Samovolné zavírání oken

Zpráva

zuzka411 · #1 Příspěvek od **zuzka411** » 25 bře 2018 18:39

Dobrý den,

v PC se mi samy od sebe zavírají otevřená okna a někdy se do adresního řádku v prohlížeči začnou psát samy od sebe písmena nebo znaky (vždycky jen 2, většinou g\). Na ploše se mi také zobrazuje tabulka Ukončení Windows. Prosím o kontrolu logu. Předem moc děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14.03.2018
Ran by Zuzana (administrator) on ZUZANA-PC (25-03-2018 19:07:09)
Running from C:\Users\Zuzana\Downloads
Loaded Profiles: Zuzana (Available Profiles: Zuzana)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) D:\Programy\ekrn.exe
() C:\Program Files\Broadcom\CV\bin\UshUpgradeService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(Broadcom Corporation) C:\Program Files\Broadcom\CV\bin\HostControlService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\CV\bin\HostStorageService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AEstSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ESET) D:\Programy\egui.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2017-08-20] (IDT, Inc.)
HKLM\...\Run: [egui] => D:\Programy\ecmds.exe [300440 2017-12-18] (ESET)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [261944 2018-01-22] (Apple Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-2314392373-3971531273-2474555217-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7E9B2CD9-F506-4066-A456-264B419C0268}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{A8EF6825-A73B-49BE-859E-AD75C102933A}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2314392373-3971531273-2474555217-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__180304__yaie
SearchScopes: HKU\S-1-5-21-2314392373-3971531273-2474555217-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180304__yaie&p={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2014-05-22] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: eew84m5u.default
FF ProfilePath: C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\eew84m5u.default [2018-03-25]
FF Homepage: Mozilla\Firefox\Profiles\eew84m5u.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__180304__yaff
FF NewTab: Mozilla\Firefox\Profiles\eew84m5u.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__180304__yaff
FF Extension: (No Name) - C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\eew84m5u.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF SearchPlugin: C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\eew84m5u.default\searchplugins\yahoo-lavasoft.xml [2018-03-04]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-27] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-27] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\dsengine.js [2018-03-04] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\dsengine.cfg [2018-03-04] <==== ATTENTION

