VIRY.CZ

Dobry den.Mam dotaz ohledne Ntb Acer Aspire E 15.Ntb po urcite dobe behu zvysi vykon ventilatoru na cca 15 sec.a zamrzne ze se s nim neda nic nedat.Musi se podrzet dlouze tlacitko power aby se vubec vypnul.Po znovu spusteni bezi normalne az zas za urcitou dobu se sekne.Kdyz je spusteno video nebo nejaky program sekne se driv.Mohl bych pozadat o pomoc?Dekuji

Zdravím!
Nějaký log sem asi těžko dáte. Pokud je to možné, dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 . Jinak to tipuji na chybu chlazení (ventilátor, ucpaný chaldič prachem atp).

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.02.2018 02
Ran by Cony (administrator) on TRINITTY (11-02-2018 18:17:52)
Running from C:\Users\Cony\Desktop
Loaded Profiles: Cony (Available Profiles: Cony)
Platform: Windows 10 Home Version 1703 15063.786 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Pokki) C:\Users\Cony\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Users\Cony\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Cony\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Pokki) C:\Users\Cony\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Pokki) C:\Users\Cony\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Pokki) C:\Users\Cony\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2017-12-30] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-1128324063-843578033-1749482450-1001\...\Run: [HP Deskjet 3540 series (NET)] => C:\Program Files\HP\HP Deskjet 3540 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett-Packard Co.)
HKU\S-1-5-21-1128324063-843578033-1749482450-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Cony\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1128324063-843578033-1749482450-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Cony\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1128324063-843578033-1749482450-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd)
HKU\S-1-5-21-1128324063-843578033-1749482450-1001\...\MountPoints2: {3df7a96e-db79-11e7-82bb-f0761c76eedd} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1128324063-843578033-1749482450-1001\...\MountPoints2: {8d88593e-8021-11e7-82b0-f0761c76eedd} - "E:\HiSuiteDownLoader.exe"
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2d39b174-1d1c-43c0-9839-8956f34d1ee6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e4d8d785-bcb5-4415-9a79-f30697be7ff6}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1128324063-843578033-1749482450-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1128324063-843578033-1749482450-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-1128324063-843578033-1749482450-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1128324063-843578033-1749482450-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)

FireFox:
========
FF DefaultProfile: ivnltt5l.default
FF ProfilePath: C:\Users\Cony\AppData\Roaming\Mozilla\Firefox\Profiles\ivnltt5l.default [2018-02-11]
FF Homepage: Mozilla\Firefox\Profiles\ivnltt5l.default -> hxxp://www.seznam.cz/
FF NewTabOverride: Mozilla\Firefox\Profiles\ivnltt5l.default -> Enabled: "id":"{ea614400-e918-4741-9a97-7a972ff7c30b
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Cony\AppData\Roaming\Mozilla\Firefox\Profiles\ivnltt5l.default\Extensions\sko-extension@firma.seznam.cz.xpi [2018-01-26]
FF Extension: (Avast SafePrice) - C:\Users\Cony\AppData\Roaming\Mozilla\Firefox\Profiles\ivnltt5l.default\Extensions\sp@avast.com.xpi [2017-12-07]
FF Extension: (Avast Online Security) - C:\Users\Cony\AppData\Roaming\Mozilla\Firefox\Profiles\ivnltt5l.default\Extensions\wrc@avast.com.xpi [2017-10-20]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Cony\AppData\Roaming\Mozilla\Firefox\Profiles\ivnltt5l.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2018-01-26]
FF Extension: (No Name) - C:\Users\Cony\AppData\Roaming\Mozilla\Firefox\Profiles\ivnltt5l.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF SearchPlugin: C:\Users\Cony\AppData\Roaming\Mozilla\Firefox\Profiles\ivnltt5l.default\searchplugins\McSiteAdvisor.xml [2016-03-21]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-10] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-31] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-07-10] ()

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR NewTab: Default -> "active": true,
"entry": "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/html/newTab.html"

