\tp-link\tp-link plc utility\tpplc.exe
FirewallRules: [{96D9CD57-4854-4F2D-AB14-74F6D1AFAA91}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

24-01-2018 17:39:58 Naplánovaný kontrolní bod
31-01-2018 18:01:45 Naplánovaný kontrolní bod
03-02-2018 14:16:16 Installed TP-Link PLC Utility
06-02-2018 22:04:42 aaa

==================== Faulty Device Manager Devices =============

Name: Myš Microsoft pro port PS/2
Description: Myš Microsoft pro port PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/07/2018 03:32:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/06/2018 11:56:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/05/2018 05:55:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/04/2018 10:03:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/03/2018 07:35:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11856

Error: (02/03/2018 07:35:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11856

Error: (02/03/2018 07:35:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/03/2018 07:35:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10857

Error: (02/03/2018 07:35:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10857

Error: (02/03/2018 07:35:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (02/07/2018 03:31:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Intel(R) Content Protection HECI Service neuspěla při spuštění v důsledku následující chyby:
Verze programu Intel(R) Content Protection HECI Service není kompatibilní se spuštěnou verzí systému Windows. Pomocí systémových informací o počítači zjistěte, zda potřebujete verzi programu pro procesor x86 (32bitový) nebo x64 (64bitový) a pak se obraťte na vydavatele softwaru.

Error: (02/06/2018 09:25:33 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Systém zjistil konflikt IP adresy 0.0.0.0 se systémem,
jehož síťová hardwarová adresa je 00-00-00-00-00-00. Síťové operace v systému mohou
být přerušeny.

Error: (02/06/2018 03:28:25 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Systém zjistil konflikt IP adresy 0.0.0.0 se systémem,
jehož síťová hardwarová adresa je 00-00-00-00-00-00. Síťové operace v systému mohou
být přerušeny.

Error: (02/06/2018 11:55:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Intel(R) Content Protection HECI Service neuspěla při spuštění v důsledku následující chyby:
Verze programu Intel(R) Content Protection HECI Service není kompatibilní se spuštěnou verzí systému Windows. Pomocí systémových informací o počítači zjistěte, zda potřebujete verzi programu pro procesor x86 (32bitový) nebo x64 (64bitový) a pak se obraťte na vydavatele softwaru.

Error: (02/05/2018 05:54:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Intel(R) Content Protection HECI Service neuspěla při spuštění v důsledku následující chyby:
Verze programu Intel(R) Content Protection HECI Service není kompatibilní se spuštěnou verzí systému Windows. Pomocí systémových informací o počítači zjistěte, zda potřebujete verzi programu pro procesor x86 (32bitový) nebo x64 (64bitový) a pak se obraťte na vydavatele softwaru.

Error: (02/04/2018 11:14:03 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Hlavní prohledávač přijal oznámení serveru od počítače LENOVO,
který se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{CEC3D050-C806-4EE6-9657-231DED88C20.
Hlavní prohledávač bude ukončen nebo bude vyvolána volba.

Error: (02/04/2018 10:02:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Intel(R) Content Protection HECI Service neuspěla při spuštění v důsledku následující chyby:
Verze programu Intel(R) Content Protection HECI Service není kompatibilní se spuštěnou verzí systému Windows. Pomocí systémových informací o počítači zjistěte, zda potřebujete verzi programu pro procesor x86 (32bitový) nebo x64 (64bitový) a pak se obraťte na vydavatele softwaru.

Error: (02/03/2018 08:12:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/03/2018 11:06:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Intel(R) Content Protection HECI Service neuspěla při spuštění v důsledku následující chyby:
Verze programu Intel(R) Content Protection HECI Service není kompatibilní se spuštěnou verzí systému Windows. Pomocí systémových informací o počítači zjistěte, zda potřebujete verzi programu pro procesor x86 (32bitový) nebo x64 (64bitový) a pak se obraťte na vydavatele softwaru.

Error: (02/03/2018 08:42:59 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby HPSupportSolutionsFrameworkService bylo dosaženo časového limitu (30000 ms).


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU G4500 @ 3.50GHz
Percentage of memory in use: 59%
Total physical RAM: 3230.98 MB
Available physical RAM: 1293.07 MB
Total Virtual: 6460.29 MB
Available Virtual: 4068.89 MB

==================== Drives ================================

Drive c: (SYSTEM 7) (Fixed) (Total:244.14 GB) (Free:63.77 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (STORE) (Fixed) (Total:454.49 GB) (Free:124.66 GB) NTFS
Drive e: (GIGABYTE) (CDROM) (Total:3.95 GB) (Free:0 GB) CDFS
Drive f: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Fixed) (Total:111.69 GB) (Free:72.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 03FE03FD)
Partition 1: (Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[Kodlz]

Na plose, tam kde mas umisteny FRST vytvor TXT soubor, ktery pojmenujes fixlist.txt a do nej vloz nasledujici text:

( Spusť znovu FRST a klikni na >Fix<. Po skončení akce se objeví log, který sem zkopíruj).

start
CreateRestorePoint:

CloseProcesses:

Hosts:

EmptyTemp:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\...\MountPoints2: {1a3863ce-476d-11e7-9c0d-806e6f6e6963} - E:\Run.exe
HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\...\MountPoints2: {e97c08e7-4785-11e7-aeaf-806e6f6e6963} - E:\Run.exe
Handler: WSKVAllmytubechrome - {91AB862D-07B8-4A85 - No File
S3 WsDrvInst; C:\Program Files\Wondershare\New TunesGo\DriverInstall.exe [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 NAVENG; \??\C:\Program Files\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20170602.003\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20170602.003\NAVEX15.SYS [X]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {7854ACF2-09D2-474A-A7E5-F33072C04A98} - System32\Tasks\{DB243CD2-139A-49D4-B71F-AB3B8DED7F6C} => C:\Windows\system32\pcalua.exe -a "C:\Users\Lenka\Downloads\Nero 9+crack pre 32-64bit\Nero v9.4.13.2d.exe" -d "C:\Users\Lenka\Downloads\Nero 9+crack pre 32-64bit"
Task: {F739755F-2968-463A-B0A8-D3728E69C81E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-06-02] (Google Inc.)

end

[joj]

Tak mi FRST při "fixování" zamrzl.

[Kodlz]

ok...
Stáhni AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Ulož na plochu
Ukonči všechny programy
Klikni nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vlož.

nasledne tento tool MBAM: http://forum.viry.cz/viewtopic.php?f=29&t=144868
-Nainstaluj,Vyber "Vlastní sken" a klikni na "Konfigurovat sken"
V okně "Konfigurace vlastního skenu" vyber všechny pevné disky a zatrhni možnost u "Hledat rootkity"
Kliknutím na Skenovat nyní začne MBAM pracovat.

-Log zkopíruj sem.