Chrome:
=======
CHR Profile: C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default [2018-03-25]
CHR Extension: (Prezentace) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-27]
CHR Extension: (Dokumenty) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-12-30]
CHR Extension: (Tabulky) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-27]
CHR Extension: (City-Sunset) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnffhanomkamjoleojbnkailliiojphl [2017-12-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-27]
CHR Extension: (AdBlock) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-17]
CHR Extension: (Chrome Media Router) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-25]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; D:\Programy\ekrn.exe [1539560 2017-12-18] (ESET)
R2 hostcontrolsvc; C:\Program Files\Broadcom\CV\bin\HostControlService.exe [820736 2018-02-24] (Broadcom Corporation)
R2 hoststoragesvc; C:\Program Files\Broadcom\CV\bin\HostStorageService.exe [36352 2018-02-24] (Broadcom Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [245842 2017-08-20] (IDT, Inc.)
R2 ushupgradesvc; C:\Program Files\Broadcom\CV\bin\UshUpgradeService.exe [221696 2018-02-24] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 cvusbdrv; C:\Windows\System32\Drivers\cvusbdrv.sys [51808 2018-02-24] (Broadcom Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [114552 2018-01-19] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141480 2018-01-19] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [90136 2018-01-19] (ESET)
S3 ETDSMBus; C:\Windows\System32\DRIVERS\ETDSMBus.sys [28744 2017-08-20] (ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-08-20] (REALiX(tm))
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7530736 2017-08-20] (Intel Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45144 2018-02-24] (Synaptics Incorporated)
R3 WirelessKeyboardFilter; C:\Windows\System32\DRIVERS\WirelessKeyboardFilter.sys [44776 2018-02-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-25 19:07 - 2018-03-25 19:07 - 000010388 _____ C:\Users\Zuzana\Downloads\FRST.txt
2018-03-25 19:06 - 2018-03-25 19:06 - 001764352 _____ (Farbar) C:\Users\Zuzana\Downloads\Nepotvrzeno 830225.crdownload
2018-03-25 19:05 - 2018-03-25 19:07 - 000000000 ____D C:\FRST
2018-03-25 19:05 - 2018-03-25 19:05 - 001764352 _____ (Farbar) C:\Users\Zuzana\Downloads\FRST.exe
2018-03-18 20:42 - 2018-03-18 20:45 - 381285552 _____ (Microsoft Corporation) C:\Users\Zuzana\Downloads\OfficeLangPack_Czech_x86.exe
2018-03-18 20:22 - 2018-03-18 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2018-03-18 20:22 - 2018-03-18 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2018-03-18 20:21 - 2018-03-18 20:21 - 000000000 ____D C:\Program Files\Microsoft Synchronization Services
2018-03-18 20:21 - 2018-03-18 20:21 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-03-18 20:20 - 2018-03-18 20:20 - 000000000 ____D C:\Windows\PCHEALTH
2018-03-18 20:20 - 2018-03-18 20:20 - 000000000 ____D C:\Program Files\Microsoft Sync Framework
2018-03-18 20:20 - 2018-03-18 20:20 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2018-03-18 20:17 - 2018-03-18 20:17 - 000000000 ____D C:\Program Files\Microsoft Visual Studio 8
2018-03-18 20:16 - 2018-03-18 20:49 - 000000000 ____D C:\Windows\SHELLNEW
2018-03-18 20:16 - 2018-03-18 20:16 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2018-03-18 20:14 - 2018-03-18 20:14 - 000000000 __RHD C:\MSOCache
2018-03-18 19:48 - 2018-03-18 19:48 - 000000000 ____D C:\Users\Zuzana\Downloads\Microsoft Office 2010 Professional Plus 14.0.7128.5000 SP2 RePack by D!akov
2018-03-18 19:45 - 2018-03-18 19:48 - 682989259 _____ C:\Users\Zuzana\Downloads\ms office 2010.zip
2018-03-18 19:42 - 2018-03-18 19:42 - 000000000 ____D C:\Users\Zuzana\AppData\Roaming\Thinstall
2018-03-18 19:42 - 2018-03-18 19:42 - 000000000 ____D C:\Users\Zuzana\AppData\Local\Thinstall
2018-03-18 19:41 - 2018-03-18 19:41 - 003306404 _____ C:\Users\Zuzana\Downloads\MAII_tutorial1_slides.pdf
2018-03-18 19:13 - 2018-03-18 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-03-18 16:05 - 2018-03-18 16:05 - 000000661 _____ C:\Users\Zuzana\Desktop\Zuzka – zástupce.lnk
2018-03-17 18:16 - 2018-03-17 18:16 - 000000000 ____D C:\Users\Zuzana\Documents\Vlastní šablony Office
2018-03-17 17:48 - 2018-03-17 17:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-03-17 17:48 - 2018-03-17 17:48 - 000000000 ____D C:\ProgramData\ESET
2018-03-17 16:24 - 2018-03-21 19:44 - 000002149 _____ C:\Users\Zuzana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2018-03-17 16:24 - 2018-03-21 19:44 - 000000000 ___RD C:\Users\Zuzana\OneDrive
2018-03-17 16:24 - 2018-03-17 16:24 - 000002086 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2018-03-17 16:24 - 2018-03-17 16:24 - 000002086 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2018-03-17 16:24 - 2018-03-17 16:24 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2018-03-17 16:23 - 2018-03-17 16:23 - 000000000 ____D C:\Users\Zuzana\AppData\Roaming\Skype
2018-03-17 16:23 - 2018-03-17 16:23 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-03-17 15:40 - 2018-03-18 20:20 - 000000000 ____D C:\Program Files\Microsoft Office
2018-03-16 22:22 - 2018-02-13 20:31 - 000117440 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-03-16 22:22 - 2018-02-13 20:24 - 000534016 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-03-16 22:22 - 2018-02-13 16:04 - 001893888 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-03-16 22:22 - 2018-02-13 16:04 - 001319424 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-03-16 22:22 - 2018-02-13 16:04 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-03-16 22:22 - 2018-02-13 16:04 - 000508416 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-03-16 22:22 - 2018-02-13 16:04 - 000339968 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-03-16 22:22 - 2018-02-13 16:04 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-03-16 22:22 - 2018-02-13 16:04 - 000212992 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-03-16 22:22 - 2018-02-13 16:04 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-03-11 15:54 - 2018-03-11 15:54 - 000000000 ____D C:\Users\Zuzana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
2018-03-04 18:52 - 2018-03-04 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2018-03-04 18:48 - 2018-03-04 18:48 - 000000000 ____D C:\Program Files\GOG.com
2018-03-04 17:48 - 2018-03-18 19:44 - 000000000 ____D C:\Users\Zuzana\AppData\LocalLow\uTorrent
2018-03-04 17:46 - 2018-03-25 18:30 - 000000000 ____D C:\Users\Zuzana\AppData\Roaming\uTorrent
2018-03-04 17:46 - 2018-03-04 17:46 - 000000000 ____D C:\Users\Zuzana\AppData\Roaming\Lavasoft
2018-03-04 17:46 - 2018-03-04 17:46 - 000000000 ____D C:\Users\Zuzana\AppData\Local\Lavasoft
2018-03-04 17:46 - 2018-03-04 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-03-04 17:46 - 2018-03-04 17:46 - 000000000 ____D C:\ProgramData\Lavasoft
2018-03-04 17:46 - 2018-03-04 17:46 - 000000000 ____D C:\Program Files\Lavasoft
2018-03-01 17:35 - 2018-03-01 17:35 - 000242496 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2018-03-01 17:11 - 2018-03-01 17:11 - 000440128 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2018-03-01 17:11 - 2018-03-01 17:11 - 000263856 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2018-03-01 17:11 - 2018-03-01 17:11 - 000083792 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2018-02-24 12:26 - 2018-01-13 16:51 - 000000857 _____ C:\Users\Zuzana\Desktop\Downloads.lnk
2018-02-24 11:59 - 2018-02-24 11:59 - 001637776 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2018-02-24 11:59 - 2018-02-24 11:59 - 000045144 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2018-02-24 11:59 - 2018-02-24 11:59 - 000044776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WirelessKeyboardFilter.sys
2018-02-24 11:59 - 2018-02-24 11:59 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2018-02-24 11:59 - 2018-02-24 11:59 - 000000000 ____D C:\Program Files\Synaptics
2018-02-24 11:56 - 2018-02-24 11:56 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_cvusbdrv_01009.Wdf
2018-02-24 11:55 - 2018-03-24 18:27 - 000020730 _____ C:\Windows\system32\CVFirmwareUpgradeLog.txt
2018-02-24 11:55 - 2018-02-24 11:55 - 001463424 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2018-02-24 11:55 - 2018-02-24 11:55 - 000523392 _____ (Broadcom Corporation) C:\Windows\system32\bipdll.dll
2018-02-24 11:55 - 2018-02-24 11:55 - 000363008 _____ (Broadcom) C:\Windows\system32\cvproppage.dll
2018-02-24 11:55 - 2018-02-24 11:55 - 000051808 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\cvusbdrv.sys
2018-02-24 11:55 - 2018-02-24 11:55 - 000000000 ____D C:\ProgramData\Broadcom
2018-02-24 11:55 - 2018-02-24 11:55 - 000000000 ____D C:\Program Files\Broadcom
2018-02-24 11:41 - 2018-02-24 11:41 - 000000000 ____D C:\Program Files\PDF Architect 5 Manager