CHR Profile: C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default [2018-02-10]
CHR Extension: (Prezentace) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-31]
CHR Extension: (Dokumenty) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-31]
CHR Extension: (Disk Google) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-24]
CHR Extension: (Seznam pro Chrome - Email) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-01-29]
CHR Extension: (YouTube) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-24]
CHR Extension: (Avast SafePrice) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-31]
CHR Extension: (Tabulky) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-31]
CHR Extension: (Avast Online Security) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-12-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-01-29]
CHR Extension: (Gmail) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-24]
CHR Extension: (Chrome Media Router) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-31]
CHR HKU\S-1-5-21-1128324063-843578033-1749482450-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1128324063-843578033-1749482450-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2017-12-30] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2017-12-30] (AVAST Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2278688 2017-09-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-07-10] (WildTangent)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [328624 2015-10-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-06-26] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-06-26] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-06-26] (McAfee, Inc.)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [185096 2017-12-30] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321512 2017-12-30] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199448 2017-12-30] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343768 2017-12-30] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57696 2017-12-30] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [149344 2017-12-30] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2017-12-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146648 2018-01-12] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110336 2017-12-30] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84384 2017-12-30] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1025176 2017-12-30] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [457896 2018-01-12] (AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [204456 2017-12-30] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [358672 2017-12-30] (AVAST Software)
S3 DigiartyVirtualCDBus; C:\WINDOWS\System32\drivers\DigiartyVirtualCDBus.sys [276256 2016-02-10] (Digiarty Software, Inc.)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [181816 2016-01-24] (Duplex Secure Ltd)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-12 00:30 - 2018-02-12 02:37 - 000000000 _____ C:\Recovery.txt
2018-02-11 18:17 - 2018-02-11 18:19 - 000019503 _____ C:\Users\Cony\Desktop\FRST.txt
2018-02-11 18:17 - 2018-02-11 18:17 - 000000000 ____D C:\FRST
2018-02-11 18:16 - 2018-02-11 18:16 - 002404864 _____ (Farbar) C:\Users\Cony\Desktop\FRST64.exe
2018-02-11 18:14 - 2018-02-11 18:14 - 000000000 _____ C:\Users\Cony\Desktop\FRSTLauncher.exe
2018-02-11 17:44 - 2018-02-11 17:44 - 000000000 ___HD C:\OneDriveTemp
2018-02-11 17:42 - 2018-02-11 17:42 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-02-11 14:41 - 2018-02-11 14:41 - 000590796 _____ C:\Users\Cony\Desktop\Doklad_2151632539.pdf
2018-02-10 16:33 - 2018-02-10 16:34 - 000000000 ____D C:\Program Files\CCleaner
2018-02-10 16:33 - 2018-02-10 16:33 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-02-10 16:33 - 2018-02-10 16:33 - 000002854 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-02-10 16:33 - 2018-02-10 16:33 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-02-10 16:33 - 2018-02-10 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-02-10 16:31 - 2018-02-10 16:31 - 011203712 _____ (Piriform Ltd) C:\Users\Cony\Downloads\ccsetup539pro.exe
2018-02-10 16:31 - 2018-02-10 16:31 - 011203712 _____ (Piriform Ltd) C:\Users\Cony\Downloads\ccsetup539pro(1).exe
2018-02-10 11:54 - 2018-02-10 11:54 - 008101056 _____ C:\Users\Cony\Downloads\hdtune_255.exe
2018-02-10 11:43 - 2018-02-10 11:43 - 000000000 ____D C:\ProgramData\AltrixSoft
2018-02-10 11:42 - 2018-02-10 11:43 - 002776312 _____ (AltrixSoft) C:\Users\Cony\Downloads\hddinsp.exe
2018-02-03 12:00 - 2018-01-01 02:41 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-02-03 12:00 - 2018-01-01 02:40 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-02-03 12:00 - 2018-01-01 02:40 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-02-03 12:00 - 2018-01-01 02:39 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-02-03 12:00 - 2018-01-01 02:38 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-02-03 12:00 - 2018-01-01 02:35 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-02-03 12:00 - 2018-01-01 02:30 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-01-26 19:14 - 2018-01-26 19:20 - 775129088 _____ C:\Users\Cony\Downloads\Listopadoví vrazi (2017,cz,dabing)ddd.avi