[joj]

# AdwCleaner 7.0.8.0 - Logfile created on Fri Feb 09 14:33:07 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 7 Professional (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\sh4ldr
Deleted: C:\sh4ldr


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

SearchProvider deleted: slunecnice.cz - slunecnice.cz


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [2461 B] - [2016/9/26 20:15:0]
C:/AdwCleaner/AdwCleaner[S0].txt - [2630 B] - [2016/9/26 20:14:7]
C:/AdwCleaner/AdwCleaner[S1].txt - [1310 B] - [2018/2/9 14:31:39]


########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

[joj]

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 09.02.18
Čas skenování: 15:41
Logovací soubor: 5d1cf72c-0da7-11e8-8532-1c1b0dc54e61.json
Správce: Ano

-Informace o softwaru-
Verze: 3.3.1.2183
Verze komponentů: 1.0.262
Aktualizovat verzi balíku komponent: 1.0.3908
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x86
Systém souborů: NTFS
Uživatel: Ferda\Lenka

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 612769
Zjištěné hrozby: 11
Hrozby umístěné do karantény: 7
Uplynulý čas: 3 hod, 7 min, 6 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 11
CrackTool.Agent, C:\USERS\LENKA\DOWNLOADS\INSTALAčKY\DUPLICATE CLEANER PRO 3.2.6 INCL _ [AMMAPETTAI.COM]\CRACK\CRACK.EXE, V karanténě, [66], [353139],1.0.3908
PUP.Optional.Solvusoft, C:\USERS\LENKA\DOWNLOADS\NEPOTVRZENO 421102.CRDOWNLOAD, V karanténě, [336], [331663],1.0.3908
PUP.Optional.Solvusoft, C:\USERS\LENKA\DOWNLOADS\SETUP_DRIVERDOC_2016.EXE, V karanténě, [336], [331663],1.0.3908
PUP.Optional.Solvusoft, C:\USERS\LENKA\DOWNLOADS\SETUP_DRIVERDOC_2016 (1).EXE, V karanténě, [336], [331663],1.0.3908
PUP.Optional.DriverAgent, C:\WINDOWS.OLD\PROGRAM FILES\ESUPPORT.COM\DRIVERAGENT\DRIVERAGENT.EXE, V karanténě, [2150], [345593],1.0.3908
Trojan.Injector, D:\$RECYCLE.BIN\S-1-5-21-1569389982-1034148263-1110634828-1000\$R9D3X9R.ZIP, V karanténě, [40], [300851],1.0.3908
PUP.Optional.SpyHunter, D:\INSTALAčKY\SPYHUNTER-INSTALLER.EXE, V karanténě, [883], [433139],1.0.3908
RiskWare.Tool.CK, H:\STAžENé SOUBORY\MICROSOFT-OFFICE-PROFESSIONAL-PLUS-2010-CZ-32-BIT-KEY\AKTIVáTOR\OFFICE 2010 TOOLKIT.EXE, Odstranění se nezdařilo, [234], [25649],1.0.3908
CrackTool.Agent, H:\STAžENé SOUBORY\DUPLICATE CLEANER PRO 3.2.6 INCL _ [AMMAPETTAI.COM].RAR, Odstranění se nezdařilo, [66], [353139],1.0.3908
PUP.Optional.DriverPack, H:\STAžENé SOUBORY\NEPOTVRZENO 461090.CRDOWNLOAD, Odstranění se nezdařilo, [1950], [354275],1.0.3908
PUP.Optional.DriverAgent, H:\STAžENé SOUBORY\DRIVERAGENT-SETUP-1383.EXE, Odstranění se nezdařilo, [2150], [345593],1.0.3908

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

[Kodlz]

zkus znovu FRST fix

[joj]

Fix result of Farbar Recovery Scan Tool (x86) Version: 08.02.2018
Ran by Lenka (10-02-2018 09:11:52) Run:2
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka (Available Profiles: Lenka)
Boot Mode: Normal

==============================================

fixlist content:
*****************
start
CreateRestorePoint:

CloseProcesses:

Hosts:

EmptyTemp:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\...\MountPoints2: {1a3863ce-476d-11e7-9c0d-806e6f6e6963} - E:\Run.exe
HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\...\MountPoints2: {e97c08e7-4785-11e7-aeaf-806e6f6e6963} - E:\Run.exe
Handler: WSKVAllmytubechrome - {91AB862D-07B8-4A85 - No File
S3 WsDrvInst; C:\Program Files\Wondershare\New TunesGo\DriverInstall.exe [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 NAVENG; \??\C:\Program Files\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20170602.003\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20170602.003\NAVEX15.SYS [X]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {7854ACF2-09D2-474A-A7E5-F33072C04A98} - System32\Tasks\{DB243CD2-139A-49D4-B71F-AB3B8DED7F6C} => C:\Windows\system32\pcalua.exe -a "C:\Users\Lenka\Downloads\Nero 9+crack pre 32-64bit\Nero v9.4.13.2d.exe" -d "C:\Users\Lenka\Downloads\Nero 9+crack pre 32-64bit"
Task: {F739755F-2968-463A-B0A8-D3728E69C81E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-06-02] (Google Inc.)

end

*****************

Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully.
"HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1a3863ce-476d-11e7-9c0d-806e6f6e6963}" => removed successfully.
HKLM\Software\Classes\CLSID\{1a3863ce-476d-11e7-9c0d-806e6f6e6963} => not found
HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e97c08e7-4785-11e7-aeaf-806e6f6e6963} => not found
HKLM\Software\Classes\CLSID\{e97c08e7-4785-11e7-aeaf-806e6f6e6963} => not found
HKLM\Software\Classes\PROTOCOLS\Handler\WSKVAllmytubechrome => not found
WsDrvInst => service not found.
gdrv => service not found.
NAVENG => service not found.
NAVEX15 => service not found.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => not found
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7854ACF2-09D2-474A-A7E5-F33072C04A98}" => removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7854ACF2-09D2-474A-A7E5-F33072C04A98} => not found
"C:\Windows\System32\Tasks\{DB243CD2-139A-49D4-B71F-AB3B8DED7F6C}" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DB243CD2-139A-49D4-B71F-AB3B8DED7F6C} => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F739755F-2968-463A-B0A8-D3728E69C81E} => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => not found

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15912844 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 24766 B
Edge => 0 B
Chrome => 519938663 B
Firefox => 16208177 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
LocalService => 0 B
NetworkService => 0 B
Lenka => 57977689 B

[Kodlz]

das mi prosim novy vypis z frst

[joj]

Odkaz http://www.bleepingcomputer.com/downloa ... scan-tool/ hlásí error 502.