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-25 18:55 - 2009-07-14 06:34 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-25 18:55 - 2009-07-14 06:34 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-25 18:29 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2018-03-24 20:07 - 2017-12-03 19:22 - 000115552 _____ C:\Users\Zuzana\AppData\Local\GDIPFONTCACHEV1.DAT
2018-03-24 18:40 - 2017-12-27 20:17 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-24 18:27 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-21 19:31 - 2009-07-14 06:33 - 000439408 _____ C:\Windows\system32\FNTCACHE.DAT
2018-03-18 20:50 - 2009-07-14 04:04 - 000000478 _____ C:\Windows\win.ini
2018-03-18 20:21 - 2009-07-14 06:52 - 000000000 ____D C:\Program Files\MSBuild
2018-03-18 20:21 - 2009-07-14 04:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-03-18 20:17 - 2009-07-14 04:37 - 000000000 ____D C:\Program Files\Common Files\System
2018-03-18 19:39 - 2017-08-21 18:19 - 000000000 ____D C:\Users\Zuzana\Desktop\Zástupci
2018-03-18 19:32 - 2017-08-28 18:01 - 000000000 ____D C:\Users\Zuzana\AppData\Roaming\vlc
2018-03-18 19:29 - 2017-12-27 20:15 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-03-18 19:29 - 2009-07-14 06:53 - 000032606 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-03-18 19:25 - 2018-02-20 21:06 - 000000000 ____D C:\Program Files\PDFCreator
2018-03-18 19:23 - 2009-12-21 01:46 - 000000000 ____D C:\Windows\Panther
2018-03-17 21:04 - 2009-12-21 02:02 - 001558876 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-17 21:04 - 2009-07-14 10:44 - 000668792 _____ C:\Windows\system32\perfh005.dat
2018-03-17 21:04 - 2009-07-14 10:44 - 000141420 _____ C:\Windows\system32\perfc005.dat
2018-03-17 16:24 - 2009-12-21 01:58 - 000000000 ____D C:\Users\Zuzana
2018-03-17 10:41 - 2009-12-21 00:01 - 000000000 ____D C:\Windows\system32\appraiser
2018-03-17 10:04 - 2017-08-20 22:50 - 000000000 ____D C:\Windows\system32\MRT
2018-03-17 10:01 - 2017-10-11 15:48 - 127391104 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-03-17 10:01 - 2017-08-20 22:49 - 127391104 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-03-11 15:54 - 2017-08-21 20:24 - 000000000 ____D C:\Program Files\Drakensang Online
2018-03-04 18:54 - 2009-12-21 01:58 - 000000000 ____D C:\Users\Zuzana\AppData\Local\VirtualStore
2018-02-25 15:07 - 2017-12-03 20:12 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-24 19:36 - 2018-02-20 21:10 - 000000000 ____D C:\ProgramData\AVAST Software
2018-02-24 11:42 - 2018-02-20 21:07 - 000000000 ____D C:\ProgramData\PDF Architect 5
2018-02-24 11:41 - 2018-02-20 21:10 - 000000000 ____D C:\Users\Zuzana\AppData\Roaming\Seznam.cz
2018-02-24 11:41 - 2018-02-20 21:10 - 000000000 ____D C:\Program Files\Seznam.cz
2018-02-24 11:36 - 2018-01-21 17:00 - 000000000 ____D C:\Program Files\Common Files\InstallShield
2018-02-24 11:36 - 2017-08-20 23:23 - 000000000 ____D C:\ProgramData\ProductData

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-21 20:00

==================== End of FRST.txt ============================

#2 Příspěvek od **Conder** » 25 bře 2018 19:07

Ahoj

Toto vyzera skor na problem so zaseknutou klavesnicou. Je to stolny PC? Mas moznost to vyskusat s inou klavesnicou? Pripadne ak sa zacnu pisat tie znaky, vyskusaj klavesnicu odpojit.

Kazdopadne v PC bezia rozne zbytocnosti, ktore mozeme vycistit.

Ak nepouzivas, odinstaluj Seznam Software (Seznam Listicka).

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

Uloz na plochu a ukonci vsetky programy
Spusti AdwCleaner ako spravca
Odsuhlas licencne podmienky
Klikni na Scan (Skenovanie) a pockaj na dokoncenie
Klikni na Clean (Cistenie) a potvrd kliknutim na OK
AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj

zuzka411 · #3 Příspěvek od **zuzka411** » 25 bře 2018 19:20

Je to notebook, ke kterému mám připojenou novou externí klávesnici, protože u klávesnice na notebooku nefungují správně některá tlačítka.