2018-01-26 19:12 - 2018-01-26 19:19 - 1131778528 _____ C:\Users\Cony\Downloads\Labyrint-2-Zkouška ohněm-(2015)-CZ-Dabing.avi
2018-01-24 20:41 - 2018-01-26 19:13 - 000000000 ___HD C:\$WINDOWS.~BT
2018-01-24 20:32 - 2018-01-24 20:33 - 000000000 ____D C:\Users\Cony\Kalendar1
2018-01-24 20:30 - 2018-01-24 20:30 - 000000000 ____D C:\Program Files (x86)\Seznam.cz
2018-01-24 20:29 - 2018-02-11 17:48 - 000000000 ____D C:\Users\Cony\AppData\Roaming\Seznam.cz
2018-01-24 20:29 - 2018-01-24 20:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalendar
2018-01-24 20:29 - 2018-01-24 20:31 - 000000000 ____D C:\Program Files (x86)\Kalendar
2018-01-24 20:29 - 2018-01-24 20:29 - 011043032 _____ C:\Users\Cony\Downloads\mysetup.exe
2018-01-24 20:01 - 2018-02-10 11:07 - 000000000 ____D C:\Program Files\rempl
2018-01-12 20:14 - 2018-01-12 20:40 - 1624203692 _____ C:\Users\Cony\Downloads\Zabiják a bodyguard (2017) CZ dabing NOVINKA.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-11 18:00 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-11 17:52 - 2015-07-10 18:41 - 000000000 ____D C:\Users\Cony\AppData\Local\SweetLabs App Platform
2018-02-11 17:44 - 2015-07-10 19:59 - 000000000 ___RD C:\Users\Cony\OneDrive
2018-02-11 17:43 - 2016-11-19 16:18 - 000000000 ____D C:\Users\Cony\AppData\LocalLow\Mozilla
2018-02-11 17:42 - 2015-07-10 18:42 - 000000000 __SHD C:\Users\Cony\IntelGraphicsProfiles
2018-02-11 17:41 - 2017-06-04 21:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-11 17:36 - 2017-03-18 12:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-02-11 17:32 - 2017-06-04 21:14 - 000004194 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B375C3D4-4B00-4FEF-9305-E6FA31CF6E2A}
2018-02-11 15:28 - 2017-06-04 20:48 - 000000000 ____D C:\Users\Cony
2018-02-11 15:25 - 2016-02-04 17:27 - 000000000 ___RD C:\Users\Cony\Documents\Scanned Documents
2018-02-11 15:18 - 2017-06-04 20:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-11 15:08 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-11 15:08 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-11 14:48 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2018-02-11 14:29 - 2017-06-04 20:41 - 000432288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-11 14:29 - 2017-02-20 19:22 - 000000346 _____ C:\WINDOWS\Tasks\HPCeeScheduleForCony.job
2018-02-11 11:54 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2018-02-10 21:49 - 2016-02-07 10:51 - 000000000 ____D C:\Users\Cony\AppData\Local\WinAVI
2018-02-10 21:41 - 2016-01-24 17:31 - 000000000 ____D C:\ProgramData\Norton
2018-02-10 21:22 - 2017-06-04 21:14 - 000003234 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForCony
2018-02-10 21:17 - 2017-05-30 20:11 - 000000000 ___DC C:\WINDOWS\Panther
2018-02-10 16:42 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-02-10 16:42 - 2015-07-10 18:50 - 000000000 ____D C:\Users\Cony\AppData\Local\CrashDumps
2018-02-10 10:50 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-10 10:50 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-06 16:44 - 2016-12-14 20:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-02-06 16:44 - 2015-07-10 19:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-29 19:05 - 2015-07-10 19:08 - 000001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-01-27 12:37 - 2015-07-12 19:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-27 12:21 - 2017-10-22 10:36 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-27 12:20 - 2015-07-12 19:44 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-26 19:10 - 2017-08-06 16:35 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1128324063-843578033-1749482450-1001
2018-01-26 19:10 - 2015-08-01 13:04 - 000002426 _____ C:\Users\Cony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-24 20:13 - 2016-09-26 17:09 - 000002502 _____ C:\Users\Cony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2018-01-24 20:10 - 2017-06-04 21:14 - 000003380 _____ C:\WINDOWS\System32\Tasks\SweetLabs App Platform
2018-01-14 20:27 - 2017-12-31 10:02 - 000002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-14 20:27 - 2017-12-31 10:02 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-01-12 20:37 - 2017-11-16 18:17 - 002387124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-12 20:37 - 2017-03-20 05:43 - 001068242 _____ C:\WINDOWS\system32\perfh005.dat
2018-01-12 20:37 - 2017-03-20 05:43 - 000244144 _____ C:\WINDOWS\system32\perfc005.dat
2018-01-12 20:05 - 2017-08-24 19:58 - 000457896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-01-12 20:05 - 2017-08-24 19:58 - 000146648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys

Some files in TEMP:
====================
2010-01-12 11:07 - 2010-01-12 11:07 - 000094432 _____ (AltrixSoft) C:\Users\Cony\AppData\Local\Temp\Utils.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-10 21:18

==================== End of FRST.txt ============================

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner 7.0.8.0 - Logfile created on Sun Feb 11 18:56:31 2018
# Updated on 2018/08/02 by Malwarebytes
# Database: 02-08-2018.1
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy, C:\Users\Cony\AppData\Local\SweetLabs App Platform
PUP.Optional.Legacy, C:\ProgramData\Pokki
PUP.Optional.Legacy, C:\Users\All Users\Pokki
PUP.Optional.Legacy, C:\Users\Default\AppData\Local\Pokki
PUP.Optional.Legacy, C:\Users\Default User\AppData\Local\Pokki
PUP.Optional.Legacy, C:\Users\Public\Pokki
PUP.Optional.Booking, C:\Program Files\Booking.com


***** [ Files ] *****

PUP.Optional.Legacy, C:\Users\Cony\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Pokki Start Menu.lnk
PUP.Optional.Legacy, C:\Users\Cony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
PUP.Optional.Legacy, C:\Users\Cony\AppData\Local\Temp\Utils.dll
PUP.Optional.Booking, C:\Users\Public\Desktop\Booking.com.lnk
PUP.Optional.PCAppStore, C:\Users\Cony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk


***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.Legacy, SweetLabs App Platform


***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1128324063-843578033-1749482450-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1128324063-843578033-1749482450-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Directory\shell\pokki
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Drive\shell\pokki
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\lnkfile\shell\pokki
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL
Adware.pokki, [Key] - HKU\S-1-5-21-1128324063-843578033-1749482450-1001\Software\SweetLabs App Platform
Adware.pokki, [Key] - HKCU\Software\SweetLabs App Platform


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

Po restartu se objevilo tohle
# AdwCleaner 7.0.8.0 - Logfile created on Sun Feb 11 19:01:18 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Users\Cony\AppData\Local\SweetLabs App Platform
Deleted: C:\ProgramData\Pokki
Deleted: C:\Users\All Users\Pokki
Deleted: C:\Users\Default\AppData\Local\Pokki
Deleted: C:\Users\Default User\AppData\Local\Pokki
Deleted: C:\Users\Public\Pokki
Deleted: C:\Program Files\Booking.com


***** [ Files ] *****

Deleted: C:\Users\Cony\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Pokki Start Menu.lnk
Deleted: C:\Users\Cony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
Deleted: C:\Users\Cony\AppData\Local\Temp\Utils.dll
Deleted: C:\Users\Public\Desktop\Booking.com.lnk
Deleted: C:\Users\Cony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: SweetLabs App Platform