[joj]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10.02.2018 02
Ran by Lenka (administrator) on FERDA (11-02-2018 12:09:22)
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka (Available Profiles: Lenka)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Western Digital Corporation or its affiliates) C:\Program Files\Western Digital\SSD Dashboard\WDSSDDashboardService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(AimerSoft) C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
() C:\Program Files\Keepvid\KeepVid Pro (Desktop)\KeepVidProUpdateHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Wondershare) C:\Program Files\Wondershare\WAF\2.4.3.230\WsAppService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [8046080 2016-11-17] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation)
HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [299504 2016-08-18] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2017-12-21] (AVAST Software)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-10-18] (Apple Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (AimerSoft)
HKLM\...\Run: [KeepVidProUpdateHelper.exe] => C:\Program Files\Keepvid\KeepVid Pro (Desktop)\KeepVidProUpdateHelper.exe [33912 2017-09-06] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [267064 2017-07-14] (Apple Inc.)
HKLM\...\Run: [NeroFilterCheck] => C:\Windows\system32\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7619288 2017-05-19] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.3 10.0.0.2
Tcpip\..\Interfaces\{CEC3D050-C806-4EE6-9657-231DED88C200}: [DhcpNameServer] 10.0.0.3 10.0.0.2

Internet Explorer:
==================
HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-09] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2017-06-02] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: KeepVid Pro 4.10.0 -> {F9B65201-3D7F-48DA-AAB3-57A6FAD648FD} -> C:\Program Files\Keepvid\KeepVid Pro (Desktop)\BrowserPlugin\KVBrowserAppMgr.dll [2017-09-06] ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2017-06-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-1569389982-1034148263-1110634828-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2017-06-02] (Google Inc.)