Log z AdwCleaneru:

g\# AdwCleaner 7.0.8.0 - Logfile created on Sun Mar 25 18:14:11 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 7 Home Premium (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\ProgramData\lavasoft\web companion
Deleted: C:\ProgramData\Application Data\lavasoft\web companion
Deleted: C:\Program Files\lavasoft\web companion
Deleted: C:\Users\All Users\lavasoft\web companion
Deleted: C:\Users\Zuzana\AppData\Roaming\lavasoft\web companion
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion

***** [ Files ] *****

Deleted: C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\eew84m5u.default\searchplugins\yahoo-lavasoft.xml
Deleted: C:\Program Files\\MOZILLA FIREFOX\DSENGINE.CFG
Deleted: C:\Program Files\\MOZILLA FIREFOX\DEFAULTS\PREF\DSENGINE.JS

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: Driver Booster Scheduler

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
Deleted: [Key] - HKU\S-1-5-21-2314392373-3971531273-2474555217-1000\Software\Lavasoft\Web Companion
Deleted: [Key] - HKCU\Software\Lavasoft\Web Companion
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2099688b-1396-4876-a3df-7d82f5d8ed58}|DisplayName []
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2099688b-1396-4876-a3df-7d82f5d8ed58}|DisplayIcon []

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [2274 B] - [2018/3/25 18:13:31]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

#4 Příspěvek od **Conder** » 25 bře 2018 19:28

Klavesnicu na notebooku mas tiez zapnutu? Ked sa tento problem najblizsie vyskytne, vyskusaj odpojit externu klavesnicu. Klavesnicu na notebooku mas tiez zapnutu?

Poprosim o obidva nove logy z FRST (FRST.txt a Addition.txt).