***** [ Registry ] *****

Deleted: [Key] - HKU\S-1-5-21-1128324063-843578033-1749482450-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Deleted: [Key] - HKU\S-1-5-21-1128324063-843578033-1749482450-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
Deleted: [Key] - HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Deleted: [Key] - HKCU\Software\Classes\Directory\shell\pokki
Deleted: [Key] - HKCU\Software\Classes\Drive\shell\pokki
Deleted: [Key] - HKCU\Software\Classes\lnkfile\shell\pokki
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL
Deleted: [Key] - HKU\S-1-5-21-1128324063-843578033-1749482450-1001\Software\SweetLabs App Platform
Deleted: [Key] - HKCU\Software\SweetLabs App Platform


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [2989 B] - [2018/2/11 18:56:31]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

OK. Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.02.2018 02
Ran by Cony (administrator) on TRINITTY (11-02-2018 20:44:23)
Running from C:\Users\Cony\Desktop
Loaded Profiles: Cony (Available Profiles: Cony)
Platform: Windows 10 Home Version 1703 15063.786 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Users\Cony\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Users\Cony\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2017-12-30] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-1128324063-843578033-1749482450-1001\...\Run: [HP Deskjet 3540 series (NET)] => C:\Program Files\HP\HP Deskjet 3540 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett-Packard Co.)
HKU\S-1-5-21-1128324063-843578033-1749482450-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Cony\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1128324063-843578033-1749482450-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Cony\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1128324063-843578033-1749482450-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd)
HKU\S-1-5-21-1128324063-843578033-1749482450-1001\...\MountPoints2: {3df7a96e-db79-11e7-82bb-f0761c76eedd} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1128324063-843578033-1749482450-1001\...\MountPoints2: {8d88593e-8021-11e7-82b0-f0761c76eedd} - "E:\HiSuiteDownLoader.exe"
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2d39b174-1d1c-43c0-9839-8956f34d1ee6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e4d8d785-bcb5-4415-9a79-f30697be7ff6}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1128324063-843578033-1749482450-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1128324063-843578033-1749482450-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-1128324063-843578033-1749482450-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1128324063-843578033-1749482450-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)

FireFox:
========
FF DefaultProfile: ivnltt5l.default
FF ProfilePath: C:\Users\Cony\AppData\Roaming\Mozilla\Firefox\Profiles\ivnltt5l.default [2018-02-11]
FF Homepage: Mozilla\Firefox\Profiles\ivnltt5l.default -> hxxp://www.seznam.cz/
FF NewTabOverride: Mozilla\Firefox\Profiles\ivnltt5l.default -> Enabled: "id":"{ea614400-e918-4741-9a97-7a972ff7c30b
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Cony\AppData\Roaming\Mozilla\Firefox\Profiles\ivnltt5l.default\Extensions\sko-extension@firma.seznam.cz.xpi [2018-01-26]
FF Extension: (Avast SafePrice) - C:\Users\Cony\AppData\Roaming\Mozilla\Firefox\Profiles\ivnltt5l.default\Extensions\sp@avast.com.xpi [2017-12-07]
FF Extension: (Avast Online Security) - C:\Users\Cony\AppData\Roaming\Mozilla\Firefox\Profiles\ivnltt5l.default\Extensions\wrc@avast.com.xpi [2017-10-20]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Cony\AppData\Roaming\Mozilla\Firefox\Profiles\ivnltt5l.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2018-01-26]
FF Extension: (No Name) - C:\Users\Cony\AppData\Roaming\Mozilla\Firefox\Profiles\ivnltt5l.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF SearchPlugin: C:\Users\Cony\AppData\Roaming\Mozilla\Firefox\Profiles\ivnltt5l.default\searchplugins\McSiteAdvisor.xml [2016-03-21]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-10] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-31] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-07-10] ()

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR NewTab: Default -> "active": true,
"entry": "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/html/newTab.html"

