VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Kontrola

https://forum.viry.cz:443/viewtopic.php?t=154618

Stránka 1 z 2

Kontrola

Napsal: 08 srp 2018 07:53
od Pakl
Prosím po delší době o kontrolu mého PC.

Logfile of random's system information tool 1.10 (written by random/random)
Run by PaKl at 2018-08-08 08:46:52
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 161 GB (66%) free of 244 GB
Total RAM: 8169 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:47:20, on 8.8.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal

Running processes:
C:\Utility\caps-unlocker\CapsUnlocker.exe
E:\Abacus\Aplikace\HotkeyP\HotkeyP.exe
C:\Utility\DesktopOK\DesktopOK.exe
C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Creative\Sound Blaster Audigy Fx\Sound Blaster Audigy Fx Control Panel\SBAdgyFx.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\JetToolBar\JetTB.exe
C:\ProgramData\MEGAsync\MEGAsync.exe
C:\Program Files (x86)\Tajpi\Tajpi.exe
C:\Utility\DisplayFusion 8.1.1 portable\DisplayFusionHookAppWIN6032.exe
C:\Program Files\trend micro\PaKl.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mlp.cz:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office16\URLREDIR.DLL
O2 - BHO: QTTabBar AutoLoader - {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} - mscoree.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - mscoree.dll (file missing)
O3 - Toolbar: QTTab Standard Buttons - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [Sound Blaster Audigy Fx Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster Audigy Fx\Sound Blaster Audigy Fx Control Panel\SBAdgyFx.exe" /r
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [PureText] "C:\Utility\Puretext\PureText.exe"
O4 - HKCU\..\Run: [CapsUnlocker] C:\Utility\caps-unlocker\CapsUnlocker.exe
O4 - HKCU\..\Run: [HotkeyP] E:\Abacus\Aplikace\HotkeyP\HotkeyP.exe 0
O4 - HKCU\..\Run: [DisplayFusion] "C:\Utility\DisplayFusion 8.1.1 portable\DisplayFusion.exe"
O4 - HKCU\..\Run: [DesktopOK] "C:\Utility\DesktopOK\DesktopOK.exe" -bg -startup
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Startup: CapsUnlocker.lnk = C:\Utility\caps-unlocker\CapsUnlocker.exe
O4 - Startup: FFRDeluxe.lnk = C:\Program Files (x86)\Font Fitting Room Deluxe\ffr.exe
O4 - Startup: JetTB.lnk = C:\Program Files (x86)\JetToolBar\JetTB.exe
O4 - Startup: MEGAsync.lnk = C:\ProgramData\MEGAsync\MEGAsync.exe
O4 - Startup: nexusfont.lnk = C:\Utility\nexusfont\nexusfont.exe
O4 - Startup: Tajpi.exe.lnk = C:\Program Files (x86)\Tajpi\Tajpi.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Poslat do On&eNotu - res://C:\PROGRA~2\MICROS~1\Office16\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Přidat do stávajícího PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{F07B9FF0-D027-4A68-A616-900F9F645FC4}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) - AOMEI Tech Co., Ltd. - C:\Program Files (x86)\AOMEI Backupper\ABService.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\Windows\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache64 - Apache Software Foundation - d:\wamp64\bin\apache\apache2.4.27\bin\httpd.exe
O23 - Service: wampmariadb64 - Unknown owner - d:\wamp64\bin\mariadb\mariadb10.2.8\bin\mysqld.exe
O23 - Service: wampmysqld64 - Unknown owner - d:\wamp64\bin\mysql\mysql5.7.19\bin\mysqld.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14406 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\AOMEI Backupper\ABService.exe"
C:\Windows\system32\DbxSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe" -s DefaultInstance
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe" -s DefaultInstance
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Utility\Puretext\PureText.exe"
"C:\Utility\caps-unlocker\CapsUnlocker.exe"
"E:\Abacus\Aplikace\HotkeyP\HotkeyP.exe" 0
"C:\Utility\DisplayFusion 8.1.1 portable\DisplayFusion.exe"
"C:\Utility\DesktopOK\DesktopOK.exe" -bg -startup
"C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Creative\Sound Blaster Audigy Fx\Sound Blaster Audigy Fx Control Panel\SBAdgyFx.exe" /r
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\JetToolBar\JetTB.exe"
"C:\ProgramData\MEGAsync\MEGAsync.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Tajpi\Tajpi.exe"
"C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
"C:\Utility\DisplayFusion 8.1.1 portable\DisplayFusionHookAppWIN6032.exe" "2088" "66680" "66752" "66688" "65658" "65712" "d2d4e3bf-8778-49f9-ac61-de80283f318d" "C:\Utility\DisplayFusion 8.1.1 portable\Hooks\AppHookWIN6032_29e16310-b35e-40a9-94ac-d5bc68d02200.dll" "DisplayFusion" "Software\Binary Fortress Software\DisplayFusion" "Software\Binary Fortress Software\DisplayFusion\Session" "0" "61" "1" "0"
"C:\Utility\DisplayFusion 8.1.1 portable\DisplayFusionHookAppWIN6064.exe" "2088" "66680" "66752" "66688" "65658" "65712" "d2d4e3bf-8778-49f9-ac61-de80283f318d" "C:\Utility\DisplayFusion 8.1.1 portable\Hooks\AppHookWIN6064_92a2c5c2-1f10-48be-9a59-6fb50633e0ac.dll" "DisplayFusion" "Software\Binary Fortress Software\DisplayFusion" "Software\Binary Fortress Software\DisplayFusion\Session" "1" "61" "1" "0"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\PaKl\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\PaKl\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\PaKl\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=67.0.3396.99 --initial-client-data=0x80,0x84,0x88,0x7c,0x8c,0x7fef5b53228,0x7fef5b53238,0x7fef5b53248
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3888 --on-initialized-event-handle=320 --parent-handle=324 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1124,2187424080226336850,16983334587409874480,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --use-gl=swiftshader-webgl --service-request-channel-token=1FB5DC20EF05FC26AEF0C8001B29DAA9 --mojo-platform-channel-handle=1180 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1124,2187424080226336850,16983334587409874480,131072 --service-pipe-token=16599D7C518A09C703EA016F9B943630 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=16599D7C518A09C703EA016F9B943630 --renderer-client-id=3 --mojo-platform-channel-handle=2380 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1124,2187424080226336850,16983334587409874480,131072 --disable-gpu-compositing --service-pipe-token=2D3B9D59D58D5A8732E86C530F62A58B --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=2D3B9D59D58D5A8732E86C530F62A58B --renderer-client-id=4 --mojo-platform-channel-handle=2768 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1124,2187424080226336850,16983334587409874480,131072 --disable-gpu-compositing --service-pipe-token=C993C1F386D38046A7C9A5C6A6A53E97 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=C993C1F386D38046A7C9A5C6A6A53E97 --renderer-client-id=5 --mojo-platform-channel-handle=2912 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1124,2187424080226336850,16983334587409874480,131072 --disable-gpu-compositing --service-pipe-token=9ACE10557CC4949442950C96F4040851 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=9ACE10557CC4949442950C96F4040851 --renderer-client-id=6 --mojo-platform-channel-handle=3044 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1124,2187424080226336850,16983334587409874480,131072 --disable-gpu-compositing --service-pipe-token=A0AFC7B9353A53C08FB3AA83391A2494 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=A0AFC7B9353A53C08FB3AA83391A2494 --renderer-client-id=7 --mojo-platform-channel-handle=3164 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1124,2187424080226336850,16983334587409874480,131072 --disable-gpu-compositing --service-pipe-token=B162FCE49765EA65177A41393C141095 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=B162FCE49765EA65177A41393C141095 --renderer-client-id=8 --mojo-platform-channel-handle=3192 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1124,2187424080226336850,16983334587409874480,131072 --disable-gpu-compositing --service-pipe-token=BAA47B6C361F5B6F1A9B8DA438412A23 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=BAA47B6C361F5B6F1A9B8DA438412A23 --renderer-client-id=9 --mojo-platform-channel-handle=3400 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1124,2187424080226336850,16983334587409874480,131072 --disable-gpu-compositing --service-pipe-token=77AAB2F33E12D3B5EEEE2B62A5C8917F --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=77AAB2F33E12D3B5EEEE2B62A5C8917F --renderer-client-id=17 --mojo-platform-channel-handle=6460 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1124,2187424080226336850,16983334587409874480,131072 --disable-gpu-compositing --service-pipe-token=818C83F076D21DFE9A757BDDD649116F --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=818C83F076D21DFE9A757BDDD649116F --renderer-client-id=22 --mojo-platform-channel-handle=3816 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1124,2187424080226336850,16983334587409874480,131072 --disable-gpu-compositing --service-pipe-token=5E989CF439E2F18A7AEC210F451B7305 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=5E989CF439E2F18A7AEC210F451B7305 --renderer-client-id=26 --mojo-platform-channel-handle=6288 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1124,2187424080226336850,16983334587409874480,131072 --disable-gpu-compositing --service-pipe-token=5FFE217484BCFAF7B408265EC4A93D4C --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=5FFE217484BCFAF7B408265EC4A93D4C --renderer-client-id=27 --mojo-platform-channel-handle=3796 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1124,2187424080226336850,16983334587409874480,131072 --disable-gpu-compositing --service-pipe-token=7BE9330E6A77F2D10ADB671AF15812E3 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=7BE9330E6A77F2D10ADB671AF15812E3 --renderer-client-id=43 --mojo-platform-channel-handle=7044 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1124,2187424080226336850,16983334587409874480,131072 --disable-gpu-compositing --service-pipe-token=BF729223EBC13D4835D3141B3FCED89D --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=BF729223EBC13D4835D3141B3FCED89D --renderer-client-id=44 --mojo-platform-channel-handle=6700 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe11_ Global\UsGthrCtrlFltPipeMssGthrPipe11 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "D:\Z_Index\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 540 544 552 65536 548
"E:\Stahy\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1124,2187424080226336850,16983334587409874480,131072 --disable-gpu-compositing --service-pipe-token=BB68C55685E16CAEF15CA9DFC09CE058 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=BB68C55685E16CAEF15CA9DFC09CE058 --renderer-client-id=53 --mojo-platform-channel-handle=9008 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1124,2187424080226336850,16983334587409874480,131072 --disable-gpu-compositing --service-pipe-token=B062AB900C605DBAA900CC2E5751DF3E --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=B062AB900C605DBAA900CC2E5751DF3E --renderer-client-id=54 --mojo-platform-channel-handle=8476 /prefetch:1