FireFox:
========
FF DefaultProfile: ic09uv5j.default
FF ProfilePath: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\ic09uv5j.default [2018-02-10]
FF Extension: (Flash Video Downloader) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\ic09uv5j.default\Extensions\artur.dubovoy@gmail.com.xpi [2018-02-03]
FF Extension: (Avast SafePrice) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\ic09uv5j.default\Extensions\sp@avast.com.xpi [2017-12-13]
FF Extension: (Avast Online Security) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\ic09uv5j.default\Extensions\wrc@avast.com.xpi [2017-10-06]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\ic09uv5j.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2018-01-14]
FF Extension: (Facebook Video Downloader) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\ic09uv5j.default\Extensions\{36ea170d-2586-45fb-9f48-5f6b6fd59da7}.xpi [2018-01-14]
FF HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\...\Firefox\Extensions: [KVAllmytube@KeepVid.com] - C:\Program Files\Keepvid\KeepVid Pro (Desktop)\BrowserPlugin\kvallmytube@keepvid.com_xpi
FF Extension: (KeepVid Pro) - C:\Program Files\Keepvid\KeepVid Pro (Desktop)\BrowserPlugin\kvallmytube@keepvid.com_xpi [2017-10-05] [Legacy]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-07-05]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.mysearchresults.com/?c=3523&t=01
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default [2018-02-11]
CHR Extension: (Překladač Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (Prezentace) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Twitter Secret Emoticons) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgogdobdhhbmdamdjmfomfdoobllbpd [2017-06-02]
CHR Extension: (Dokumenty) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-02]
CHR Extension: (YouTube) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-02]
CHR Extension: (Chrome IG Story) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2017-10-09]
CHR Extension: (Image Downloader) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2017-10-28]
CHR Extension: (Tipli do prohlížeče) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2017-11-25]
CHR Extension: (Video Downloader professional) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2017-08-03]
CHR Extension: (Avast SafePrice) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-23]
CHR Extension: (Bulk Image Downloader) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\facoldpeadablbngjnohbmgaehknhcaj [2018-01-14]
CHR Extension: (Tabulky) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (PhotoLive - Download Facebook Photos!) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpjnpabklnaaifclgealaepelncljadk [2018-01-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-04]
CHR Extension: (Avast Online Security) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-16]
CHR Extension: (Video Downloader GetThemAll) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm [2017-08-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Transcribe: transcribe audio/interviews fast!) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogokenmicnjdfhmhocanoemnddmpcjjm [2017-06-02]
CHR Extension: (Gmail) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-02]
CHR Extension: (Chrome Media Router) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-07]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5906816 2017-12-21] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2017-12-21] (AVAST Software)
S2 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [494056 2017-10-20] (Intel Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [310768 2017-10-20] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [737576 2016-07-26] (Intel(R) Corporation)
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [258104 2016-08-24] (Intel Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-05] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4563920 2017-11-01] (Malwarebytes)
R2 WD SSD Dashboard Service; C:\Program Files\Western Digital\SSD Dashboard\WDSSDDashboardService.exe [1706496 2016-11-15] (Western Digital Corporation or its affiliates) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.230\WsAppService.exe [493280 2017-09-27] (Wondershare)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [158224 2017-12-21] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [255584 2017-12-21] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [157376 2017-12-21] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [276696 2017-12-21] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [50344 2017-12-21] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [118144 2017-12-21] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42824 2017-12-21] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [39784 2017-09-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [123880 2018-01-11] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [99528 2017-12-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [70832 2017-12-21] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783104 2017-12-21] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [390256 2018-01-11] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [151328 2017-12-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [294680 2017-12-21] (AVAST Software)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d6232.sys [424400 2016-07-26] (Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [59896 2017-11-29] ()
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [623096 2016-09-20] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28128 2016-09-20] (Intel Corporation)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [402432 2016-08-18] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [829952 2016-08-18] (Intel Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [168376 2018-02-09] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [91576 2018-02-11] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [40376 2018-02-11] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [221112 2018-02-09] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [65824 2018-02-11] (Malwarebytes)
R3 MEI; C:\Windows\System32\DRIVERS\TeeDriver.sys [170560 2016-09-22] (Intel Corporation)
S3 NAL; C:\Windows\system32\Drivers\iqvw32.sys [44496 2016-09-01] (Intel Corporation )
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-01-02] (Riverbed Technology, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-11 12:06 - 2018-02-11 12:06 - 001764352 _____ (Farbar) C:\Users\Lenka\Desktop\FRST.exe
2018-02-11 10:43 - 2018-02-11 10:43 - 000418605 _____ C:\Users\Lenka\Downloads\Recovery (4).html
2018-02-11 10:28 - 2018-02-11 10:28 - 000065313 _____ C:\Users\Lenka\Downloads\Secret Teachings (5).html
2018-02-11 08:54 - 2018-02-11 08:54 - 000091576 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-02-11 08:54 - 2018-02-11 08:54 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-02-10 22:12 - 2018-02-10 22:12 - 001159473 _____ C:\Users\Lenka\Downloads\anytime you want (10).html
2018-02-10 17:13 - 2018-02-10 17:13 - 005132489 _____ C:\Users\Lenka\Downloads\ashlynharris24-2018-02-10T17_13_52+01_00.zip
2018-02-10 16:36 - 2018-02-10 16:36 - 000158450 _____ C:\Users\Lenka\Downloads\Spy Game(2).html
2018-02-10 12:08 - 2018-02-10 12:08 - 000153948 _____ C:\Users\Lenka\Downloads\brortattoos-2018-02-10T12_08_28+01_00.zip
2018-02-10 09:09 - 2018-02-10 09:09 - 002914691 _____ C:\Users\Lenka\Downloads\ashlynharris24-2018-02-10T09_09_08+01_00.zip
2018-02-10 09:04 - 2018-02-11 09:58 - 000065824 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-02-09 20:00 - 2018-02-09 20:00 - 000481326 _____ C:\Users\Lenka\Downloads\CZ Manuál - Chromecast2.pdf
2018-02-09 15:37 - 2018-02-11 08:55 - 000040376 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-02-09 15:37 - 2018-02-09 15:37 - 000221112 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-02-09 15:37 - 2018-02-09 15:37 - 000168376 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-02-09 15:37 - 2018-02-09 15:37 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-02-09 15:37 - 2018-02-09 15:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-02-09 15:37 - 2018-02-09 15:37 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-02-09 15:37 - 2018-02-09 15:37 - 000000000 ____D C:\Program Files\Malwarebytes
2018-02-09 15:37 - 2017-11-29 09:11 - 000059896 _____ C:\Windows\system32\Drivers\mbae.sys
2018-02-09 15:28 - 2018-02-09 15:29 - 075593968 _____ (Malwarebytes ) C:\Users\Lenka\Desktop\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3898.exe
2018-02-09 15:27 - 2018-02-09 15:27 - 008222496 _____ (Malwarebytes) C:\Users\Lenka\Desktop\adwcleaner_7.0.8.0.exe
2018-02-08 21:22 - 2018-02-08 21:22 - 000000000 ___HD C:\$AV_ASW
2018-02-08 19:34 - 2018-02-08 19:34 - 000632036 _____ C:\Users\Lenka\Downloads\You.html
2018-02-08 19:28 - 2018-02-08 19:28 - 000397677 _____ C:\Users\Lenka\Downloads\Doing Life(9).html
2018-02-08 18:22 - 2018-02-08 18:22 - 000287008 _____ C:\Users\Lenka\Downloads\Different(3).html
2018-02-08 17:24 - 2018-02-08 17:25 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\Serviio-Console-Wrapper
2018-02-08 17:20 - 2018-02-08 17:20 - 000000000 ____D C:\ProgramData\Oracle
2018-02-08 17:17 - 2018-02-08 17:19 - 140150880 _____ C:\Users\Lenka\Downloads\serviio-1.9-win-setup.exe