CHR Profile: C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default [2018-02-11]
CHR Extension: (Prezentace) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-31]
CHR Extension: (Dokumenty) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-31]
CHR Extension: (Disk Google) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-24]
CHR Extension: (Seznam pro Chrome - Email) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-01-29]
CHR Extension: (YouTube) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-24]
CHR Extension: (Avast SafePrice) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-31]
CHR Extension: (Tabulky) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-31]
CHR Extension: (Avast Online Security) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-12-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-01-29]
CHR Extension: (Gmail) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-24]
CHR Extension: (Chrome Media Router) - C:\Users\Cony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-31]
CHR HKU\S-1-5-21-1128324063-843578033-1749482450-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1128324063-843578033-1749482450-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2017-12-30] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2017-12-30] (AVAST Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2278688 2017-09-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-07-10] (WildTangent)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [328624 2015-10-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-06-26] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-06-26] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-06-26] (McAfee, Inc.)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-02-11] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-02-11] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [185096 2017-12-30] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321512 2017-12-30] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199448 2017-12-30] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343768 2017-12-30] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57696 2017-12-30] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [149344 2017-12-30] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2017-12-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146648 2018-01-12] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110336 2017-12-30] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84384 2017-12-30] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1025176 2017-12-30] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [457896 2018-01-12] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [204456 2017-12-30] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [358672 2017-12-30] (AVAST Software)
S3 DigiartyVirtualCDBus; C:\WINDOWS\System32\drivers\DigiartyVirtualCDBus.sys [276256 2016-02-10] (Digiarty Software, Inc.)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [181816 2016-01-24] (Duplex Secure Ltd)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-02-11] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-02-11] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-02-11] (Microsoft Corporation)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-12 00:30 - 2018-02-12 02:37 - 000000000 _____ C:\Recovery.txt
2018-02-11 20:27 - 2018-02-11 20:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-11 20:03 - 2018-02-11 20:03 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-02-11 19:52 - 2018-02-11 20:01 - 000000000 ____D C:\AdwCleaner
2018-02-11 19:51 - 2018-02-11 19:51 - 008222496 _____ (Malwarebytes) C:\Users\Cony\Desktop\adwcleaner_7.0.8.0.exe
2018-02-11 18:20 - 2018-02-11 18:21 - 000044662 _____ C:\Users\Cony\Desktop\Addition.txt
2018-02-11 18:17 - 2018-02-11 20:45 - 000019446 _____ C:\Users\Cony\Desktop\FRST.txt
2018-02-11 18:17 - 2018-02-11 20:44 - 000000000 ____D C:\FRST
2018-02-11 18:16 - 2018-02-11 18:16 - 002404864 _____ (Farbar) C:\Users\Cony\Desktop\FRST64.exe
2018-02-11 18:14 - 2018-02-11 18:14 - 000000000 _____ C:\Users\Cony\Desktop\FRSTLauncher.exe
2018-02-11 17:44 - 2018-02-11 17:44 - 000000000 ___HD C:\OneDriveTemp
2018-02-11 14:41 - 2018-02-11 14:41 - 000590796 _____ C:\Users\Cony\Desktop\Doklad_2151632539.pdf
2018-02-10 16:33 - 2018-02-10 16:34 - 000000000 ____D C:\Program Files\CCleaner
2018-02-10 16:33 - 2018-02-10 16:33 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-02-10 16:33 - 2018-02-10 16:33 - 000002854 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-02-10 16:33 - 2018-02-10 16:33 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-02-10 16:33 - 2018-02-10 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-02-10 16:31 - 2018-02-10 16:31 - 011203712 _____ (Piriform Ltd) C:\Users\Cony\Downloads\ccsetup539pro.exe
2018-02-10 16:31 - 2018-02-10 16:31 - 011203712 _____ (Piriform Ltd) C:\Users\Cony\Downloads\ccsetup539pro(1).exe
2018-02-10 11:54 - 2018-02-10 11:54 - 008101056 _____ C:\Users\Cony\Downloads\hdtune_255.exe
2018-02-10 11:43 - 2018-02-10 11:43 - 000000000 ____D C:\ProgramData\AltrixSoft
2018-02-10 11:42 - 2018-02-10 11:43 - 002776312 _____ (AltrixSoft) C:\Users\Cony\Downloads\hddinsp.exe