======Scheduled tasks folder======

C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Re: Kontrola 2. část RSIT

Napsal: 08 srp 2018 07:59
od Pakl
======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-07-26 582008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office16\URLREDIR.DLL [2015-07-31 580312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~1\MICROS~1\Office16\GROOVEEX.DLL [2018-05-15 2179864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2bf470e-ed1c-487f-a777-2bd8835eb6ce}]
QTTabBar AutoLoader - C:\Windows\system32\mscoree.dll [2010-11-21 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-26 245112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-10-27 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office16\URLREDIR.DLL [2015-07-31 403672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2bf470e-ed1c-487f-a777-2bd8835eb6ce}]
QTTabBar AutoLoader - C:\Windows\system32\mscoree.dll [2010-11-21 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - QTTabBar - C:\Windows\system32\mscoree.dll [2010-11-21 444752]
{d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - QTTab Standard Buttons - C:\Windows\system32\mscoree.dll [2010-11-21 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]
{d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - QTTabBar - C:\Windows\system32\mscoree.dll [2010-11-21 444752]
{d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - QTTab Standard Buttons - C:\Windows\system32\mscoree.dll [2010-11-21 444752]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2010-10-27 613536]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2010-10-27 379040]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05 508240]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11 316392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PureText"=C:\Utility\Puretext\PureText.exe [2015-09-29 84264]
"CapsUnlocker"=C:\Utility\caps-unlocker\CapsUnlocker.exe [2013-08-17 253952]
"HotkeyP"=E:\Abacus\Aplikace\HotkeyP\HotkeyP.exe [2016-04-26 258048]
"DisplayFusion"=C:\Utility\DisplayFusion 8.1.1 portable\DisplayFusion.exe [2016-10-31 9167864]
"DesktopOK"=C:\Utility\DesktopOK\DesktopOK.exe [2016-12-06 278528]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2018-05-30 46281248]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [2018-04-05 576456]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-07-20 18534016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR10]
C:\Program Files (x86)\ABBYY FineReader 10\Bonus.ScreenshotReader.exe /autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad]
C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2018-05-12 3255888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToolwizTimeFreeze]
C:\Program Files\Toolwiz Time Freeze 2017\ToolwizTimeFreeze.exe [2017-08-22 1623896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-04-30 284440]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-08-04 767176]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2006-10-23 620152]
""= []
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2018-07-31 3754168]
"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]
"Sound Blaster Audigy Fx Control Panel"=C:\Program Files (x86)\Creative\Sound Blaster Audigy Fx\Sound Blaster Audigy Fx Control Panel\SBAdgyFx.exe [2013-11-08 861184]
"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2018-05-12 3255888]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-07-07 601424]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Acrobat Speed Launcher.lnk - C:\Windows\Installer\{AC76BA86-1029-0000-7760-000000000003}\_SC_Acrobat.exe
Adobe Acrobat Synchronizer.lnk - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe

C:\Users\PaKl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CapsUnlocker.lnk - C:\Utility\caps-unlocker\CapsUnlocker.exe
FFRDeluxe.lnk - C:\Program Files (x86)\Font Fitting Room Deluxe\ffr.exe
JetTB.lnk - C:\Program Files (x86)\JetToolBar\JetTB.exe
MEGAsync.lnk - C:\ProgramData\MEGAsync\MEGAsync.exe
nexusfont.lnk - C:\Utility\nexusfont\nexusfont.exe
Tajpi.exe.lnk - C:\Program Files (x86)\Tajpi\Tajpi.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=0
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-08-08 08:46:52 ----D---- C:\rsit
2018-08-08 08:46:52 ----D---- C:\Program Files\trend micro
2018-07-31 03:25:38 ----A---- C:\Windows\system32\drivers\dbx-stable.sys
2018-07-31 03:25:38 ----A---- C:\Windows\system32\drivers\dbx-dev.sys
2018-07-31 03:25:38 ----A---- C:\Windows\system32\drivers\dbx-canary.sys
2018-07-31 03:25:38 ----A---- C:\Windows\system32\DbxSvc.exe
2018-07-26 11:03:23 ----A---- C:\Windows\system32\invagent.dll
2018-07-26 11:03:23 ----A---- C:\Windows\system32\generaltel.dll
2018-07-26 11:03:23 ----A---- C:\Windows\system32\devinv.dll
2018-07-26 11:03:23 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-07-26 11:03:23 ----A---- C:\Windows\system32\centel.dll
2018-07-26 11:03:23 ----A---- C:\Windows\system32\appraiser.dll
2018-07-26 11:03:23 ----A---- C:\Windows\system32\aitstatic.exe
2018-07-26 11:03:23 ----A---- C:\Windows\system32\aepic.dll
2018-07-26 11:03:23 ----A---- C:\Windows\system32\aeinv.dll
2018-07-26 11:03:23 ----A---- C:\Windows\system32\acmigration.dll