2018-02-08 16:44 - 2018-02-10 09:13 - 000004076 _____ C:\Users\Lenka\Desktop\Fixlog.txt
2018-02-08 16:44 - 2018-02-08 16:44 - 000000000 ____D C:\Users\Lenka\Desktop\FRST-OlderVersion
2018-02-08 16:32 - 2018-02-08 16:32 - 000010355 _____ C:\Users\Lenka\AppData\Local\WiDiSetupLog.20180208.163203.txt
2018-02-08 16:26 - 2018-02-10 09:11 - 000001342 _____ C:\Users\Lenka\Desktop\fixlist.txt
2018-02-08 16:26 - 2018-02-08 16:29 - 268993991 _____ C:\Users\Lenka\Downloads\intel-wireless-display-software-widi_3.5.40.0.exe
2018-02-08 16:18 - 2018-02-08 16:18 - 000000000 ____D C:\Users\Lenka\AppData\Local\Intel WiDi
2018-02-08 15:57 - 2018-02-08 15:59 - 128588840 _____ (Intel Corporation) C:\Users\Lenka\Downloads\Setup.exe
2018-02-07 16:06 - 2018-02-07 16:21 - 000032020 _____ C:\Users\Lenka\Desktop\Addition.txt
2018-02-07 16:05 - 2018-02-11 12:10 - 000017831 _____ C:\Users\Lenka\Desktop\FRST.txt
2018-02-07 16:05 - 2018-02-11 12:09 - 000000000 ____D C:\FRST
2018-02-06 22:05 - 2018-02-06 22:05 - 000000000 ____D C:\Program Files\trend micro
2018-02-06 19:21 - 2018-02-06 19:21 - 000055339 _____ C:\Users\Lenka\Downloads\Katalog_2013_Prehled_konektoru.pdf
2018-02-06 19:18 - 2018-02-06 19:18 - 000711889 _____ C:\Users\Lenka\Downloads\N_EIM_1H_Navod_obecny_na_instalaci_vyrobku_ABB.pdf
2018-02-06 18:29 - 2018-02-06 18:30 - 002811217 _____ C:\Users\Lenka\Downloads\Freedoms Just Another Word (1).html
2018-02-04 19:45 - 2018-02-04 19:45 - 000392833 _____ C:\Users\Lenka\Downloads\Will you hold it against (6).html
2018-02-04 19:25 - 2018-02-04 19:25 - 000056429 _____ C:\Users\Lenka\Downloads\Secret Teachings (4).html
2018-02-04 19:02 - 2018-02-04 19:02 - 001112732 _____ C:\Users\Lenka\Downloads\anytime you want (9).html
2018-02-04 17:44 - 2018-02-04 17:54 - 784691685 _____ C:\Users\Lenka\Downloads\Hra o trony S07E07 720p CZ dabing.mkv
2018-02-04 12:32 - 2018-02-04 12:32 - 000115894 _____ C:\Users\Lenka\Downloads\Suddenly I Know Nothing (6).html
2018-02-03 14:17 - 2018-02-03 14:17 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\Macromedia
2018-02-03 14:16 - 2018-02-03 14:16 - 000002091 _____ C:\Users\Public\Desktop\tpPLC.lnk
2018-02-03 14:16 - 2018-02-03 14:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-Link
2018-02-03 14:16 - 2018-02-03 14:16 - 000000000 ____D C:\Program Files\TP-Link
2018-02-03 13:47 - 2018-02-03 13:58 - 308874155 _____ C:\Users\Lenka\Downloads\Greys.Anatomy.S14E11.HDTV.x264-KILLERS.mkv
2018-02-03 13:46 - 2018-02-03 14:00 - 510488302 _____ C:\Users\Lenka\Downloads\V_pasti.S01E05.TVRip.XviD.CZ.avi
2018-02-03 13:46 - 2018-02-03 13:58 - 423755894 _____ C:\Users\Lenka\Downloads\V pasti s01e06 (krimi 2016) CZ dab.avi
2018-02-01 16:25 - 2018-02-01 16:25 - 000033870 _____ C:\Users\Lenka\Desktop\5CF4ABFE8747.cfg
2018-02-01 15:56 - 2018-02-01 16:36 - 1095186966 _____ C:\Users\Lenka\Downloads\Most.Bron.Broen.S04E05.720p.WEB-DL.H.264.Cz.tit.mkv
2018-01-30 20:08 - 2018-01-30 20:08 - 003832670 _____ C:\Users\Lenka\Downloads\1910012098_TL-WPA4220_V3_User Guide.pdf
2018-01-30 20:07 - 2018-01-30 20:07 - 001418104 _____ C:\Users\Lenka\Downloads\TL-WPA4220KIT_V1_UG (1).pdf
2018-01-28 18:56 - 2018-01-28 18:56 - 001418104 _____ C:\Users\Lenka\Downloads\TL-WPA4220KIT_V1_UG.pdf
2018-01-26 16:54 - 2018-01-26 16:54 - 000056608 _____ C:\Users\Lenka\Downloads\A180118_JAN_011_DANE_2017_MALY3.XLSX
2018-01-26 16:53 - 2018-01-26 16:54 - 000237874 _____ C:\Users\Lenka\Downloads\A180115_JAN_021_DANE_2017_SESLEVOU.XLSX
2018-01-24 19:50 - 2018-01-24 19:50 - 000047431 _____ C:\Users\Lenka\Downloads\Secret Teachings (3).html
2018-01-24 18:58 - 2018-01-24 19:11 - 1111739012 _____ C:\Users\Lenka\Downloads\Most.Bron.Broen.S04E04.720p.WEB-DL.H.264.Cz.tit.mkv
2018-01-24 18:55 - 2018-01-24 18:55 - 000000000 ____D C:\Users\Lenka\Downloads\Greys-Anatomy-12x032
2018-01-24 18:31 - 2018-01-24 18:31 - 001018260 _____ C:\Users\Lenka\Downloads\anytime you want (8).html
2018-01-24 17:55 - 2018-01-24 17:55 - 000067225 _____ C:\Users\Lenka\Downloads\Spy Game (1).html
2018-01-24 16:22 - 2018-01-24 16:22 - 000779389 _____ C:\Users\Lenka\Downloads\Bending the Rules (4).html
2018-01-23 17:20 - 2018-01-23 17:20 - 001128514 _____ C:\Users\Lenka\Downloads\25416000719_0 (1).pdf
2018-01-22 19:24 - 2018-01-22 19:24 - 000055921 _____ C:\Users\Lenka\Downloads\Shes Not Just Another Girl (1).html
2018-01-22 18:37 - 2018-01-22 18:37 - 000198819 _____ C:\Users\Lenka\Downloads\Different (2).html
2018-01-21 19:41 - 2018-01-21 19:41 - 000184324 _____ C:\Users\Lenka\Downloads\Different (1).html
2018-01-21 18:15 - 2018-01-21 18:15 - 000032917 _____ C:\Users\Lenka\Downloads\Life on Mars.html
2018-01-21 18:09 - 2018-01-21 18:09 - 001128514 _____ C:\Users\Lenka\Downloads\25416000719_0.pdf
2018-01-21 16:11 - 2018-01-21 16:11 - 001397535 _____ C:\Users\Lenka\Downloads\netis_E1+_Datasheet.pdf
2018-01-21 15:30 - 2018-01-21 15:30 - 000178184 _____ C:\Users\Lenka\Desktop\6142257869_728.pdf
2018-01-21 11:40 - 2018-01-21 11:40 - 000996215 _____ C:\Users\Lenka\Downloads\anytime you want (7).html
2018-01-21 10:43 - 2018-01-21 10:43 - 000020742 _____ C:\Users\Lenka\Downloads\POWERFUL.html
2018-01-20 22:33 - 2018-01-20 22:33 - 000207054 _____ C:\Users\Lenka\Downloads\Chasing Pavements (2).html
2018-01-20 18:57 - 2018-01-20 18:57 - 000057664 _____ C:\Users\Lenka\Downloads\Keeping Home (2).html
2018-01-20 17:24 - 2018-01-20 17:24 - 000830693 _____ C:\Users\Lenka\Downloads\The Teacher (1).html
2018-01-20 14:26 - 2018-01-20 14:26 - 000032481 _____ C:\Users\Lenka\Downloads\Spy Game.html
2018-01-19 19:57 - 2018-01-19 19:57 - 000224844 _____ C:\Users\Lenka\Downloads\Out of the Shadows 2 The.html
2018-01-19 18:45 - 2018-01-19 19:00 - 272910343 _____ C:\Users\Lenka\Downloads\Greys.Anatomy.S14E09.HDTV.x264-SVA.mkv
2018-01-18 18:15 - 2018-01-18 18:15 - 032024776 _____ C:\Users\Lenka\Downloads\vlc-2.2.8-win64 (1).exe
2018-01-18 16:59 - 2018-01-18 16:59 - 032024776 _____ C:\Users\Lenka\Downloads\vlc-2.2.8-win64.exe
2018-01-18 16:47 - 2018-02-08 16:46 - 000000000 ____D C:\Users\Lenka\AppData\LocalLow\Temp
2018-01-18 16:18 - 2018-01-18 16:18 - 000973965 _____ C:\Users\Lenka\Downloads\anytime you want (6).html
2018-01-17 18:19 - 2018-01-17 18:19 - 000056553 _____ C:\Users\Lenka\Downloads\A180115_JAN_021_DANE_2017_MALY2.XLSX
2018-01-16 22:03 - 2018-01-16 22:16 - 1110895906 _____ C:\Users\Lenka\Downloads\Most.Bron.Broen.S04E03.720p.WEB-DL.H.264.Cz.tit (1).mkv
2018-01-16 21:32 - 2018-01-16 21:32 - 000911295 _____ C:\Users\Lenka\Downloads\AntiTwin_Setup.exe
2018-01-16 19:28 - 2018-01-16 19:28 - 000097016 _____ C:\Users\Lenka\Downloads\Suddenly I Know Nothing (5).html
2018-01-16 19:17 - 2018-01-16 19:17 - 000383854 _____ C:\Users\Lenka\Downloads\Will you hold it against (5).html
2018-01-16 18:59 - 2018-01-16 18:59 - 000256381 _____ C:\Users\Lenka\Downloads\Mad World (1).html
2018-01-16 16:43 - 2018-01-16 16:43 - 000074110 _____ C:\Users\Lenka\Downloads\2506-0873500947-148916111.pdf
2018-01-15 21:58 - 2018-01-15 21:58 - 000183349 _____ C:\Users\Lenka\Downloads\Chasing Pavements (1).html
2018-01-15 21:13 - 2018-01-15 21:26 - 1110895906 _____ C:\Users\Lenka\Downloads\Most.Bron.Broen.S04E03.720p.WEB-DL.H.264.Cz.tit.mkv
2018-01-14 22:00 - 2018-01-14 22:00 - 006975080 _____ (Antibody Software ) C:\Users\Lenka\Downloads\bid_5_18_setup.exe
2018-01-14 18:57 - 2018-01-14 18:57 - 000342150 _____ C:\Users\Lenka\Downloads\Doing Life (8).html
2018-01-14 16:20 - 2018-01-14 17:19 - 1104506158 _____ C:\Users\Lenka\Downloads\House of Cards S05E13 CzTit.avi
2018-01-14 16:20 - 2018-01-14 17:19 - 1091851740 _____ C:\Users\Lenka\Downloads\House of Cards S05E12 CzTit.avi
2018-01-14 16:20 - 2018-01-14 17:16 - 1012549154 _____ C:\Users\Lenka\Downloads\House of Cards S05E10 CzTit.avi
2018-01-14 16:20 - 2018-01-14 17:10 - 811772242 _____ C:\Users\Lenka\Downloads\House of Cards S05E11 CzTit.avi
2018-01-14 16:18 - 2018-01-14 17:17 - 1350357534 _____ C:\Users\Lenka\Downloads\House of Cards S05E09 CzTit.avi
2018-01-14 14:00 - 2018-01-14 14:30 - 1358231848 _____ C:\Users\Lenka\Downloads\House of Cards S05E08 CzTit.avi
2018-01-14 14:00 - 2018-01-14 14:28 - 1199796574 _____ C:\Users\Lenka\Downloads\House of Cards S05E07 CzTit.avi
2018-01-14 13:18 - 2018-01-14 13:44 - 1205334512 _____ C:\Users\Lenka\Downloads\House of Cards S05E05 CzTit.avi
2018-01-14 13:18 - 2018-01-14 13:44 - 1004741650 _____ C:\Users\Lenka\Downloads\House of Cards S05E06 CzTit.avi
2018-01-14 11:47 - 2018-01-14 12:12 - 1129981704 _____ C:\Users\Lenka\Downloads\House of Cards S05E04 CzTit.avi
2018-01-14 11:47 - 2018-01-14 12:10 - 1021130586 _____ C:\Users\Lenka\Downloads\House of Cards S05E03 CzTit.avi
2018-01-14 10:49 - 2018-01-14 11:17 - 1166863252 _____ C:\Users\Lenka\Downloads\House of Cards S05E01 CzTit.avi
2018-01-14 10:49 - 2018-01-14 11:16 - 1300840528 _____ C:\Users\Lenka\Downloads\House of Cards S05E02 CzTit.avi
2018-01-14 10:33 - 2018-01-14 10:33 - 000732377 _____ C:\Users\Lenka\Downloads\Bending the Rules (3).html
2018-01-13 19:34 - 2018-01-13 19:34 - 000035550 _____ C:\Users\Lenka\Downloads\Secret Teachings (2).html
2018-01-13 19:07 - 2018-01-13 19:07 - 000270178 _____ C:\Users\Lenka\Downloads\The Sea (3).html
2018-01-13 18:18 - 2018-01-13 18:18 - 000143932 _____ C:\Users\Lenka\Downloads\Different.html
2018-01-13 15:07 - 2018-01-13 15:19 - 996570072 _____ C:\Users\Lenka\Downloads\Po Strništi Bos (2017)(cz).avi
2018-01-12 17:27 - 2018-01-12 17:27 - 000000000 ____D C:\Users\Lenka\Downloads\Pošta