2018-02-03 12:00 - 2018-01-01 02:41 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-02-03 12:00 - 2018-01-01 02:40 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-02-03 12:00 - 2018-01-01 02:40 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-02-03 12:00 - 2018-01-01 02:39 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-02-03 12:00 - 2018-01-01 02:38 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-02-03 12:00 - 2018-01-01 02:35 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-02-03 12:00 - 2018-01-01 02:30 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-01-26 19:14 - 2018-01-26 19:20 - 775129088 _____ C:\Users\Cony\Downloads\Listopadoví vrazi (2017,cz,dabing)ddd.avi
2018-01-26 19:12 - 2018-01-26 19:19 - 1131778528 _____ C:\Users\Cony\Downloads\Labyrint-2-Zkouška ohněm-(2015)-CZ-Dabing.avi
2018-01-24 20:41 - 2018-01-26 19:13 - 000000000 ___HD C:\$WINDOWS.~BT
2018-01-24 20:32 - 2018-01-24 20:33 - 000000000 ____D C:\Users\Cony\Kalendar1
2018-01-24 20:30 - 2018-01-24 20:30 - 000000000 ____D C:\Program Files (x86)\Seznam.cz
2018-01-24 20:29 - 2018-02-11 20:08 - 000000000 ____D C:\Users\Cony\AppData\Roaming\Seznam.cz
2018-01-24 20:29 - 2018-01-24 20:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalendar
2018-01-24 20:29 - 2018-01-24 20:31 - 000000000 ____D C:\Program Files (x86)\Kalendar
2018-01-24 20:29 - 2018-01-24 20:29 - 011043032 _____ C:\Users\Cony\Downloads\mysetup.exe
2018-01-24 20:01 - 2018-02-10 11:07 - 000000000 ____D C:\Program Files\rempl
2018-01-12 20:14 - 2018-01-12 20:40 - 1624203692 _____ C:\Users\Cony\Downloads\Zabiják a bodyguard (2017) CZ dabing NOVINKA.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-11 20:42 - 2017-06-04 20:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-11 20:28 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-11 20:19 - 2017-08-24 20:14 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-02-11 20:09 - 2016-11-19 16:18 - 000000000 ____D C:\Users\Cony\AppData\LocalLow\Mozilla
2018-02-11 20:04 - 2015-07-10 19:59 - 000000000 ___RD C:\Users\Cony\OneDrive
2018-02-11 20:03 - 2015-07-10 18:42 - 000000000 __SHD C:\Users\Cony\IntelGraphicsProfiles
2018-02-11 20:02 - 2017-06-04 21:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-11 20:01 - 2017-03-18 12:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-02-11 20:01 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-02-11 20:00 - 2015-07-10 18:41 - 000000000 ____D C:\Users\Cony\AppData\Local\SweetLabs App Platform
2018-02-11 18:58 - 2017-05-30 20:11 - 000000000 ___DC C:\WINDOWS\Panther
2018-02-11 17:32 - 2017-06-04 21:14 - 000004194 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B375C3D4-4B00-4FEF-9305-E6FA31CF6E2A}
2018-02-11 15:28 - 2017-06-04 20:48 - 000000000 ____D C:\Users\Cony
2018-02-11 15:25 - 2016-02-04 17:27 - 000000000 ___RD C:\Users\Cony\Documents\Scanned Documents
2018-02-11 15:08 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-11 15:08 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-11 14:48 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2018-02-11 14:29 - 2017-06-04 20:41 - 000432288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-11 14:29 - 2017-02-20 19:22 - 000000346 _____ C:\WINDOWS\Tasks\HPCeeScheduleForCony.job
2018-02-11 11:54 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2018-02-10 21:49 - 2016-02-07 10:51 - 000000000 ____D C:\Users\Cony\AppData\Local\WinAVI
2018-02-10 21:41 - 2016-01-24 17:31 - 000000000 ____D C:\ProgramData\Norton
2018-02-10 21:22 - 2017-06-04 21:14 - 000003234 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForCony
2018-02-10 16:42 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-02-10 16:42 - 2015-07-10 18:50 - 000000000 ____D C:\Users\Cony\AppData\Local\CrashDumps
2018-02-10 10:50 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-10 10:50 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-06 16:44 - 2016-12-14 20:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-02-06 16:44 - 2015-07-10 19:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-29 19:05 - 2015-07-10 19:08 - 000001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-01-27 12:37 - 2015-07-12 19:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-27 12:21 - 2017-10-22 10:36 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-27 12:20 - 2015-07-12 19:44 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-26 19:10 - 2017-08-06 16:35 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1128324063-843578033-1749482450-1001
2018-01-26 19:10 - 2015-08-01 13:04 - 000002426 _____ C:\Users\Cony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-14 20:27 - 2017-12-31 10:02 - 000002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-14 20:27 - 2017-12-31 10:02 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-01-12 20:37 - 2017-11-16 18:17 - 002387124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-12 20:37 - 2017-03-20 05:43 - 001068242 _____ C:\WINDOWS\system32\perfh005.dat
2018-01-12 20:37 - 2017-03-20 05:43 - 000244144 _____ C:\WINDOWS\system32\perfc005.dat
2018-01-12 20:05 - 2017-08-24 19:58 - 000457896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-01-12 20:05 - 2017-08-24 19:58 - 000146648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-10 21:18