======List of files/folders modified in the last 1 month======

2018-08-08 08:46:53 ----D---- C:\Windows\Temp
2018-08-08 08:46:52 ----RD---- C:\Program Files
2018-08-08 08:36:16 ----D---- C:\Windows\inf
2018-08-08 08:36:15 ----D---- C:\Windows
2018-08-08 08:22:34 ----D---- C:\Windows\system32\config
2018-08-08 08:19:30 ----D---- C:\Users\PaKl\AppData\Roaming\DesktopOK
2018-08-08 08:12:01 ----SHD---- C:\System Volume Information
2018-08-08 08:07:18 ----D---- C:\Program Files (x86)\AOMEI Backupper
2018-08-06 10:51:47 ----D---- C:\Users\PaKl\AppData\Roaming\WhatsApp
2018-08-05 18:45:12 ----D---- C:\Users\PaKl\AppData\Roaming\Typora
2018-08-05 11:16:56 ----D---- C:\Windows\SYSWOW64\Macromed
2018-08-04 21:12:39 ----D---- C:\ProgramData\firebird
2018-08-04 17:00:49 ----D---- C:\Program Files (x86)\DOSBox-0.74
2018-08-04 17:00:43 ----D---- C:\Windows\system32\drivers
2018-08-04 16:57:45 ----HD---- C:\ProgramData
2018-08-04 12:31:04 ----D---- C:\ProgramData\AomeiBR
2018-08-04 11:47:02 ----D---- C:\AdwCleaner
2018-08-04 11:21:20 ----RD---- C:\Moje ikony
2018-08-03 16:29:45 ----D---- C:\Windows\system32\NDF
2018-08-03 14:27:57 ----D---- C:\Program Files (x86)\KeePass Password Safe 2
2018-08-02 09:01:01 ----D---- C:\Program Files (x86)\Dropbox
2018-08-02 09:01:00 ----D---- C:\Windows\System32
2018-08-01 21:48:21 ----D---- C:\Users\PaKl\AppData\Roaming\Mozilla
2018-07-27 09:05:10 ----D---- C:\Users\PaKl\AppData\Roaming\Thunderbird
2018-07-26 13:27:21 ----D---- C:\Windows\Microsoft.NET
2018-07-26 12:59:45 ----D---- C:\Program Files\FreeFileSync
2018-07-26 12:58:17 ----D---- C:\Windows\debug
2018-07-26 12:58:02 ----SHD---- C:\Windows\Installer
2018-07-26 12:58:02 ----D---- C:\Program Files\Java
2018-07-26 12:58:01 ----D---- C:\Program Files (x86)\Common Files
2018-07-26 12:57:35 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2018-07-26 12:31:50 ----D---- C:\Windows\winsxs
2018-07-26 12:31:02 ----D---- C:\Windows\system32\appraiser
2018-07-26 12:26:21 ----D---- C:\Windows\SysWOW64
2018-07-26 12:25:56 ----D---- C:\Windows\system32\MRT
2018-07-26 12:25:07 ----D---- C:\Windows\system32\Tasks
2018-07-26 12:24:28 ----AC---- C:\Windows\system32\MRT.exe
2018-07-26 12:03:15 ----D---- C:\Windows\system32\catroot2
2018-07-25 05:54:10 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-07-25 05:54:09 ----D---- C:\Windows\system32\Macromed
2018-07-25 05:23:00 ----RSD---- C:\Windows\Fonts
2018-07-25 05:22:40 ----D---- C:\ProgramData\Microsoft Help
2018-07-17 00:02:20 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ambakdrv;ambakdrv; C:\Windows\system32\ambakdrv.sys [2016-12-21 51120]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 TWZDISK;TWZDISK; C:\Windows\System32\Drivers\TWZDISK.sys [2017-08-22 73360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 TWZFILE;TWZFILE; \??\C:\Windows\System32\Drivers\TWZFILE.sys [2017-08-22 43152]
R2 ammntdrv;ammntdrv; \??\C:\Windows\system32\ammntdrv.sys [2016-12-21 171952]
R2 amwrtdrv;amwrtdrv; \??\C:\Windows\system32\amwrtdrv.sys [2017-09-01 38320]
R3 AFXfilt;AFXfilt; C:\Windows\system32\drivers\AFXfilt.sys [2013-06-04 25088]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-08-04 21622784]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-08-04 665088]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-10-27 38248]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-04-01 104976]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-10-27 301680]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-10-27 31080]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-10-27 203624]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-10-27 58992]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-27 279152]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 cthdb;Sound Blaster Audio Controller Driver; C:\Windows\system32\DRIVERS\cthdb.sys [2013-12-09 25088]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 ampa;ampa; \??\C:\Windows\system32\ampa.sys [2016-12-25 38320]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-10-27 55336]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfoX64.sys [2007-09-25 18128]
S3 dbx;dbx; C:\Windows\system32\DRIVERS\dbx.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 qcusbser;Qualcomm USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\qcusbser.sys [2017-03-15 254520]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2018-05-11 2321384]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2018-05-11 2128872]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-08-04 246784]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2010-10-27 52896]
R2 Backupper Service;AOMEI Backupper Scheduler Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [2017-09-04 122728]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2013-10-28 429056]
R2 DbxSvc;DbxSvc; C:\Windows\system32\DbxSvc.exe [2018-07-31 51392]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [2017-02-15 98304]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [2017-02-15 3825664]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2017-04-09 654848]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-04-09 143144]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-08 153752]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-25 335872]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-04-09 143144]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-08 153752]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-05-25 116224]
S3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-05-09 6541008]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-13 213696]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 wampapache64;wampapache64; d:\wamp64\bin\apache\apache2.4.27\bin\httpd.exe [2017-07-07 29184]
S3 wampmariadb64;wampmariadb64; d:\wamp64\bin\mariadb\mariadb10.2.8\bin\mysqld.exe [2017-08-17 14545920]
S3 wampmysqld64;wampmysqld64; d:\wamp64\bin\mysql\mysql5.7.19\bin\mysqld.exe [2017-06-22 39496704]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2017-04-05 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]

-----------------EOF-----------------

Re: Kontrola

Napsal: 08 srp 2018 10:07
od Kodlz
Ahoj,
Poprosim o vlozeni logu FRST.txt a Addition.txt z aplikace FRSTLauncher.exe (Farbar Recovery Scan Tool). Navod naleznes zde: https://forum.viry.cz/viewtopic.php?f=13&t=152707
Obsah Additional.txt muzes vlozit rovnou sem do vlakna.

Re: Kontrola

Napsal: 08 srp 2018 13:05
od vovsova
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
Ran by Petra (administrator) on PETRA-THINK (08-08-2018 14:03:36)
Running from C:\Users\Petra\Desktop
Loaded Profiles: Petra (Available Profiles: UpdatusUser & Petra)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(UPEK Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(forum.viry.cz) C:\Users\Petra\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-03-14] (Conexant systems, Inc.)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-07-18] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-372936869-4241919955-545115080-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
HKU\S-1-5-21-372936869-4241919955-545115080-1001\...\MountPoints2: {940c94c6-c2b0-11e0-a15b-806e6f6e6963} - Q:\LenovoQDrive.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [185816 2015-12-22] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164008 2015-12-22] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
ShellExecuteHooks-x32: No Name - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C8C03687-8074-4019-A856-608B8206A041}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-372936869-4241919955-545115080-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-372936869-4241919955-545115080-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-372936869-4241919955-545115080-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-372936869-4241919955-545115080-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-04-05] (AVAST Software)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2011-07-12] (Symantec Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> No File
BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-04-05] (AVAST Software)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> No File
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - No File