zuzka411 · #5 Příspěvek od **zuzka411** » 25 bře 2018 19:39

Ano klávesnici na notebooku mám pořád zapnutou, protože nevím, jak ji vypnout. Externí klávesnici jsem zkusila odpojit, ale problém přetrvával.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14.03.2018
Ran by Zuzana (administrator) on ZUZANA-PC (25-03-2018 20:34:39)
Running from C:\Users\Zuzana\Downloads
Loaded Profiles: Zuzana (Available Profiles: Zuzana)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) D:\Programy\ekrn.exe
() C:\Program Files\Broadcom\CV\bin\UshUpgradeService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(Broadcom Corporation) C:\Program Files\Broadcom\CV\bin\HostControlService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\CV\bin\HostStorageService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AEstSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(ESET) D:\Programy\egui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2017-08-20] (IDT, Inc.)
HKLM\...\Run: [egui] => D:\Programy\ecmds.exe [300440 2017-12-18] (ESET)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [261944 2018-01-22] (Apple Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-2314392373-3971531273-2474555217-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7E9B2CD9-F506-4066-A456-264B419C0268}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{A8EF6825-A73B-49BE-859E-AD75C102933A}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2314392373-3971531273-2474555217-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__180304__yaie
SearchScopes: HKU\S-1-5-21-2314392373-3971531273-2474555217-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180304__yaie&p={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2014-05-22] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: eew84m5u.default
FF ProfilePath: C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\eew84m5u.default [2018-03-25]
FF Homepage: Mozilla\Firefox\Profiles\eew84m5u.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__180304__yaff
FF NewTab: Mozilla\Firefox\Profiles\eew84m5u.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__180304__yaff
FF Extension: (No Name) - C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\eew84m5u.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-27] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-27] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default [2018-03-25]
CHR Extension: (Prezentace) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-27]
CHR Extension: (Dokumenty) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-12-30]
CHR Extension: (Tabulky) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-27]
CHR Extension: (City-Sunset) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnffhanomkamjoleojbnkailliiojphl [2017-12-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-27]
CHR Extension: (AdBlock) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-17]
CHR Extension: (Chrome Media Router) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-25]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; D:\Programy\ekrn.exe [1539560 2017-12-18] (ESET)
R2 hostcontrolsvc; C:\Program Files\Broadcom\CV\bin\HostControlService.exe [820736 2018-02-24] (Broadcom Corporation)
R2 hoststoragesvc; C:\Program Files\Broadcom\CV\bin\HostStorageService.exe [36352 2018-02-24] (Broadcom Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [245842 2017-08-20] (IDT, Inc.)
R2 ushupgradesvc; C:\Program Files\Broadcom\CV\bin\UshUpgradeService.exe [221696 2018-02-24] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 cvusbdrv; C:\Windows\System32\Drivers\cvusbdrv.sys [51808 2018-02-24] (Broadcom Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [114552 2018-01-19] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141480 2018-01-19] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [90136 2018-01-19] (ESET)
S3 ETDSMBus; C:\Windows\System32\DRIVERS\ETDSMBus.sys [28744 2017-08-20] (ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-08-20] (REALiX(tm))
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7530736 2017-08-20] (Intel Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45144 2018-02-24] (Synaptics Incorporated)
R3 WirelessKeyboardFilter; C:\Windows\System32\DRIVERS\WirelessKeyboardFilter.sys [44776 2018-02-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-25 20:30 - 2018-03-25 20:30 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WirelessDevice_01_09_00.Wdf
2018-03-25 20:11 - 2018-03-25 20:14 - 000000000 ____D C:\AdwCleaner
2018-03-25 20:10 - 2018-03-25 20:10 - 008222496 _____ (Malwarebytes) C:\Users\Zuzana\Downloads\Nepotvrzeno 298872.crdownload
2018-03-25 20:10 - 2018-03-25 20:10 - 008222496 _____ (Malwarebytes) C:\Users\Zuzana\Desktop\adwcleaner_7.0.8.0 (1).exe
2018-03-25 19:07 - 2018-03-25 20:34 - 000009629 _____ C:\Users\Zuzana\Downloads\FRST.txt
2018-03-25 19:07 - 2018-03-25 19:08 - 000016818 _____ C:\Users\Zuzana\Downloads\Addition.txt
2018-03-25 19:06 - 2018-03-25 19:06 - 001764352 _____ (Farbar) C:\Users\Zuzana\Downloads\Nepotvrzeno 830225.crdownload
2018-03-25 19:05 - 2018-03-25 20:34 - 000000000 ____D C:\FRST
2018-03-25 19:05 - 2018-03-25 19:05 - 001764352 _____ (Farbar) C:\Users\Zuzana\Downloads\FRST.exe
2018-03-18 20:42 - 2018-03-18 20:45 - 381285552 _____ (Microsoft Corporation) C:\Users\Zuzana\Downloads\OfficeLangPack_Czech_x86.exe
2018-03-18 20:22 - 2018-03-18 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2018-03-18 20:22 - 2018-03-18 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2018-03-18 20:21 - 2018-03-18 20:21 - 000000000 ____D C:\Program Files\Microsoft Synchronization Services
2018-03-18 20:21 - 2018-03-18 20:21 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-03-18 20:20 - 2018-03-18 20:20 - 000000000 ____D C:\Windows\PCHEALTH
2018-03-18 20:20 - 2018-03-18 20:20 - 000000000 ____D C:\Program Files\Microsoft Sync Framework
2018-03-18 20:20 - 2018-03-18 20:20 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2018-03-18 20:17 - 2018-03-18 20:17 - 000000000 ____D C:\Program Files\Microsoft Visual Studio 8
2018-03-18 20:16 - 2018-03-18 20:49 - 000000000 ____D C:\Windows\SHELLNEW
2018-03-18 20:16 - 2018-03-18 20:16 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2018-03-18 20:14 - 2018-03-18 20:14 - 000000000 __RHD C:\MSOCache
2018-03-18 19:48 - 2018-03-18 19:48 - 000000000 ____D C:\Users\Zuzana\Downloads\Microsoft Office 2010 Professional Plus 14.0.7128.5000 SP2 RePack by D!akov
2018-03-18 19:45 - 2018-03-18 19:48 - 682989259 _____ C:\Users\Zuzana\Downloads\ms office 2010.zip
2018-03-18 19:42 - 2018-03-18 19:42 - 000000000 ____D C:\Users\Zuzana\AppData\Roaming\Thinstall
2018-03-18 19:42 - 2018-03-18 19:42 - 000000000 ____D C:\Users\Zuzana\AppData\Local\Thinstall
2018-03-18 19:41 - 2018-03-18 19:41 - 003306404 _____ C:\Users\Zuzana\Downloads\MAII_tutorial1_slides.pdf
2018-03-18 19:13 - 2018-03-18 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-03-18 16:05 - 2018-03-18 16:05 - 000000661 _____ C:\Users\Zuzana\Desktop\Zuzka – zástupce.lnk
2018-03-17 18:16 - 2018-03-17 18:16 - 000000000 ____D C:\Users\Zuzana\Documents\Vlastní šablony Office
2018-03-17 17:48 - 2018-03-17 17:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-03-17 17:48 - 2018-03-17 17:48 - 000000000 ____D C:\ProgramData\ESET
2018-03-17 16:24 - 2018-03-21 19:44 - 000002149 _____ C:\Users\Zuzana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2018-03-17 16:24 - 2018-03-21 19:44 - 000000000 ___RD C:\Users\Zuzana\OneDrive
2018-03-17 16:24 - 2018-03-17 16:24 - 000002086 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2018-03-17 16:24 - 2018-03-17 16:24 - 000002086 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2018-03-17 16:24 - 2018-03-17 16:24 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2018-03-17 16:23 - 2018-03-17 16:23 - 000000000 ____D C:\Users\Zuzana\AppData\Roaming\Skype
2018-03-17 16:23 - 2018-03-17 16:23 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-03-17 15:40 - 2018-03-18 20:20 - 000000000 ____D C:\Program Files\Microsoft Office
2018-03-16 22:22 - 2018-02-13 20:31 - 000117440 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-03-16 22:22 - 2018-02-13 20:24 - 000534016 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-03-16 22:22 - 2018-02-13 16:04 - 001893888 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-03-16 22:22 - 2018-02-13 16:04 - 001319424 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-03-16 22:22 - 2018-02-13 16:04 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-03-16 22:22 - 2018-02-13 16:04 - 000508416 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-03-16 22:22 - 2018-02-13 16:04 - 000339968 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-03-16 22:22 - 2018-02-13 16:04 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-03-16 22:22 - 2018-02-13 16:04 - 000212992 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-03-16 22:22 - 2018-02-13 16:04 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-03-11 22:43 - 2018-03-11 22:43 - 001846008 _____ (Microsoft Corporation) C:\Windows\system32\WudfUpdate_01009.dll
2018-03-11 15:54 - 2018-03-11 15:54 - 000000000 ____D C:\Users\Zuzana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Drakensang Online
2018-03-04 18:52 - 2018-03-04 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2018-03-04 18:48 - 2018-03-04 18:48 - 000000000 ____D C:\Program Files\GOG.com
2018-03-04 17:48 - 2018-03-18 19:44 - 000000000 ____D C:\Users\Zuzana\AppData\LocalLow\uTorrent
2018-03-04 17:46 - 2018-03-25 20:14 - 000000000 ____D C:\Users\Zuzana\AppData\Roaming\Lavasoft
2018-03-04 17:46 - 2018-03-25 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-03-04 17:46 - 2018-03-25 20:14 - 000000000 ____D C:\ProgramData\Lavasoft
2018-03-04 17:46 - 2018-03-25 20:14 - 000000000 ____D C:\Program Files\Lavasoft
2018-03-04 17:46 - 2018-03-25 18:30 - 000000000 ____D C:\Users\Zuzana\AppData\Roaming\uTorrent
2018-03-04 17:46 - 2018-03-04 17:46 - 000000000 ____D C:\Users\Zuzana\AppData\Local\Lavasoft
2018-03-01 17:35 - 2018-03-01 17:35 - 000242496 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2018-03-01 17:11 - 2018-03-01 17:11 - 000440128 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2018-03-01 17:11 - 2018-03-01 17:11 - 000263856 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2018-03-01 17:11 - 2018-03-01 17:11 - 000083792 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2018-02-24 12:26 - 2018-01-13 16:51 - 000000857 _____ C:\Users\Zuzana\Desktop\Downloads.lnk
2018-02-24 11:59 - 2018-02-24 11:59 - 001637776 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2018-02-24 11:59 - 2018-02-24 11:59 - 000045144 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2018-02-24 11:59 - 2018-02-24 11:59 - 000044776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WirelessKeyboardFilter.sys
2018-02-24 11:59 - 2018-02-24 11:59 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2018-02-24 11:59 - 2018-02-24 11:59 - 000000000 ____D C:\Program Files\Synaptics
2018-02-24 11:56 - 2018-02-24 11:56 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_cvusbdrv_01009.Wdf
2018-02-24 11:55 - 2018-03-25 20:25 - 000020984 _____ C:\Windows\system32\CVFirmwareUpgradeLog.txt
2018-02-24 11:55 - 2018-02-24 11:55 - 001463424 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2018-02-24 11:55 - 2018-02-24 11:55 - 000523392 _____ (Broadcom Corporation) C:\Windows\system32\bipdll.dll
2018-02-24 11:55 - 2018-02-24 11:55 - 000363008 _____ (Broadcom) C:\Windows\system32\cvproppage.dll
2018-02-24 11:55 - 2018-02-24 11:55 - 000051808 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\cvusbdrv.sys
2018-02-24 11:55 - 2018-02-24 11:55 - 000000000 ____D C:\ProgramData\Broadcom
2018-02-24 11:55 - 2018-02-24 11:55 - 000000000 ____D C:\Program Files\Broadcom
2018-02-24 11:41 - 2018-02-24 11:41 - 000000000 ____D C:\Program Files\PDF Architect 5 Manager