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1128324063-843578033-1749482450-1001\...\MountPoints2: {3df7a96e-db79-11e7-82bb-f0761c76eedd} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1128324063-843578033-1749482450-1001\...\MountPoints2: {8d88593e-8021-11e7-82b0-f0761c76eedd} - "E:\HiSuiteDownLoader.exe"
SearchScopes: HKU\S-1-5-21-1128324063-843578033-1749482450-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1128324063-843578033-1749482450-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
U1 aswbdisk; no ImagePath

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.02.2018 02
Ran by Cony (12-02-2018 17:20:31) Run:1
Running from C:\Users\Cony\Desktop
Loaded Profiles: Cony (Available Profiles: Cony)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1128324063-843578033-1749482450-1001\...\MountPoints2: {3df7a96e-db79-11e7-82bb-f0761c76eedd} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-1128324063-843578033-1749482450-1001\...\MountPoints2: {8d88593e-8021-11e7-82b0-f0761c76eedd} - "E:\HiSuiteDownLoader.exe"
SearchScopes: HKU\S-1-5-21-1128324063-843578033-1749482450-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1128324063-843578033-1749482450-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
U1 aswbdisk; no ImagePath

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKU\S-1-5-21-1128324063-843578033-1749482450-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3df7a96e-db79-11e7-82bb-f0761c76eedd}" => removed successfully
HKLM\Software\Classes\CLSID\{3df7a96e-db79-11e7-82bb-f0761c76eedd} => key not found
"HKU\S-1-5-21-1128324063-843578033-1749482450-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8d88593e-8021-11e7-82b0-f0761c76eedd}" => removed successfully
HKLM\Software\Classes\CLSID\{8d88593e-8021-11e7-82b0-f0761c76eedd} => key not found
"HKU\S-1-5-21-1128324063-843578033-1749482450-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-1128324063-843578033-1749482450-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found
HKLM\System\CurrentControlSet\Services\aswbdisk => key could not remove, key could be protected

=========== EmptyTemp: ==========

BITS transfer queue => 9986048 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 191285642 B
Java, Flash, Steam htmlcache => 524 B
Windows/system/drivers => 32139027 B
Edge => 2760578 B
Chrome => 174002 B
Firefox => 243820322 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 362804 B
systemprofile32 => 0 B
LocalService => 8968 B
NetworkService => 5458 B
Cony => 29387577 B

RecycleBin => 1766539 B
EmptyTemp: => 488 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 12-02-2018 17:24:50)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\aswbdisk => key could not remove, key could be protected

==== End of Fixlog 17:24:50 ====

OK. Nastala nějaká změna?

No da se rict ze jo.Je rychlejsi nacitani na internetu.A se sekanim jeste nevim pustim video a uvidi se.Ventilator je zatim v klidu

OK. Ozvěte se, zatím to tu nechám otevřené.

Zdravim.Vypada to dobre.Zatim to jeste nezamrzlo a ventilator je v klidu.Dekuji

Rádo se stalo!