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [VIP@verisign.com] - => not found
FF HKLM-x32\...\Firefox\Extensions: [{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}] - C:\Program Files\Logitech\ScrollApp\LogiSmoothFirefoxExt
FF Extension: (Logitech Scroll App) - C:\Program Files\Logitech\ScrollApp\LogiSmoothFirefoxExt [2011-10-01] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-28] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-28] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-06-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default [2018-08-08]
CHR Extension: (Prezentace) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-20]
CHR Extension: (Dokumenty) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Disk Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-05]
CHR Extension: (YouTube) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-05]
CHR Extension: (Vyhledávání Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-05]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-08-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-09]
CHR Extension: (Gmail) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-05]
CHR Extension: (Chrome Media Router) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-02]
CHR Profile: C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-08-06]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-07-18] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-07-18] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [477032 2011-03-23] (Lenovo.)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
S2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [710144 2016-04-22] (Lenovo.)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [82544 2011-07-12] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [197160 2018-07-18] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229392 2018-07-18] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201328 2018-07-18] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-07-18] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59592 2018-07-18] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239680 2018-07-18] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-07-18] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [159640 2018-07-18] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111872 2018-07-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85968 2018-07-18] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027728 2018-07-18] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467064 2018-07-30] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [211160 2018-07-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381584 2018-07-18] (AVAST Software)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [308368 2015-12-22] (NVIDIA Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-08-09] ()
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13840 2009-03-13] (UPEK Inc.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-08 14:03 - 2018-08-08 14:03 - 000029696 _____ C:\Users\Petra\AppData\Local\MSGBOX.EXE
2018-08-08 14:03 - 2018-08-08 14:03 - 000017169 _____ C:\Users\Petra\Desktop\FRST.txt
2018-08-08 14:03 - 2018-08-08 14:03 - 000015327 _____ C:\Users\Petra\Desktop\LM.bat
2018-08-08 13:54 - 2018-08-08 13:54 - 000112640 _____ (forum.viry.cz) C:\Users\Petra\Downloads\FRSTLauncher.exe
2018-08-08 13:54 - 2018-08-08 13:54 - 000112640 _____ (forum.viry.cz) C:\Users\Petra\Desktop\FRSTLauncher.exe
2018-08-07 13:10 - 2018-08-07 13:10 - 000000000 ____D C:\Users\Petra\Desktop\provozovani
2018-08-07 12:24 - 2018-08-07 12:23 - 002412544 _____ (Farbar) C:\Users\Petra\Desktop\FRST64.exe
2018-08-07 12:23 - 2018-08-07 12:23 - 002412544 _____ (Farbar) C:\Users\Petra\Downloads\FRST64 (3).exe
2018-08-06 19:26 - 2018-08-06 19:26 - 002412544 _____ (Farbar) C:\Users\Petra\Downloads\FRST64 (2).exe
2018-08-06 19:23 - 2018-08-06 19:23 - 026907467 _____ C:\Users\Petra\Downloads\TeamViewerPortable (1).zip
2018-08-06 14:37 - 2018-08-06 14:37 - 007417040 _____ (Malwarebytes) C:\Users\Petra\Desktop\adwcleaner_7.2.2.exe
2018-08-06 13:24 - 2018-08-06 13:24 - 001222144 _____ C:\Users\Petra\Downloads\RSITx64 (3).exe
2018-08-06 13:21 - 2018-08-06 13:21 - 000043042 _____ C:\Users\Petra\Documents\cc_20180806_132103.reg
2018-08-06 13:07 - 2018-07-18 13:05 - 000378072 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-08-03 12:27 - 2018-08-03 12:27 - 000626028 _____ C:\Users\Petra\Downloads\cesky_slovnik_pro_kontrolu_pravopisu-1.1.0-fx+sm+tb (4).xpi
2018-08-02 14:23 - 2018-08-02 14:23 - 000626028 _____ C:\Users\Petra\Downloads\cesky_slovnik_pro_kontrolu_pravopisu-1.1.0-fx+sm+tb (3).xpi
2018-08-02 14:15 - 2018-08-02 14:15 - 000626028 _____ C:\Users\Petra\Downloads\cesky_slovnik_pro_kontrolu_pravopisu-1.1.0-fx+sm+tb (2).xpi
2018-08-02 14:11 - 2018-08-02 14:11 - 000626028 _____ C:\Users\Petra\Downloads\cesky_slovnik_pro_kontrolu_pravopisu-1.1.0-fx+sm+tb.xpi
2018-08-02 14:11 - 2018-08-02 14:11 - 000626028 _____ C:\Users\Petra\Downloads\cesky_slovnik_pro_kontrolu_pravopisu-1.1.0-fx+sm+tb (1).xpi
2018-08-01 15:30 - 2018-08-01 15:30 - 000000000 ____D C:\Users\Petra\AppData\Local\TeamViewer
2018-08-01 14:35 - 2018-08-01 14:35 - 000000000 ____D C:\Users\Petra\AppData\Roaming\TeamViewer
2018-08-01 14:34 - 2018-08-01 14:34 - 026907467 _____ C:\Users\Petra\Downloads\TeamViewerPortable.zip
2018-07-22 14:56 - 2018-07-22 14:56 - 000814942 _____ C:\Users\Petra\Desktop\vyhlaskaVaK20182019.pdf
2018-07-22 14:56 - 2018-07-22 14:56 - 000511300 _____ C:\Users\Petra\Desktop\zakonVaK.pdf
2018-07-22 14:54 - 2018-07-22 14:54 - 000868458 _____ C:\Users\Petra\Desktop\vyhlaskaVaK20162017.pdf
2018-07-22 14:52 - 2018-07-22 14:52 - 000853444 _____ C:\Users\Petra\Desktop\vyhlaskaVaK2018.pdf
2018-07-22 14:45 - 2018-07-22 14:45 - 001770306 _____ C:\Users\Petra\Downloads\ISPOP_Manual_pro_bilancni_formulare_2018_verze 1.0.pdf
2018-07-22 14:44 - 2018-07-22 14:44 - 001460055 _____ C:\Users\Petra\Downloads\vi101_00237612_2018.pdf
2018-07-22 14:43 - 2018-07-22 14:43 - 000759127 _____ C:\Users\Petra\Downloads\vh8b01_00237612_2018.pdf
2018-07-18 13:01 - 2018-07-18 13:01 - 000072100 _____ C:\Users\Petra\Documents\cc_20180718_130135.reg
2018-07-18 12:56 - 2018-07-18 12:56 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-07-18 12:55 - 2018-07-18 12:55 - 015989160 _____ (Piriform Ltd) C:\Users\Petra\Downloads\ccsetup544.exe
2018-07-18 12:55 - 2018-07-18 12:55 - 015989160 _____ (Piriform Ltd) C:\Users\Petra\Downloads\ccsetup544 (1).exe
2018-07-11 21:33 - 2018-07-11 21:33 - 009536812 _____ C:\Users\Petra\Downloads\drive-download-20180711T193300Z-001.zip
2018-07-11 21:13 - 2018-07-11 21:13 - 000033181 _____ C:\Users\Petra\Downloads\Vyuctovani_2018_05-1335909460.pdf
2018-07-11 21:13 - 2018-07-11 21:13 - 000032842 _____ C:\Users\Petra\Downloads\Vyuctovani_2018_06-1337126567.pdf
2018-07-11 21:13 - 2018-07-11 21:13 - 000032712 _____ C:\Users\Petra\Downloads\Vyuctovani_2018_04-1334689922.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-08 14:03 - 2016-03-01 18:52 - 000000000 ____D C:\FRST
2018-08-08 14:01 - 2009-07-14 06:45 - 000031296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-08 14:01 - 2009-07-14 06:45 - 000031296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-08 13:43 - 2011-10-03 14:25 - 000000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2018-08-08 13:42 - 2011-08-09 20:10 - 000000000 ____D C:\ProgramData\NVIDIA
2018-08-08 13:42 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-07 18:29 - 2009-07-14 07:08 - 000032560 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-08-07 12:24 - 2016-03-01 18:52 - 000013834 _____ C:\Users\Petra\Downloads\FRST.txt
2018-08-06 23:04 - 2015-12-03 17:16 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-08-06 23:04 - 2011-08-09 20:10 - 000000000 ____D C:\Users\UpdatusUser
2018-08-06 23:04 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration
2018-08-06 19:40 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\Web
2018-08-06 14:44 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-08-06 14:38 - 2016-03-01 23:16 - 000000000 ____D C:\AdwCleaner
2018-08-06 13:24 - 2012-08-22 15:35 - 000000000 ____D C:\Program Files\trend micro
2018-08-06 13:18 - 2012-07-15 20:08 - 000000000 ____D C:\Users\Petra\AppData\Roaming\XnView
2018-08-06 13:18 - 2011-10-01 15:49 - 000000000 ____D C:\Users\Petra\AppData\Local\CrashDumps
2018-08-06 13:09 - 2017-02-08 11:49 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-08-06 13:09 - 2014-11-24 20:39 - 000001893 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-08-06 13:06 - 2011-10-01 02:14 - 000000000 ____D C:\Users\Petra
2018-07-30 13:05 - 2011-11-08 18:06 - 000000000 ____D C:\Users\Petra\AppData\Local\Thunderbird
2018-07-30 12:57 - 2018-04-05 13:25 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-07-30 12:42 - 2012-01-26 15:29 - 000467064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-07-22 14:56 - 2011-10-06 16:26 - 002010112 ___SH C:\Users\Petra\Desktop\Thumbs.db
2018-07-21 17:18 - 2012-01-06 04:01 - 003844608 ___SH C:\Users\Petra\Downloads\Thumbs.db
2018-07-19 15:20 - 2011-09-30 23:44 - 000000000 ____D C:\Users\Petra\AppData\Roaming\vlc
2018-07-18 13:51 - 2011-10-08 13:34 - 000000000 ____D C:\Users\Petra\AppData\Roaming\ICQ
2018-07-18 13:39 - 2016-05-15 11:24 - 000000000 ____D C:\ProgramData\Skype
2018-07-18 13:23 - 2013-02-26 16:39 - 000842240 _____ C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-07-18 13:23 - 2012-02-22 21:55 - 000175104 _____ C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-18 13:23 - 2012-02-22 21:55 - 000000000 ____D C:\Windows\system32\Macromed
2018-07-18 13:23 - 2011-08-09 20:14 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-07-18 13:11 - 2018-04-05 13:22 - 000000000 ____D C:\Users\Petra\AppData\Local\AVAST Software
2018-07-18 13:05 - 2018-01-04 21:25 - 000239680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-07-18 13:05 - 2017-11-10 20:50 - 000197160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-07-18 13:05 - 2017-02-08 11:49 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-07-18 13:05 - 2017-02-08 11:49 - 000229392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-07-18 13:05 - 2017-02-08 11:49 - 000201328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-07-18 13:05 - 2017-02-08 11:49 - 000059592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-07-18 13:05 - 2014-08-03 21:03 - 000046976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-07-18 13:05 - 2014-03-24 19:39 - 000211160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-07-18 13:05 - 2013-04-12 00:15 - 000381584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-07-18 13:05 - 2013-04-12 00:15 - 000085968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-07-18 13:05 - 2012-04-15 13:58 - 000111872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-07-18 13:05 - 2012-01-26 15:29 - 001027728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-07-18 13:05 - 2012-01-26 15:29 - 000159640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-07-18 13:02 - 2016-11-29 20:58 - 000003388 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-07-18 13:02 - 2016-11-29 20:58 - 000003260 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-07-18 12:56 - 2011-10-01 03:12 - 000000793 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-07-18 12:56 - 2011-10-01 03:12 - 000000000 ____D C:\Program Files\CCleaner