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-11 09:05 - 2009-07-14 05:34 - 000025680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-02-11 09:05 - 2009-07-14 05:34 - 000025680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-02-11 08:55 - 2017-11-23 15:44 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-02-11 08:55 - 2017-06-02 09:21 - 000000000 __SHD C:\Users\Lenka\IntelGraphicsProfiles
2018-02-11 08:54 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-02-10 20:06 - 2017-06-03 15:45 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\vlc
2018-02-10 20:05 - 2017-06-02 22:22 - 000669580 _____ C:\Windows\system32\perfh005.dat
2018-02-10 20:05 - 2017-06-02 22:22 - 000141738 _____ C:\Windows\system32\perfc005.dat
2018-02-10 20:05 - 2010-11-20 22:01 - 001586648 _____ C:\Windows\system32\PerfStringBackup.INI
2018-02-10 20:05 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2018-02-10 16:42 - 2017-12-24 14:20 - 000000000 ____D C:\Users\Lenka\Downloads\ali krieger _ Tumblr_files
2018-02-10 16:42 - 2017-12-09 08:52 - 000000000 ____D C:\Users\Lenka\Downloads\Ali Krieger (@alikrieger) • Fotky a videa na Instagramu_files
2018-02-10 16:42 - 2017-10-15 21:24 - 000000000 ____D C:\Users\Lenka\Downloads\It All Started with a Drunken Night - bdridge - Women's Soccer RPF [Archive of Our Own]_files
2018-02-10 16:42 - 2017-10-15 18:22 - 000000000 ____D C:\Users\Lenka\Downloads\Just What I've Been Looking For - LDaniels - Women's Soccer RPF [Archive of Our Own]_files
2018-02-09 15:33 - 2016-09-26 21:12 - 000000000 ____D C:\AdwCleaner
2018-02-08 16:50 - 2017-06-03 14:40 - 000000000 ____D C:\Users\Lenka\AppData\LocalLow\Mozilla
2018-02-08 14:42 - 2017-06-03 14:26 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2018-02-08 14:42 - 2017-06-03 14:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-02-07 15:44 - 2017-06-02 09:11 - 000002178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-06 18:18 - 2017-06-08 18:38 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2018-02-06 18:18 - 2017-06-08 18:38 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2018-02-06 18:18 - 2017-06-08 18:38 - 000000000 ____D C:\Windows\system32\Macromed
2018-02-03 14:46 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\NDF
2018-02-03 14:17 - 2017-06-02 09:19 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2018-02-02 13:51 - 2009-07-14 03:37 - 000000000 __RHD C:\Users\Public\Libraries
2018-01-23 17:13 - 2017-06-14 16:57 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\Canon
2018-01-20 11:18 - 2017-08-23 17:30 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\dvdcss
2018-01-16 16:46 - 2009-07-14 05:52 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-01-16 16:42 - 2017-10-03 17:44 - 000000000 ____D C:\Users\Lenka\Desktop\Moje
2018-01-13 14:33 - 2017-06-02 09:10 - 000000010 _____ C:\Windows\GSetup.ini
2018-01-13 14:22 - 2009-07-14 05:53 - 000032522 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2018-02-08 16:32 - 2018-02-08 16:32 - 000010355 _____ () C:\Users\Lenka\AppData\Local\WiDiSetupLog.20180208.163203.txt