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-25 20:33 - 2009-07-14 06:34 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-25 20:33 - 2009-07-14 06:34 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-25 20:30 - 2017-12-27 19:59 - 000000000 ____D C:\Users\Zuzana\AppData\Local\ElevatedDiagnostics
2018-03-25 20:30 - 2009-12-21 02:02 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-25 20:30 - 2009-07-14 10:44 - 000668792 _____ C:\Windows\system32\perfh005.dat
2018-03-25 20:30 - 2009-07-14 10:44 - 000141420 _____ C:\Windows\system32\perfc005.dat
2018-03-25 20:30 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2018-03-25 20:25 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-25 20:14 - 2017-12-27 20:15 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-03-25 19:18 - 2017-08-21 18:19 - 000000000 ____D C:\Users\Zuzana\Desktop\Zástupci
2018-03-24 20:07 - 2017-12-03 19:22 - 000115552 _____ C:\Users\Zuzana\AppData\Local\GDIPFONTCACHEV1.DAT
2018-03-24 18:40 - 2017-12-27 20:17 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-21 19:31 - 2009-07-14 06:33 - 000439408 _____ C:\Windows\system32\FNTCACHE.DAT
2018-03-18 20:50 - 2009-07-14 04:04 - 000000478 _____ C:\Windows\win.ini
2018-03-18 20:21 - 2009-07-14 06:52 - 000000000 ____D C:\Program Files\MSBuild
2018-03-18 20:21 - 2009-07-14 04:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-03-18 20:17 - 2009-07-14 04:37 - 000000000 ____D C:\Program Files\Common Files\System
2018-03-18 19:32 - 2017-08-28 18:01 - 000000000 ____D C:\Users\Zuzana\AppData\Roaming\vlc
2018-03-18 19:29 - 2009-07-14 06:53 - 000032606 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-03-18 19:25 - 2018-02-20 21:06 - 000000000 ____D C:\Program Files\PDFCreator
2018-03-18 19:23 - 2009-12-21 01:46 - 000000000 ____D C:\Windows\Panther
2018-03-17 16:24 - 2009-12-21 01:58 - 000000000 ____D C:\Users\Zuzana
2018-03-17 10:41 - 2009-12-21 00:01 - 000000000 ____D C:\Windows\system32\appraiser
2018-03-17 10:04 - 2017-08-20 22:50 - 000000000 ____D C:\Windows\system32\MRT
2018-03-17 10:01 - 2017-10-11 15:48 - 127391104 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-03-17 10:01 - 2017-08-20 22:49 - 127391104 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-03-11 15:54 - 2017-08-21 20:24 - 000000000 ____D C:\Program Files\Drakensang Online
2018-03-04 18:54 - 2009-12-21 01:58 - 000000000 ____D C:\Users\Zuzana\AppData\Local\VirtualStore
2018-02-25 15:07 - 2017-12-03 20:12 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-24 19:36 - 2018-02-20 21:10 - 000000000 ____D C:\ProgramData\AVAST Software
2018-02-24 11:42 - 2018-02-20 21:07 - 000000000 ____D C:\ProgramData\PDF Architect 5
2018-02-24 11:41 - 2018-02-20 21:10 - 000000000 ____D C:\Users\Zuzana\AppData\Roaming\Seznam.cz
2018-02-24 11:41 - 2018-02-20 21:10 - 000000000 ____D C:\Program Files\Seznam.cz
2018-02-24 11:36 - 2018-01-21 17:00 - 000000000 ____D C:\Program Files\Common Files\InstallShield
2018-02-24 11:36 - 2017-08-20 23:23 - 000000000 ____D C:\ProgramData\ProductData