==================== Files in the root of some directories =======

2017-01-09 20:43 - 2017-01-09 20:47 - 000004608 _____ () C:\Users\Petra\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-08-08 14:03 - 2018-08-08 14:03 - 000029696 _____ () C:\Users\Petra\AppData\Local\MSGBOX.EXE
2012-04-15 13:59 - 2012-04-15 14:00 - 000007597 _____ () C:\Users\Petra\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2015-08-14 14:29 - 2015-07-29 22:08 - 000681097 _____ (SQLite Development Team) C:\Users\Petra\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-08-06 16:57

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by Petra (08-08-2018 14:04:09)
Running from C:\Users\Petra\Desktop
Windows 7 Professional Service Pack 1 (X64) (2011-10-01 00:14:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-372936869-4241919955-545115080-500 - Administrator - Disabled)
Guest (S-1-5-21-372936869-4241919955-545115080-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-372936869-4241919955-545115080-1003 - Limited - Enabled)
Petra (S-1-5-21-372936869-4241919955-545115080-1001 - Administrator - Enabled) => C:\Users\Petra
UpdatusUser (S-1-5-21-372936869-4241919955-545115080-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.3.0.151 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0.1 - Adobe Systems Incorporated)
Adobe Reader 9.4.0 - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Apple Application Support (HKLM-x32\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
ArcGIS Desktop 10 (HKLM-x32\...\{64665955-E1A1-4A8B-BFFA-673A95318909}) (Version: 10.0.2414 - Environmental Systems Research Institute, Inc.) Hidden
ArchiCAD 15 R1 CZE (HKLM\...\001FFF2FFF15FF00FF1101F01F02F000-R1) (Version: 15.0 - Graphisoft)
AutoCAD 2011 - česky (HKLM\...\{5783F2D7-9001-0405-0102-0060B0CE6BBA}) (Version: 18.1.116.0 - Autodesk) Hidden
AutoCAD 2011 - česky (HKLM\...\AutoCAD 2011 - česky) (Version: 18.1.49.0 - Autodesk)
AutoCAD 2011 - česky Version 2.1 (HKLM\...\AutoCAD 2011 - česky Version 2.1) (Version: 1 - Autodesk)
AutoCAD 2011 Language Pack - česky (HKLM\...\{5783F2D7-9001-0405-1102-0060B0CE6BBA}) (Version: 18.1.49.0 - Autodesk) Hidden
Autodesk Material Library 2011 (HKLM-x32\...\{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Base Image library (HKLM-x32\...\{CD1E078C-A6B9-47DA-B035-6365C85C7832}) (Version: 2.0.0.49 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 67.1.664.100 - AVAST Software)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Čeština pro ArcGIS Desktop 10.0 SP3 (HKLM-x32\...\Čeština pro ArcGIS Desktop 10.0 SP3 1.0) (Version: 1.0 - ARCDATA PRAHA)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.5 - Conexant)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.890 - Corel Inc.)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.10 - Piriform)
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HEC-RAS 4.1.0 (HKLM-x32\...\{692F1402-6F45-42F3-9D82-9AAEFBFAD4A1}) (Version: 4.1.0 - Hydrologic Engineering Center)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2321 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.10 - Lenovo)
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.2 - Lenovo Inc.)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Lenovo)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
Logitech Scroll App 2.0 (HKLM\...\Sn1) (Version: 2.00.43 - Logitech)
Logitech SetPoint 6.30 (HKLM\...\sp6) (Version: 6.30.43 - Logitech)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - )
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.8.0 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 cs)) (Version: 45.8.0 - Mozilla)
MPVAK_Zprac (HKLM-x32\...\{2F22E02D-A82B-4651-BE55-DE9739510B65}) (Version: 1.0.0 - V+WARE)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mview 11.22 "c:\MisysView\" (HKLM-x32\...\Mview_0) (Version: - )
NVIDIA nView 146.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 146.78 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 354.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 354.45 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.16.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.16.0 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 354.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 354.45 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.22.00 - )
OpenOffice.org 3.3 (HKLM-x32\...\{10B43A43-FF73-47FD-83E8-A503E84F9ED6}) (Version: 3.3.9567 - OpenOffice.org)
Ovládací panel NVIDIA 354.45 (HKLM\...\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 354.45 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Architect (HKLM-x32\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.2 - pdfforge)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RapidBoot (HKLM-x32\...\{C83D5AA1-6A1F-4102-8F7F-C0230DD31FC0}) (Version: 1.00 - Lenovo) Hidden
RapidBoot (HKLM-x32\...\InstallShield_{C83D5AA1-6A1F-4102-8F7F-C0230DD31FC0}) (Version: 1.00 - Lenovo)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.13.18.02 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.13.18.02 - RICOH)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.16041.12 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.16041.12 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16035.2 - ) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16035.2 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0042 - Lenovo)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.1500 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.22 - )
ThinkPad Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.48 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.73 - Lenovo)
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.01 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.06 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{502EE63C-9A62-4330-8F8B-1EAB51B7BB46}) (Version: 5.9.4.6882 - UPEK Inc.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.2.141 - VeriSign)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Intel (e1cexpress) Net (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows Driver Package - Intel (MEIx64) System (10/19/2010 7.0.0.1144) (HKLM\...\90FD26A77B849AE03FF5F07A1CDA7F950406A8D8) (Version: 10/19/2010 7.0.0.1144 - Intel)
Windows Driver Package - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows Driver Package - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\A513FC5E5A08D4EF27F234E91E0E942A0234210B) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows Driver Package - Intel System (10/04/2010 9.2.0.1015) (HKLM\...\FE1BEBFD475BB832AAF104F5C63348E98A9286DF) (Version: 10/04/2010 9.2.0.1015 - Intel)
Windows Driver Package - Intel USB (09/16/2010 9.2.0.1013) (HKLM\...\D97688B8E3830BF9820E15EB8D9552DCBF988CFD) (Version: 09/16/2010 9.2.0.1013 - Intel)
Windows Driver Package - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (HKLM\...\466E9B20D871055D6D3CDA2CDD1D355E978A61AF) (Version: 11/11/2010 1.61.00.11 - Lenovo)
Windows Driver Package - Ricoh Company SD Host Controller (03/23/2011 6.10.10.30) (HKLM\...\4534F449D55EE49DEE206B3D9A3B1811E1A495EA) (Version: 03/23/2011 6.10.10.30 - Ricoh Company)
Windows Driver Package - Synaptics (SynTP) Mouse (03/24/2011 15.2.19.0) (HKLM\...\5DF942712DC7660AE4A1B04809A1C3F67B0CA27C) (Version: 03/24/2011 15.2.19.0 - Synaptics)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