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-07 16:43

==================== End of FRST.txt ============================

[joj]

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10.02.2018 02
Ran by Lenka (11-02-2018 12:10:13)
Running from C:\Users\Lenka\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2017-06-02 05:41:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1569389982-1034148263-1110634828-500 - Administrator - Disabled)
Guest (S-1-5-21-1569389982-1034148263-1110634828-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1569389982-1034148263-1110634828-1002 - Limited - Enabled)
Lenka (S-1-5-21-1569389982-1034148263-1110634828-1000 - Administrator - Enabled) => C:\Users\Lenka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Aimersoft Helper Compact 2.5.2 (HKLM\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft)
Aktualizace ovladače pro aplikaci Centrum zařízení Windows Mobile (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
Apowersoft Video Stahovač V6.2.3 (HKLM\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.2.3 - APOWERSOFT LIMITED)
Apple Mobile Device Support (HKLM\...\{2218B6FE-7215-4EC9-B0E7-F47674AFA2F5}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
ArcSoft PhotoBase 3 (HKLM\...\{C1D14C0D-FDAA-4DF2-8441-A902805CCE8C}) (Version: - )
ArcSoft PhotoStudio 5 (HKLM\...\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}) (Version: - )
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software)
BitTorrent (HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\...\BitTorrent) (Version: 7.10.0.43917 - BitTorrent Inc.)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform)
Centrum zařízení Windows Mobile (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
CrystalDiskInfo 7.5.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.5.0 - Crystal Dew World)
Disk Check 1.0 (HKLM\...\Disk Check_is1) (Version: - Puran Software)
Duplicate Cleaner Pro 3.2.6 (HKLM\...\Duplicate Cleaner Pro) (Version: 3.2.6 - DigitalVolcano Software Ltd)
Electrum (HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\...\Electrum) (Version: 3.0.2 - Electrum Technologies GmbH)
Google Drive (HKLM\...\{9BC95947-92FD-438B-A168-C01F9A5B7292}) (Version: 2.34.7529.6838 - Google, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 64.0.3282.140 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM\...\{583FEF17-F156-46E6-B26B-2ED76724834C}) (Version: 12.8.47.1 - HP Inc.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1035 - Intel Corporation)
Intel(R) Network Connections 21.1.29.0 (HKLM\...\PROSetDX) (Version: 21.1.29.0 - Intel)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) USB 3.0\3.1 eXtensible Host Controller Driver (HKLM\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 5.0.0.32 - Intel Corporation)
iTunes (HKLM\...\{BE5DD9B6-9DF7-4163-A39E-E2141C7A7488}) (Version: 12.6.2.20 - Apple Inc.)
KeepVid Pro(Build 6.4.1.1) (HKLM\...\KeepVid Pro_is1) (Version: 6.4.1.1 - KeepVid Studio)
Kodi (HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\...\Kodi) (Version: - XBMC-Foundation)
Malwarebytes verze 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft PhotoDraw 2000 Verze 2 (HKLM\...\{3C5EA394-1029-11D2-A2CB-00C04F72F31D}) (Version: 2.00.00.1118 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 58.0.1 (x86 cs) (HKLM\...\Mozilla Firefox 58.0.1 (x86 cs)) (Version: 58.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.1.6602 - Mozilla)
Podpora aplikací Apple (32bitová) (HKLM\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7989 - Realtek Semiconductor Corp.)
SafeZone Stable 4.58.2552.909 (HKLM\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 9.0a - Ghisler Software GmbH)
TP-Link PLC Utility (HKLM\...\{A79B7C66-DC26-417A-8BB5-B48721B45623}) (Version: 2.2.2758.8 - TP-Link) Hidden
TP-Link PLC Utility (HKLM\...\InstallShield_{A79B7C66-DC26-417A-8BB5-B48721B45623}) (Version: 2.2.2758.8 - TP-Link)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WD SSD Dashboard (HKLM\...\WD SSD Dashboard) (Version: 2.2.0.5 - Western Digital Corporation or its affiliates)
WD SSD Dashboard Service (HKLM\...\{33FF4CF4-2BC4-488F-9020-74AC3243979A}) (Version: 1.1.0 - Western Digital Corporation or its affiliates)
WinRAR 5.00 beta 6 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.6 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-12-21] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-12-21] (AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2017-11-10] (Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-06-19] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-12-21] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2017-11-10] (Google)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-12-21] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-06-19] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E49D47C-FCBE-4408-B8F5-941CDCD7F5EE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-06-02] (Google Inc.)
Task: {15A7807D-B6CC-4191-A9B8-0245BC1F96A8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_28_0_0_161_pepper.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {2D017C91-48C5-4F20-8872-9EE8F18804E6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-05-19] (Piriform Ltd)
Task: {3D4DDD64-B574-420F-9545-113FF23E1034} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation)
Task: {62D2D20A-0F5F-4773-9B6E-5B729D033D11} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {728C0A04-178A-489E-A5A8-0F57BB7EDD29} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {749907BB-8555-4AF8-84F4-8FB946DCDA25} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-01-06] (AVAST Software)
Task: {8410631E-5016-4C7D-BC90-6BBF2B88030E} - System32\Tasks\SafeZone scheduled Autoupdate 1496416633 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {84387F99-7D57-4701-9D80-DDD093FEE308} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-10-19] (HP Inc.)
Task: {A3A5A860-E3DD-4330-A011-8DF12F805DE6} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-12-21] (AVAST Software)
Task: {A4C87C0A-8201-439B-9DDC-4A36806B32D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-10-19] (HP Inc.)
Task: {E7FE6F83-3274-4087-9E70-0EA046A159A4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-12-21 16:28 - 2017-12-21 16:28 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-12-21 16:28 - 2017-12-21 16:28 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll
2017-12-21 16:28 - 2017-12-21 16:28 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-12-21 16:28 - 2017-12-21 16:28 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-12-21 16:28 - 2017-12-21 16:28 - 000196248 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
2018-02-10 16:58 - 2018-02-10 16:58 - 005777552 _____ () C:\Program Files\AVAST Software\Avast\defs\18021000\algo.dll
2017-12-21 16:28 - 2017-12-21 16:28 - 000745408 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-12-21 16:28 - 2017-12-21 16:28 - 000148936 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2017-12-21 16:28 - 2017-12-21 16:28 - 000293944 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-10-18 23:52 - 2017-10-18 23:52 - 001042232 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-05-08 23:45 - 2017-05-08 23:45 - 000080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-07-11 15:17 - 2017-07-11 15:17 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-12-21 16:28 - 2017-12-21 16:28 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-10-05 18:35 - 2016-10-08 16:03 - 001506304 _____ () C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\DAQExp.dll
2017-10-05 18:35 - 2016-07-21 09:54 - 000137728 _____ () C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\CBSCreateVC.dll
2017-10-05 18:35 - 2017-09-06 09:16 - 000033912 _____ () C:\Program Files\Keepvid\KeepVid Pro (Desktop)\KeepVidProUpdateHelper.exe
2017-07-14 10:28 - 2017-07-14 10:28 - 001041720 _____ () C:\Program Files\iTunes\libxml2.dll
2017-07-14 10:28 - 2017-07-14 10:28 - 000080184 _____ () C:\Program Files\iTunes\zlib1.dll
2017-05-19 19:17 - 2017-05-19 19:17 - 000065536 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-02-09 15:37 - 2017-11-29 09:11 - 001934792 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-02-09 15:37 - 2017-11-29 09:11 - 001798608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-12-21 16:28 - 2017-12-21 16:28 - 000196816 _____ () c:\Program Files\AVAST Software\Avast\vaarclient.dll
2017-10-20 16:54 - 2017-10-20 16:54 - 000415216 _____ () C:\Windows\system32\igfxTray.exe
2016-10-05 20:17 - 2016-10-05 20:17 - 001243936 _____ () C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2018-02-10 09:12 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1569389982-1034148263-1110634828-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.3 - 10.0.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{71FFE616-4CE2-4F57-886D-430F17B14728}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{D989CE4D-9379-4FEE-AE79-A3AC458AC991}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D19E74B8-5E60-4787-8BB6-544240B5D62A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{551E3768-52B5-4D7A-9853-3F37A39AB47B}C:\windows.old\program files\apowersoft\video download capture 6\rtmpsrv.exe] => (Block) C:\windows.old\program files\apowersoft\video download capture 6\rtmpsrv.exe
FirewallRules: [UDP Query User{F374447C-E911-4AEF-A054-8356BBEFC2C3}C:\windows.old\program files\apowersoft\video download capture 6\rtmpsrv.exe] => (Block) C:\windows.old\program files\apowersoft\video download capture 6\rtmpsrv.exe
FirewallRules: [{47252CE5-6052-4DA9-9BE5-3AFCC3E92E57}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe
FirewallRules: [{E17267A1-FF37-480E-902E-7CEA16BE7F04}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe
FirewallRules: [{32D72335-8B32-43A3-AE00-4B0DF30CC5CE}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\rtmpsrv.exe
FirewallRules: [{7F458DDC-8C39-49F6-B3A9-95FBB758DAB0}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\rtmpsrv.exe
FirewallRules: [{5B0533AA-E0E1-4EFB-A441-AB31A18FBC6F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{57D7B94B-0D90-47AF-BC49-6A0D1701585C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{623EB767-D40E-43FC-B9DB-B881852BF135}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe
FirewallRules: [UDP Query User{4F13DA49-5DB3-4E29-87F5-C93D11B26332}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe
FirewallRules: [{FA593A41-FA0F-4122-B2D3-F1281DF9D6CB}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{4A1A063E-0943-450A-A7F2-47D3BB3B03FB}] => (Allow) C:\Users\Lenka\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{93692808-CA47-4AF2-A65C-63AEF9A2BE89}] => (Allow) C:\Users\Lenka\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{5AC50D73-0988-4B84-9D2D-3328A936B0BC}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{48EFD1F7-A881-49EE-B191-049F57136856}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{8E23D96A-942C-407E-9D01-FC987BB66053}] => (Allow) C:\Users\Lenka\AppData\Local\Temp\7zS6088\HPDiagnosticCoreUI.exe
FirewallRules: [{CCBD7907-F883-44D4-91BE-B7891450DF5B}] => (Allow) C:\Users\Lenka\AppData\Local\Temp\7zS6088\HPDiagnosticCoreUI.exe
FirewallRules: [{AB22B66E-D5DF-4D52-A8D7-5C7E079A4EE9}] => (Allow) C:\Users\Lenka\AppData\Local\Temp\7zS27CD\HPDiagnosticCoreUI.exe
FirewallRules: [{1B70C456-44B6-4A5D-8631-943370E325D2}] => (Allow) C:\Users\Lenka\AppData\Local\Temp\7zS27CD\HPDiagnosticCoreUI.exe
FirewallRules: [{7E310C54-91C7-4484-9796-7652FB7981BC}] => (Allow) C:\Users\Lenka\AppData\Local\Temp\7zS5A16\HPDiagnosticCoreUI.exe
FirewallRules: [{9C17C4BF-A7BB-4FAC-A8DF-CCE74ABC3073}] => (Allow) C:\Users\Lenka\AppData\Local\Temp\7zS5A16\HPDiagnosticCoreUI.exe
FirewallRules: [{8CC0F3DA-97A4-465B-B4C6-86AAA5D4CFD9}] => (Allow) C:\Users\Lenka\AppData\Local\Temp\7zS6A9B\HPDiagnosticCoreUI.exe
FirewallRules: [{FCF95937-AB59-4E47-84F5-6FC097820367}] => (Allow) C:\Users\Lenka\AppData\Local\Temp\7zS6A9B\HPDiagnosticCoreUI.exe
FirewallRules: [{6741E54F-F27B-4E5A-B4F8-D8C574C38329}] => (Allow) C:\Users\Lenka\AppData\Local\Temp\7zS7989\HPDiagnosticCoreUI.exe
FirewallRules: [{6A7C4345-6D0D-48B2-BE9D-2716FC928C7A}] => (Allow) C:\Users\Lenka\AppData\Local\Temp\7zS7989\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{CC1077E9-65F8-4330-93BA-C7C57434BD2F}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files\tp-link\tp-link plc utility\tpplc.exe
FirewallRules: [UDP Query User{0E1E2E50-7F42-4040-B1F0-0A90CA97E05B}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Allow) C:\program files\tp-link\tp-link plc utility\tpplc.exe
FirewallRules: [TCP Query User{65E13700-B2BE-47AF-99E8-D918D2A141A4}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Block) C:\program files\tp-link\tp-link plc utility\tpplc.exe
FirewallRules: [UDP Query User{F557EEF3-3829-4EED-911B-E787ED196FCA}C:\program files\tp-link\tp-link plc utility\tpplc.exe] => (Block) C:\program files\tp-link\tp-link plc utility\tpplc.exe
FirewallRules: [{96D9CD57-4854-4F2D-AB14-74F6D1AFAA91}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{D45A7E0F-BB04-4B98-8DED-CC854C4A27BA}C:\program files\serviio\jre\bin\javaw.exe] => (Allow) C:\program files\serviio\jre\bin\javaw.exe
FirewallRules: [UDP Query User{6808D4E6-6BD0-433C-9633-25E096BD87E8}C:\program files\serviio\jre\bin\javaw.exe] => (Allow) C:\program files\serviio\jre\bin\javaw.exe