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-21 20:00

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14.03.2018
Ran by Zuzana (25-03-2018 20:35:09)
Running from C:\Users\Zuzana\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2009-12-20 23:57:50)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2314392373-3971531273-2474555217-500 - Administrator - Disabled)
Guest (S-1-5-21-2314392373-3971531273-2474555217-501 - Limited - Disabled)
Zuzana (S-1-5-21-2314392373-3971531273-2474555217-1000 - Administrator - Enabled) => C:\Users\Zuzana

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2314392373-3971531273-2474555217-1000\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 26 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{BD40DFE8-9908-43A8-93C0-67608DD3D400}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
Drakensang Online (HKLM\...\Drakensang Online) (Version: - )
ESET Security (HKLM\...\{F3AF1791-4D66-4638-AC25-DCC90A8B2344}) (Version: 11.0.159.9 - ESET, spol. s r.o.)
Google Chrome (HKLM\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
iTunes (HKLM\...\{6EBB5549-1773-43E1-BB82-E7A14CA5AB6B}) (Version: 12.7.3.46 - Apple Inc.)
Medal of Honor - Allied Assault War Chest (HKLM\...\Medal of Honor - Allied Assault War Chest_is1) (Version: - GOG.com)
Microsoft .NET Framework 4.7.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - Czech/èeština (HKLM\...\Office14.OMUI.cs-cz) (Version: 14.0.4763.1011 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2314392373-3971531273-2474555217-1000\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.1.2 - pdfforge GmbH)
Podpora aplikací Apple (32bitová) (HKLM\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WinRAR 5.50 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => D:\Programy\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => D:\Programy\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2017-08-20] (Intel Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => D:\Programy\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {625B7372-9A13-4781-A1AC-E7987A6C6CF4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.)
Task: {636478EF-C570-4943-B9F9-D27564754E8A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-20] (Adobe Systems Incorporated)
Task: {6F37F7B4-B2A3-4207-A980-AE5D9F2D39E1} - System32\Tasks\Driver Booster SkipUAC (Zuzana) => D:\Programy 2\driver booster\4.5.0\DriverBooster.exe
Task: {793F5EAE-795C-4145-882B-2B3DDAFA23EA} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
Task: {7D138EA0-3D7C-4D6D-888D-382696F7FF46} - System32\Tasks\CCleaner Update => D:\Programy 2\Ccleaner\CCUpdate.exe [2018-03-06] (Piriform Ltd)
Task: {8879AB04-34AD-4DA3-B7CB-5F2ACE9C9DC7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-12-27] (Google Inc.)
Task: {90A795C5-1391-4991-BC8C-DD87F5D64593} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {ADAD92FB-0BE7-43E7-81F9-9BDE9DD3172E} - System32\Tasks\CCleanerSkipUAC => D:\Programy 2\Ccleaner\CCleaner.exe [2018-03-06] (Piriform Ltd)
Task: {D2EADDEF-46C2-49A6-959E-0A806E1C5476} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-12-27] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2018-02-24 11:55 - 2018-02-24 11:55 - 000221696 _____ () C:\Program Files\Broadcom\CV\bin\UshUpgradeService.exe
2013-09-05 01:14 - 2013-09-05 01:14 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2018-01-05 01:14 - 2018-01-05 01:14 - 001042232 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-01-05 01:14 - 2018-01-05 01:14 - 000076088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-01-22 04:21 - 2018-01-22 04:21 - 001042232 _____ () C:\Program Files\iTunes\libxml2.dll
2018-01-22 04:21 - 2018-01-22 04:21 - 000076088 _____ () C:\Program Files\iTunes\zlib1.dll
2018-03-24 18:40 - 2018-03-20 08:07 - 003737944 _____ () C:\Program Files\Google\Chrome\Application\65.0.3325.181\libglesv2.dll
2018-03-24 18:40 - 2018-03-20 08:07 - 000085848 _____ () C:\Program Files\Google\Chrome\Application\65.0.3325.181\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2314392373-3971531273-2474555217-1000\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2314392373-3971531273-2474555217-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Zuzana\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AF43D900-8CE2-4A8C-9C46-846B09EAECC9}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{34378EB3-1829-4034-AED3-76F9BBB51FAA}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{761A544D-5691-4B2C-BEC3-EA01104F1CE6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C0667BF5-508F-40C4-90D8-AB5C715B53A5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7A67378B-FC7A-4ABA-8B65-A2D6803193C1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{7650A5EE-FB3C-4A54-AE80-DAB367E780A6}] => (Allow) C:\Users\Zuzana\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7DD0C0E1-76E1-4534-8679-D447CC2BAE83}] => (Allow) C:\Users\Zuzana\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{74D9117A-BF63-40DD-BD7C-49DB85C9DDA2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/25/2018 06:26:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 43847934

Error: (03/25/2018 06:26:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 43847934

Error: (03/25/2018 06:26:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/25/2018 06:26:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 43846936

Error: (03/25/2018 06:26:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 43846936

Error: (03/25/2018 06:26:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/25/2018 06:15:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8330

Error: (03/25/2018 06:15:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8330

System errors:
=============
Error: (03/25/2018 08:14:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Media Player Network Sharing neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (03/25/2018 08:14:37 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WMPNetworkSvc se nemohla přihlásit jako NT AUTHORITY\NetworkService s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (03/25/2018 08:14:11 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (03/25/2018 08:14:11 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (03/25/2018 08:14:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bonjour Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/25/2018 08:14:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (03/25/2018 08:14:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba iPod Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/25/2018 08:14:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Apple Mobile Device byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T9600 @ 2.80GHz
Percentage of memory in use: 36%
Total physical RAM: 3535.9 MB
Available physical RAM: 2246.34 MB
Total Virtual: 7070.14 MB
Available Virtual: 5783.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:68.26 GB) (Free:34.77 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Místní disk) (Fixed) (Total:164.52 GB) (Free:71.29 GB) NTFS

\\?\Volume{96e2b5fc-edc2-11de-9f42-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: ED4C3016)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=68.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=164.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#6 Příspěvek od **Conder** » 25 bře 2018 20:18

Interna klavesnica sa da na niekorych notebookoch vypnut cez kombinaciu Fn + niektora F klavesa, ale kazdy vyrobca to ma inak, niekde to nemusi ist vobec. Malo by sa to dat poznat podla ikony na danej klavese, pripadne v manuali alebo google.

V logu nevidim nic, co by toto mohlo sposobovat. Kedze to sa to deje aj pri odpojenej externej klavesnici, problem zrejme bude v tej notebookovej. Ak je NTB este v zaruke, odporucil by som poslat ho na reklamaciu.

Odporucam nepouzivat programy od IObit (Driver Booster, Advanced SystemCare...) - su to cinske smejdy, ktore mozu poskodit system.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-2314392373-3971531273-2474555217-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__180304__yaie
SearchScopes: HKU\S-1-5-21-2314392373-3971531273-2474555217-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180304__yaie&p={searchTerms}
FF Homepage: Mozilla\Firefox\Profiles\eew84m5u.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__180304__yaff
FF NewTab: Mozilla\Firefox\Profiles\eew84m5u.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10440__180304__yaff
FF Extension: (No Name) - C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\eew84m5u.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
2018-03-04 17:46 - 2018-03-25 20:14 - 000000000 ____D C:\Users\Zuzana\AppData\Roaming\Lavasoft
2018-03-04 17:46 - 2018-03-25 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-03-04 17:46 - 2018-03-25 20:14 - 000000000 ____D C:\ProgramData\Lavasoft
2018-03-04 17:46 - 2018-03-25 20:14 - 000000000 ____D C:\Program Files\Lavasoft
2018-03-04 17:46 - 2018-03-04 17:46 - 000000000 ____D C:\Users\Zuzana\AppData\Local\Lavasoft
2018-02-24 11:41 - 2018-02-20 21:10 - 000000000 ____D C:\Users\Zuzana\AppData\Roaming\Seznam.cz
2018-02-24 11:41 - 2018-02-20 21:10 - 000000000 ____D C:\Program Files\Seznam.cz
Task: {6F37F7B4-B2A3-4207-A980-AE5D9F2D39E1} - System32\Tasks\Driver Booster SkipUAC (Zuzana) => D:\Programy 2\driver booster\4.5.0\DriverBooster.exe
IE trusted site: HKU\S-1-5-21-2314392373-3971531273-2474555217-1000\...\localhost -> localhost
C:\Users\Zuzana\Downloads\*.crdownload
D:\Programy 2\driver booster
C:\ProgramData\Application Data\lavasoft
C:\Users\All Users\lavasoft
C:\Users\Zuzana\AppData\Roaming\lavasoft

Hosts:
EmptyTemp:
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

VIRY.CZ

Samovolné zavírání oken

Samovolné zavírání oken

Re: Samovolné zavírání oken

Re: Samovolné zavírání oken

Re: Samovolné zavírání oken

Re: Samovolné zavírání oken

Re: Samovolné zavírání oken