XnView 1.98.8 (HKLM-x32\...\XnView_is1) (Version: 1.98.8 - Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-372936869-4241919955-545115080-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-372936869-4241919955-545115080-1001_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-372936869-4241919955-545115080-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-372936869-4241919955-545115080-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2011\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-372936869-4241919955-545115080-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-18] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-18] (AVAST Software)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2010-02-10] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2010-02-10] (Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-18] (AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2012-06-06] (Piriform Ltd)
ContextMenuHandlers1-x32: [PDFArchitectExtension] -> {DBDB3433-0E01-40CE-A026-D9F54FAC3CA9} => C:\Program Files (x86)\PDF Architect\ContextMenuExt.dll [2013-01-09] (pdfforge GbR)
ContextMenuHandlers1-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-18] (AVAST Software)
ContextMenuHandlers3: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers4: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2015-12-22] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-03-06] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-11-05] (NVIDIA Corporation)
ContextMenuHandlers5: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-18] (AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2012-06-06] (Piriform Ltd)
ContextMenuHandlers6: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01080A27-DFDF-4B25-8677-C267BABE6F35} - \GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001Core -> No File <==== ATTENTION
Task: {0D7411C9-4E45-435B-9C1C-CFD28CB28439} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {3E876F37-83FE-46F4-B007-1087FEC4CAE1} - System32\Tasks\AdobeAAMUpdater-1.0-Petra-THINK-Petra => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-09-04] (Adobe Systems Incorporated)
Task: {4968D6C1-3F40-4C3B-AF65-E7E952090880} - \GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001UA -> No File <==== ATTENTION
Task: {5AFCAF84-5098-4B15-B29C-EA502A8E61C3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-08] (AVAST Software)
Task: {5F901082-53FF-412C-A2CF-CE8E480FF9D7} - System32\Tasks\{F77691F1-C68B-4E7D-A06E-DE9DC36ACE6D} => "c:\users\petra\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/5.0.0.152.375/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome&#058;notoffered;disabled
Task: {616288F0-19DD-4113-AE57-EB2258B847CE} - System32\Tasks\{7CABE866-ADE9-4085-AC65-5B008BA3F084} => C:\Windows\system32\pcalua.exe -a C:\Users\Petra\Downloads\setup_basic_3500.exe -d C:\Users\Petra\Downloads
Task: {73EBF79E-C293-4857-9626-6F98CF40B361} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {77BE9395-1707-487B-B7B9-F0130FC6C891} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {848E0C4F-C784-4046-932A-A1FD1309435F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {8B39CB01-FB29-4C32-AA8A-13A48B89430A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-12] (Adobe Systems Incorporated)
Task: {90260AF4-FC52-4424-A20E-A454C7F5970B} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {95464A3B-BDE0-47FE-8375-1C06F1F6C031} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {9C2CEBB8-EE25-4423-8D56-08E8A1BD5070} - System32\Tasks\{4E1A3B1B-A57D-4BDF-8E89-BAB35166E82B} => C:\Program Files (x86)\HEC\HEC-RAS\4.1.0\ras.exe [2010-03-03] (Hydrologic Engineering Center)
Task: {A7A5977E-E523-43C6-89A7-44A5C654A7D7} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-28] ()
Task: {AA85A015-C6BF-4F03-B35C-504FD9E0FACF} - System32\Tasks\vypnout => shutdown [Argument = -s]
Task: {B2D3C176-8718-451D-B696-88DCEC85EBDD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {B38EFE42-45DB-423C-93CB-22ECB500F0DE} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-03-23] (Lenovo Group Limited)
Task: {BE5C061D-F57A-484F-AAB0-AD85C61A2818} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {D74E00FA-FA9A-4A78-BB39-6126DA74F355} - System32\Tasks\{CFBF3F30-5580-42C7-BACE-BD716591C1AD} => C:\Program Files (x86)\HEC\HEC-RAS\4.1.0\ras.exe [2010-03-03] (Hydrologic Engineering Center)
Task: {D88A0635-50F7-45EA-A9F8-C29727DC08E1} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {DB5DF949-D6EE-4572-8E9B-F2361555EA42} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-07-18] (AVAST Software)
Task: {E0832DBE-B737-4C32-A093-C0E39007769F} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {E31A8004-F2E7-4298-A4B6-4B8992A8AFF6} - System32\Tasks\{16E0A721-1928-4446-88B1-23698581B436} => "c:\users\petra\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/5.0.0.152.375/cs/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome&#058;notoffered;disabled
Task: {EFAC98AC-4466-4F95-99D4-DDB77EFA156D} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {F1D05380-89B3-4F7F-B04B-9B799783321F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {F20A5CB7-F5E6-4BD8-B129-8B210A78779D} - System32\Tasks\{3D56F7A4-9736-4C25-A2AE-C0A17FCC8A78} => C:\Windows\system32\pcalua.exe -a C:\Users\Petra\Downloads\ArcGIS_Desktop10_122519\10UninstallUtility.exe -d C:\Users\Petra\Downloads\ArcGIS_Desktop10_122519
Task: {FBD22A3B-DB42-400B-BC56-FCF8687D052C} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe [2009-02-10] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2010-12-17 22:53 - 2010-12-17 22:53 - 001501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-08-09 20:09 - 2015-12-22 11:33 - 000020624 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-09-11 20:02 - 2015-09-11 20:02 - 000803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2012-07-16 11:10 - 2015-12-22 11:36 - 000726160 _____ () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll
2012-07-16 11:10 - 2015-11-05 13:51 - 000126256 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-08-09 20:09 - 2011-03-06 13:07 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2018-06-24 13:26 - 2018-06-24 13:26 - 000084808 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2009-05-28 07:09 - 2009-05-28 07:09 - 000049976 _____ () C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
2018-07-18 13:05 - 2018-07-18 13:05 - 000599768 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2018-07-18 13:05 - 2018-07-18 13:05 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-07-18 13:05 - 2018-07-18 13:05 - 000928984 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-07-18 13:05 - 2018-07-18 13:05 - 000532696 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-07-18 13:05 - 2018-07-18 13:05 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-07-18 13:05 - 2018-07-18 13:05 - 000985304 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-08-08 13:45 - 2018-08-08 13:45 - 005984912 _____ () C:\Program Files\AVAST Software\Avast\defs\18080802\algo.dll
2011-08-09 20:09 - 2015-12-22 11:33 - 000020808 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2018-04-05 14:16 - 2018-04-05 14:16 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-07-18 13:05 - 2018-07-18 13:05 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-372936869-4241919955-545115080-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-372936869-4241919955-545115080-1001\...\mojebanka.cz -> hxxps://www.mojebanka.cz