==================== Restore Points =========================

03-02-2018 14:16:16 Installed TP-Link PLC Utility
06-02-2018 22:04:42 aaa
08-02-2018 16:44:34 Restore Point Created by FRST
10-02-2018 09:11:58 Restore Point Created by FRST

==================== Faulty Device Manager Devices =============

Name: Myš Microsoft pro port PS/2
Description: Myš Microsoft pro port PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/11/2018 08:55:34 AM) (Source: WD SSD Dashboard Service) (EventID: 0) (User: )
Description: WD SSD Dashboard Service failed in UpdateDeviceMapping.

Error: (02/11/2018 08:55:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/10/2018 09:11:56 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {d1b262de-4c18-45ad-9a79-52ec85bfe61e}

Error: (02/10/2018 08:57:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/10/2018 08:43:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/09/2018 06:57:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/09/2018 05:47:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 427723

Error: (02/09/2018 05:47:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 427723

Error: (02/09/2018 05:47:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/09/2018 05:47:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 426709


System errors:
=============
Error: (02/11/2018 08:54:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Intel(R) Content Protection HECI Service neuspěla při spuštění v důsledku následující chyby:
Verze programu Intel(R) Content Protection HECI Service není kompatibilní se spuštěnou verzí systému Windows. Pomocí systémových informací o počítači zjistěte, zda potřebujete verzi programu pro procesor x86 (32bitový) nebo x64 (64bitový) a pak se obraťte na vydavatele softwaru.

Error: (02/10/2018 05:12:58 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.

Error: (02/10/2018 09:12:46 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (02/10/2018 09:12:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Apple Mobile Device byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (02/10/2018 09:12:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (02/10/2018 09:12:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wondershare Application Framework Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/10/2018 09:12:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (02/10/2018 09:12:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet Monitoring Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/10/2018 09:12:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/10/2018 09:12:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU G4500 @ 3.50GHz
Percentage of memory in use: 35%
Total physical RAM: 3230.98 MB
Available physical RAM: 2090.61 MB
Total Virtual: 6460.29 MB
Available Virtual: 4907.81 MB

==================== Drives ================================

Drive c: (SYSTEM 7) (Fixed) (Total:244.14 GB) (Free:66.63 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (STORE) (Fixed) (Total:454.49 GB) (Free:124.67 GB) NTFS
Drive e: (GIGABYTE) (CDROM) (Total:3.95 GB) (Free:0 GB) CDFS
Drive f: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Fixed) (Total:111.69 GB) (Free:72.75 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 03FE03FD)
Partition 1: (Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================