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-03-03 23:45 - 000000841 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-372936869-4241919955-545115080-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Petra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk => C:\Windows\pss\Logitech . Registrace produktu.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Petra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge =>
MSCONFIG\startupreg: ALCKRESI.EXE => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ConnecitfyTemp 3 => cmd /Q /C "rmdir /S /Q C:\Users\Petra\AppData\Local\Temp\Connectify\3"
MSCONFIG\startupreg: ConnecitfyTemp 5 => cmd /Q /C "rmdir /S /Q C:\Users\Petra\AppData\Local\Temp\Connectify\5"
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: FlashPlayerUpdate => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_191_ActiveX.exe -update activex
MSCONFIG\startupreg: ForteConfig => C:\Program Files\Conexant\ForteConfig\fmapp.exe
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Lenovo Registration => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
MSCONFIG\startupreg: LENOVO.TPKNRRES => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
MSCONFIG\startupreg: LogiScrollApp => C:\Program Files\Logitech\ScrollApp\KhalScroll.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: nwiz => "C:\Program Files\NVIDIA Corporation\nview\nwiz.exe" /installquiet
MSCONFIG\startupreg: PWMTRV => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RotateImage => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{07F5F816-8FA3-4735-B9A3-5B929143FE88}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{F7ECF5B0-901E-4FAF-96E6-9F292FB3EE28}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{546F25B4-C8B0-46FC-9CC9-A1DF853A1145}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C324314F-2702-4D92-9C8E-38F0D58F2EE8}] => (Allow) LPort=2869
FirewallRules: [{39550C75-6348-4F82-ACC8-C153BCBE3653}] => (Allow) LPort=1900
FirewallRules: [{0926AF58-3445-4A17-BBD8-57B46BA33B47}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{89258838-BAF7-4B64-8F52-8BBDED0E0FE2}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{C308A9B3-33EA-42E6-8471-36ED3271AFCF}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
FirewallRules: [{85364B5E-C2F0-4654-9D05-2EBEE6FBD84E}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
FirewallRules: [{6131A5C7-CECE-4362-A2F2-064266A7073F}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
FirewallRules: [{BCA800F0-E5E2-4531-B02F-4FE62BB50F95}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
FirewallRules: [{3F1FBCCA-986B-4D8F-9339-27CD378ECBD3}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\ArchiCAD.exe
FirewallRules: [{60AA9F1B-0FD6-45F3-987E-87EC96BDB1B7}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\ArchiCAD.exe
FirewallRules: [{D3B999F5-9876-4FCA-A664-568EFDD848B4}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{9511C09C-B480-466F-9A5B-9A6D4FBD182B}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [TCP Query User{F97EB85D-D68E-443C-A3FE-37B23A580712}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{4085A54C-BD8A-47BC-B3A3-79D82C6747C0}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{705F6FB4-0739-4B05-A8B2-7A7F74A4047A}C:\program files\graphisoft\archicad 15\gsreport.exe] => (Allow) C:\program files\graphisoft\archicad 15\gsreport.exe
FirewallRules: [UDP Query User{00B72E0C-5224-4726-81B3-DF18067BF3B7}C:\program files\graphisoft\archicad 15\gsreport.exe] => (Allow) C:\program files\graphisoft\archicad 15\gsreport.exe
FirewallRules: [TCP Query User{3B2B154F-1D4A-4110-9A6C-AB5EEF48F618}C:\program files\graphisoft\archicad 15\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 15\archicad.exe
FirewallRules: [UDP Query User{7D980041-FDF0-4E60-97D4-0208B6CEFE6F}C:\program files\graphisoft\archicad 15\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 15\archicad.exe
FirewallRules: [TCP Query User{96A48134-2F0D-45D7-8367-A9837E4FC34C}C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe] => (Allow) C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe
FirewallRules: [UDP Query User{60D094F3-3DD3-4416-AD75-44CE709AD33B}C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe] => (Allow) C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe
FirewallRules: [TCP Query User{76FF5364-004C-44C8-9E45-CB84C81E909D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{BC17B20C-ACC8-48A6-8D6B-10EA187F4581}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{BD62F89D-E483-4848-9917-34552EDF49CD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B4747A9A-7314-4A61-BDF2-E1B0E72569BF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{69239DD7-4A0F-4C8E-AAD3-A9E4455D7B70}C:\program files\graphisoft\archicad 15\licensefilegenerator.exe] => (Allow) C:\program files\graphisoft\archicad 15\licensefilegenerator.exe
FirewallRules: [UDP Query User{B7B27436-3AEA-4A60-AD30-2F4DFE0820A4}C:\program files\graphisoft\archicad 15\licensefilegenerator.exe] => (Allow) C:\program files\graphisoft\archicad 15\licensefilegenerator.exe
FirewallRules: [{E4AE1CEC-8196-4395-8A6B-AA5A315EE8A5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{3D810F52-58B3-4C0F-A422-BD9F4CCC43D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{7E7505FA-E133-4EF3-A9D6-F99DF29CBA4B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{0128A930-A119-4BB9-8C41-A24AD4C7B3A4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{AEC84B97-21FC-47CD-8F00-973B2722C463}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{7C7D6DE0-7253-49A6-A0E6-94E191769D14}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [TCP Query User{50FFC479-B8F0-4876-B696-9EDCF27FD64B}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{4113F713-C85A-4D00-AFCE-E61457824467}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe
FirewallRules: [TCP Query User{BA9A95D6-6DD2-458D-9AFD-68830D2B3918}C:\Program Files\graphisoft\archicad 15\licensefilegenerator.exe] => (Allow) C:\Program Files\graphisoft\archicad 15\licensefilegenerator.exe
FirewallRules: [UDP Query User{5E15ABA8-F0F7-4E91-B82B-66A146A07F1B}C:\Program Files\graphisoft\archicad 15\licensefilegenerator.exe] => (Allow) C:\Program Files\graphisoft\archicad 15\licensefilegenerator.exe
FirewallRules: [{E31EB53A-575E-4E7C-AC15-27F1D150C2CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5600ABAC-EE11-4CB1-A0E5-8685D736CC20}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{363D5FF4-44FF-419F-8474-1D677ADD08B9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{57C229E1-86EF-4100-9D3B-F8C416C7B5F8}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{39EB6AF8-1611-459F-92AF-0DABDAF90995}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{D7379758-E931-4D8A-8EF7-2061BB772378}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{6400AA76-5BEE-4498-A6E5-666E09679A85}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{FC7424E5-FB64-4819-BEF7-7BC64522EC40}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

==================== Restore Points =========================

02-07-2018 16:48:13 Naplánovaný kontrolní bod
18-07-2018 13:38:40 Removed Skype™ 7.0
01-08-2018 15:08:24 Naplánovaný kontrolní bod
06-08-2018 21:00:42 po emailu
07-08-2018 12:25:17 Installed ThinkPad Bluetooth with Enhanced Data Rate Software
07-08-2018 12:25:49 Installed ThinkPad Bluetooth with Enhanced Data Rate Software
08-08-2018 13:47:36 Installed ThinkPad Bluetooth with Enhanced Data Rate Software

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/08/2018 02:01:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (08/08/2018 02:01:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (08/08/2018 02:01:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (08/08/2018 02:01:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (08/08/2018 01:56:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (08/08/2018 01:52:53 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (08/08/2018 01:48:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (08/08/2018 01:48:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.


System errors:
=============
Error: (08/08/2018 01:45:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (08/08/2018 01:45:41 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
Přihlašovací chyba: Platnost hesla pro tuto registraci vypršela.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (08/08/2018 01:45:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/08/2018 01:45:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Google Update (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (08/08/2018 01:42:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Lenovo Platform Service bylo dosaženo časového limitu (30000 ms).

Error: (08/08/2018 01:42:11 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a36\SystemRoot\System32\Config\SOFTWARE

Error: (08/07/2018 06:31:09 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Služba WMI, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (08/07/2018 06:31:08 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Prohledávání počítačů, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.


Windows Defender:
===================================
Date: 2016-03-01 16:58:13.064
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=224129
Název:BrowserModifier:Win32/Yoursearching!blnk
ID:224129
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:containerfile:C:\Users\Petra\Desktop\Google Chrome.lnk;file:C:\Users\Petra\Desktop\Google Chrome.lnk->[CMDEmbedded]
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe

Date: 2016-03-01 16:58:13.064
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=224129
Název:BrowserModifier:Win32/Yoursearching!blnk
ID:224129
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:containerfile:C:\Users\Petra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk;file:C:\Users\Petra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk->[CMDEmbedded]
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe

Date: 2016-03-01 16:58:13.019
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=224129
Název:BrowserModifier:Win32/Yoursearching!blnk
ID:224129
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:containerfile:C:\Users\Petra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk;file:C:\Users\Petra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk->[CMDEmbedded]
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe

Date: 2015-04-28 07:55:33.264
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{DCC938BD-DB32-4789-905F-69BE109AC4F1}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2015-04-22 07:15:39.826
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{C4058E42-6042-43DC-B1EC-2D149BBEE8EC}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

CodeIntegrity:
===================================

Date: 2016-07-19 22:05:53.425
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-19 22:05:53.051
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 38%
Total physical RAM: 3983.23 MB
Available physical RAM: 2463.19 MB
Total Virtual: 7964.65 MB
Available Virtual: 6203.23 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:448.96 GB) (Free:41.31 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:5.68 GB) NTFS

\\?\Volume{940c94c4-c2b0-11e0-a15b-806e6f6e6963}\ (SYSTEM_DRV) (Fixed) (Total:1.17 GB) (Free:0.84 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: E6811184)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Re: Kontrola

Napsal: 08 srp 2018 13:45
od Kodlz
Na plose, tam kde mas umisteny FRST vytvor TXT soubor, ktery pojmenujes fixlist.txt a do nej vloz nasledujici text:

( Spusť znovu FRST a klikni na >Fix<. Po skončení akce se objeví log, který sem zkopíruj).
start
CreateRestorePoint:

CloseProcesses:

Hosts:

EmptyTemp:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
ShellExecuteHooks-x32: No Name - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> No File
BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> No File
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - No File
FF HKLM-x32\...\Firefox\Extensions: [VIP@verisign.com] - => not found
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => -> No File
ContextMenuHandlers1-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers3: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers4: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers5: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers6: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
Task: {01080A27-DFDF-4B25-8677-C267BABE6F35} - \GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001Core -> No File <==== ATTENTION
Task: {4968D6C1-3F40-4C3B-AF65-E7E952090880} - \GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001UA -> No File <==== ATTENTION
Task: {848E0C4F-C784-4046-932A-A1FD1309435F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {BE5C061D-F57A-484F-AAB0-AD85C61A2818} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
end

Re: Kontrola

Napsal: 08 srp 2018 14:04
od vovsova
Fix result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by Petra (08-08-2018 15:01:10) Run:1
Running from C:\Users\Petra\Desktop
Loaded Profiles: Petra (Available Profiles: UpdatusUser & Petra)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:

CloseProcesses:

Hosts:

EmptyTemp:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
ShellExecuteHooks-x32: No Name - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> No File
BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> No File
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - No File
FF HKLM-x32\...\Firefox\Extensions: [VIP@verisign.com] - => not found
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => -> No File
ContextMenuHandlers1-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers3: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers4: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers5: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers6: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
Task: {01080A27-DFDF-4B25-8677-C267BABE6F35} - \GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001Core -> No File <==== ATTENTION
Task: {4968D6C1-3F40-4C3B-AF65-E7E952090880} - \GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001UA -> No File <==== ATTENTION
Task: {848E0C4F-C784-4046-932A-A1FD1309435F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {BE5C061D-F57A-484F-AAB0-AD85C61A2818} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
end
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" => removed successfully
HKLM\SOFTWARE\WOW6432Node\Classes\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6}" => removed successfully
"HKLM\Software\Classes\PROTOCOLS\Handler\ms-help" => removed successfully

Re: Kontrola

Napsal: 08 srp 2018 14:14
od Kodlz
vypis neni uplny, muzes prosim znovu vlozit? dekuji

Re: Kontrola

Napsal: 08 srp 2018 14:19
od vovsova
FRST mi ikona z plochy zmizela a log je jen tahle kratky

Re: Kontrola

Napsal: 08 srp 2018 14:24
od vovsova
:shock:

Re: Kontrola

Napsal: 08 srp 2018 14:26
od Kodlz
tak zkus opakovat FIX, klidne s celym obsahem jak jsem psal predtim.

Re: Kontrola

Napsal: 08 srp 2018 14:42
od vovsova
stale stejne, ikona zmizela, log polovicni

Re: Kontrola

Napsal: 08 srp 2018 20:49
od vovsova
Objevil se dalsi problem. Kdyz chci otevrit word, otevre se okno s instalaci, pak to spadne do nespecifikovane chyby. Snazila jsme se od instalovat Office ale nelze. :-(

Re: Kontrola

Napsal: 08 srp 2018 20:50
od Kodlz
mas vypnuty antivirovy program?

Re: Kontrola

Napsal: 09 srp 2018 13:04
od vovsova
Uff dobry, Office muj muz rozchodil a fix uz dobehl.
Fix result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by Petra (09-08-2018 13:41:07) Run:5
Running from C:\Users\Petra\Desktop
Loaded Profiles: Petra (Available Profiles: UpdatusUser & Petra)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:

CloseProcesses:

Hosts:

EmptyTemp:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
ShellExecuteHooks-x32: No Name - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> No File
BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> No File
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - No File
FF HKLM-x32\...\Firefox\Extensions: [VIP@verisign.com] - => not found
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => -> No File
ContextMenuHandlers1-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers3: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers4: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers5: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers6: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
Task: {01080A27-DFDF-4B25-8677-C267BABE6F35} - \GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001Core -> No File <==== ATTENTION
Task: {4968D6C1-3F40-4C3B-AF65-E7E952090880} - \GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001UA -> No File <==== ATTENTION
Task: {848E0C4F-C784-4046-932A-A1FD1309435F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {BE5C061D-F57A-484F-AAB0-AD85C61A2818} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
end
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Classes\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} => not found
"HKLM\Software\Classes\PROTOCOLS\Handler\ms-help" => removed successfully
HKLM\Software\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294} => not found
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\VIP@verisign.com" => removed successfully
"HKLM\System\CurrentControlSet\Services\dgderdrv" => removed successfully
dgderdrv => service removed successfully
"HKLM\System\CurrentControlSet\Services\EsgScanner" => removed successfully
EsgScanner => service removed successfully
"HKLM\System\CurrentControlSet\Services\MBAMSwissArmy" => removed successfully
MBAMSwissArmy => service removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub)" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7}" => removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub)" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}" => removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399}" => removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder)" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619}" => removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark)" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}" => removed successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{6C467336-8281-4E60-8204-430CED96822D}" => removed successfully
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX" => removed successfully
HKLM\Software\Classes\CLSID\{6C467336-8281-4E60-8204-430CED96822D} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX" => removed successfully
HKLM\Software\Classes\CLSID\{6C467336-8281-4E60-8204-430CED96822D} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX" => removed successfully
HKLM\Software\Classes\CLSID\{6C467336-8281-4E60-8204-430CED96822D} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX" => removed successfully
HKLM\Software\Classes\CLSID\{6C467336-8281-4E60-8204-430CED96822D} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01080A27-DFDF-4B25-8677-C267BABE6F35}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01080A27-DFDF-4B25-8677-C267BABE6F35}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001Core => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4968D6C1-3F40-4C3B-AF65-E7E952090880}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4968D6C1-3F40-4C3B-AF65-E7E952090880}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001UA => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{848E0C4F-C784-4046-932A-A1FD1309435F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{848E0C4F-C784-4046-932A-A1FD1309435F}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE5C061D-F57A-484F-AAB0-AD85C61A2818}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE5C061D-F57A-484F-AAB0-AD85C61A2818}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11346930 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 5187014 B
Edge => 0 B
Chrome => 25916154 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33253 B
systemprofile32 => 39173 B
LocalService => 128 B
NetworkService => 0 B
UpdatusUser => 0 B
Petra => 64948745 B

RecycleBin => 0 B
EmptyTemp: => 110.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:43:18 ====

Re: Kontrola

Napsal: 09 srp 2018 13:29
od Pakl
Můžete mně vysvětlit, jak došlo k tomu, že do mého vlákna se žádostí o kontrolu (předmět "Kontrola" se vložil jiný klient ("vovsova") a začal tam řešit s rádcem "Kodlz" jinou záležitost?
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz