VIRY.CZ

Dobrý den , prosím o preventivní kontrolu se zaměření na facebook havět. Vir mi rozšiřuje sám od sebe žádosti o přátelství.
Díky moc předem za pomoc.

RSIT:logfile of random's system information tool 1.10 (written by random/random)
Run by milan at 2018-08-26 19:57:01
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 70 GB (46%) free of 153 GB
Total RAM: 1527 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:59:54, on 26.8.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19101)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Program Files\Android-Sync\AndroidSync.exe
C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE
C:\Program Files\Clarus\Drive Manager\Drive Manager.exe
C:\Program Files\Clarus\Drive Manager\ABRTMonM.exe
C:\Program Files\Android-Sync\bin\adb.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Avira\Launcher\Avira.Systray.exe
C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\milan\Downloads\RSIT (1).exe
C:\Program Files\trend micro\milan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [AndroidSync] C:\Program Files\Android-Sync\AndroidSync.exe -m
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [Drive Manager] C:\Program Files\Clarus\Drive Manager\Drive Manager.exe -Hide
O4 - Global Startup: Drive Manager Real-Time.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\MSI\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: @C:\Program Files\Canon\IJ Scan Utility\SETEVENT.exe,-100 (CIJSRegister) - CANON INC. - C:\Program Files\Canon\IJ Scan Utility\SETEVENT.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Drive Manager Service (SZDrvSvc_General) - Clarus, Inc. - C:\Program Files\Clarus\Drive Manager\SZDrvSvcM.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

--
End of file - 6891 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 184488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 4452504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AndroidSync"=C:\Program Files\Android-Sync\AndroidSync.exe [2014-06-10 6252976]
"Avira SystrayStartTrigger"=C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [2018-08-03 98024]
"CanonQuickMenu"=C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [2017-07-05 1313408]
"Drive Manager"=C:\Program Files\Clarus\Drive Manager\Drive Manager.exe [2016-05-12 8284376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLLSuite2016]
C:\Program Files\DLL Suite\DLLSuite.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotPostWindows10UpgradeReInstall]
C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Drive Manager Real-Time.lnk - C:\Program Files\Clarus\Drive Manager\ABRTMonM.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDrives"=0
"RestrictRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"RestrictRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2018-08-26 19:57:01 ----D---- C:\rsit
2018-08-15 07:09:05 ----A---- C:\Windows\system32\cscdll.dll
2018-08-15 07:09:05 ----A---- C:\Windows\system32\cscapi.dll
2018-08-15 07:09:00 ----A---- C:\Windows\system32\mshtml.dll
2018-08-15 07:08:55 ----A---- C:\Windows\system32\ieframe.dll
2018-08-15 07:08:53 ----A---- C:\Windows\system32\wininet.dll
2018-08-15 07:08:53 ----A---- C:\Windows\system32\jscript9.dll
2018-08-15 07:08:52 ----A---- C:\Windows\system32\iertutil.dll
2018-08-15 07:08:50 ----A---- C:\Windows\system32\urlmon.dll
2018-08-15 07:08:50 ----A---- C:\Windows\system32\ntkrnlpa.exe
2018-08-15 07:08:49 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-08-15 07:08:49 ----A---- C:\Windows\system32\msi.dll
2018-08-15 07:08:49 ----A---- C:\Windows\system32\drivers\tcpip.sys
2018-08-15 07:08:48 ----A---- C:\Windows\system32\msimg32.dll
2018-08-15 07:08:48 ----A---- C:\Windows\system32\mf3216.dll
2018-08-15 07:08:48 ----A---- C:\Windows\system32\jscript.dll
2018-08-15 07:08:47 ----A---- C:\Windows\system32\vbscript.dll
2018-08-15 07:08:47 ----A---- C:\Windows\system32\msfeeds.dll
2018-08-15 07:08:47 ----A---- C:\Windows\system32\ieapfltr.dll
2018-08-15 07:08:47 ----A---- C:\Windows\system32\drivers\viac7.sys
2018-08-15 07:08:47 ----A---- C:\Windows\system32\drivers\processr.sys
2018-08-15 07:08:47 ----A---- C:\Windows\system32\drivers\intelppm.sys
2018-08-15 07:08:47 ----A---- C:\Windows\system32\drivers\amdppm.sys
2018-08-15 07:08:47 ----A---- C:\Windows\system32\drivers\amdk8.sys
2018-08-15 07:08:46 ----A---- C:\Windows\system32\win32k.sys
2018-08-15 07:08:46 ----A---- C:\Windows\system32\StructuredQuery.dll
2018-08-15 07:08:45 ----A---- C:\Windows\system32\ntdll.dll
2018-08-15 07:08:45 ----A---- C:\Windows\system32\msiexec.exe
2018-08-15 07:08:45 ----A---- C:\Windows\system32\iedkcs32.dll
2018-08-15 07:08:45 ----A---- C:\Windows\system32\fontsub.dll
2018-08-15 07:08:45 ----A---- C:\Windows\system32\drivers\ndis.sys
2018-08-15 07:08:44 ----A---- C:\Windows\system32\t2embed.dll
2018-08-15 07:08:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-15 07:08:44 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-08-15 07:08:44 ----A---- C:\Windows\system32\halmacpi.dll
2018-08-15 07:08:44 ----A---- C:\Windows\system32\halacpi.dll
2018-08-15 07:08:44 ----A---- C:\Windows\system32\hal.dll
2018-08-15 07:08:44 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-08-15 07:08:43 ----A---- C:\Windows\system32\webcheck.dll
2018-08-15 07:08:43 ----A---- C:\Windows\system32\jscript9diag.dll
2018-08-15 07:08:43 ----A---- C:\Windows\system32\hlink.dll
2018-08-15 07:08:43 ----A---- C:\Windows\system32\drivers\netio.sys
2018-08-15 07:08:43 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-08-15 07:08:43 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2018-08-15 07:08:43 ----A---- C:\Windows\system32\consent.exe
2018-08-15 07:08:43 ----A---- C:\Windows\system32\atmfd.dll
2018-08-15 07:08:42 ----A---- C:\Windows\system32\wdigest.dll
2018-08-15 07:08:42 ----A---- C:\Windows\system32\TSpkg.dll
2018-08-15 07:08:42 ----A---- C:\Windows\system32\srcore.dll
2018-08-15 07:08:42 ----A---- C:\Windows\system32\smss.exe
2018-08-15 07:08:42 ----A---- C:\Windows\system32\schannel.dll
2018-08-15 07:08:42 ----A---- C:\Windows\system32\rstrui.exe
2018-08-15 07:08:42 ----A---- C:\Windows\system32\rpcrt4.dll
2018-08-15 07:08:42 ----A---- C:\Windows\system32\msv1_0.dll
2018-08-15 07:08:42 ----A---- C:\Windows\system32\lsasrv.dll
2018-08-15 07:08:42 ----A---- C:\Windows\system32\kerberos.dll
2018-08-15 07:08:42 ----A---- C:\Windows\system32\advapi32.dll
2018-08-15 07:08:41 ----A---- C:\Windows\system32\sspicli.dll
2018-08-15 07:08:41 ----A---- C:\Windows\system32\srclient.dll
2018-08-15 07:08:41 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-08-15 07:08:41 ----A---- C:\Windows\system32\secur32.dll
2018-08-15 07:08:41 ----A---- C:\Windows\system32\rpchttp.dll
2018-08-15 07:08:41 ----A---- C:\Windows\system32\ncrypt.dll
2018-08-15 07:08:41 ----A---- C:\Windows\system32\lsass.exe
2018-08-15 07:08:41 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-08-15 07:08:41 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-08-15 07:08:41 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-08-15 07:08:41 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-08-15 07:08:41 ----A---- C:\Windows\system32\drivers\appid.sys
2018-08-15 07:08:41 ----A---- C:\Windows\system32\csrsrv.dll
2018-08-15 07:08:41 ----A---- C:\Windows\system32\cryptbase.dll
2018-08-15 07:08:41 ----A---- C:\Windows\system32\credssp.dll
2018-08-15 07:08:41 ----A---- C:\Windows\system32\bcrypt.dll
2018-08-15 07:08:41 ----A---- C:\Windows\system32\auditpol.exe
2018-08-15 07:08:41 ----A---- C:\Windows\system32\appidsvc.dll
2018-08-15 07:08:41 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-08-15 07:08:41 ----A---- C:\Windows\system32\appidapi.dll
2018-08-15 07:08:41 ----A---- C:\Windows\system32\apisetschema.dll
2018-08-15 07:08:40 ----A---- C:\Windows\system32\sspisrv.dll
2018-08-15 07:08:40 ----A---- C:\Windows\system32\msobjs.dll
2018-08-15 07:08:40 ----A---- C:\Windows\system32\msaudite.dll
2018-08-15 07:08:40 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-08-15 07:08:40 ----A---- C:\Windows\system32\adtschema.dll
2018-08-15 07:08:39 ----A---- C:\Windows\system32\ieui.dll
2018-08-15 07:08:37 ----A---- C:\Windows\system32\msrating.dll
2018-08-15 07:08:37 ----A---- C:\Windows\system32\mshtmled.dll
2018-08-15 07:08:37 ----A---- C:\Windows\system32\dxtrans.dll
2018-08-15 07:08:37 ----A---- C:\Windows\system32\dxtmsft.dll
2018-08-15 07:08:37 ----A---- C:\Windows\system32\authui.dll
2018-08-15 07:08:36 ----A---- C:\Windows\system32\occache.dll
2018-08-15 07:08:36 ----A---- C:\Windows\system32\msihnd.dll
2018-08-15 07:08:36 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-08-15 07:08:36 ----A---- C:\Windows\system32\jsproxy.dll
2018-08-15 07:08:36 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-15 07:08:36 ----A---- C:\Windows\system32\inseng.dll
2018-08-15 07:08:36 ----A---- C:\Windows\system32\ieUnatt.exe
2018-08-15 07:08:36 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-08-15 07:08:36 ----A---- C:\Windows\system32\ie4uinit.exe
2018-08-15 07:08:35 ----A---- C:\Windows\system32\tzres.dll
2018-08-15 07:08:35 ----A---- C:\Windows\system32\lpk.dll
2018-08-15 07:08:35 ----A---- C:\Windows\system32\iesetup.dll
2018-08-15 07:08:35 ----A---- C:\Windows\system32\iernonce.dll
2018-08-15 07:08:35 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-08-15 07:08:35 ----A---- C:\Windows\system32\dciman32.dll
2018-08-15 07:08:35 ----A---- C:\Windows\system32\atmlib.dll
2018-08-15 07:08:35 ----A---- C:\Windows\system32\appinfo.dll
2018-08-15 07:08:34 ----A---- C:\Windows\system32\msimsg.dll
2018-08-15 07:08:33 ----A---- C:\Windows\system32\ieetwcollectorres.dll

======List of files/folders modified in the last 1 month======

2018-08-26 19:57:17 ----D---- C:\Windows\Prefetch
2018-08-26 19:57:10 ----D---- C:\Windows\Temp
2018-08-26 19:57:10 ----D---- C:\Program Files\trend micro
2018-08-26 19:37:29 ----D---- C:\Windows\system32\config
2018-08-26 19:03:34 ----SHD---- C:\System Volume Information
2018-08-22 13:42:48 ----D---- C:\ProgramData\CanonIJPLM
2018-08-16 13:06:55 ----D---- C:\Windows\System32
2018-08-16 13:06:55 ----D---- C:\Windows\inf
2018-08-16 13:06:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-08-16 12:31:05 ----D---- C:\Windows\rescache
2018-08-16 11:21:41 ----SHD---- C:\Windows\Installer
2018-08-16 11:21:40 ----D---- C:\Config.Msi
2018-08-16 10:55:02 ----D---- C:\Windows\winsxs
2018-08-16 10:48:02 ----D---- C:\Program Files\Internet Explorer
2018-08-16 10:48:00 ----D---- C:\Windows\system32\drivers
2018-08-16 10:48:00 ----D---- C:\Windows\system32\cs-CZ
2018-08-16 10:47:58 ----D---- C:\Windows\system32\en-US
2018-08-16 10:47:48 ----D---- C:\Windows\system32\migration
2018-08-16 10:47:45 ----D---- C:\Windows\system32\DriverStore
2018-08-15 23:17:46 ----D---- C:\Windows\Microsoft.NET
2018-08-15 23:06:42 ----RSD---- C:\Windows\assembly
2018-08-15 22:50:24 ----D---- C:\Windows\system32\MRT
2018-08-15 22:50:11 ----AC---- C:\Windows\system32\MRT.exe
2018-08-15 22:49:55 ----D---- C:\ProgramData\Microsoft Help
2018-08-15 22:49:54 ----A---- C:\Windows\win.ini
2018-08-15 22:30:05 ----D---- C:\Windows\system32\catroot2
2018-08-15 07:11:24 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2018-08-15 07:11:16 ----D---- C:\Windows\system32\Macromed
2018-08-15 06:18:24 ----D---- C:\ProgramData\Package Cache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avdevprot;avdevprot; C:\Windows\system32\DRIVERS\avdevprot.sys [2017-06-13 46440]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 173288]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2018-07-07 147880]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2017-03-02 35840]
R1 NetworkX;NetworkX; C:\Windows\system32\ckldrv.sys [2008-03-17 19584]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2018-07-07 132448]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2017-03-02 59000]
R3 aeaudio;aeaudio; C:\Windows\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2009-07-14 159232]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2014-04-30 37344]
R3 mvdM23;mvdM23; \??\C:\Program Files\Clarus\Drive Manager\mvdM23.sys [2015-12-02 90160]
R3 smwdm;smwdm; C:\Windows\system32\drivers\smwdm.sys [2002-12-19 539008]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [2011-10-20 10064]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2018-02-10 52928]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 94208]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 cpuz134;cpuz134; \??\C:\Users\milan\AppData\Local\Temp\cpuz134\cpuz134_x32.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2015-12-08 101040]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2018-02-10 51904]
S3 snpmi03;VideoCAM NB 300; C:\Windows\system32\DRIVERS\snpmi03.sys [2004-01-12 186112]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2015-12-08 192944]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2018-02-10 52928]
S3 ViaC7;Ovladač procesoru VIA C7; C:\Windows\system32\drivers\viac7.sys [2018-08-02 53248]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-03-21 83984]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2018-08-08 231176]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2018-08-08 231176]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [2018-08-03 431144]
R2 CIJSRegister;@C:\Program Files\Canon\IJ Scan Utility\SETEVENT.exe,-100; C:\Program Files\Canon\IJ Scan Utility\SETEVENT.exe [2016-06-02 153736]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2014-04-30 233472]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2017-07-11 391744]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 SZDrvSvc_General;Drive Manager Service; C:\Program Files\Clarus\Drive Manager\SZDrvSvcM.exe [2016-05-12 24792]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2011-10-20 1479488]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [2018-08-08 890896]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [2018-08-08 1148568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-27 107848]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-15 335872]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-27 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-07-19 104960]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-10 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-10-04 47200]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]

-----------------EOF-----------------

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

Odporucam odinstalovat program Spybot, tento program je uz zastaraly.

Dobrý den, moc děkuji zasílám LOg .Spyboot jsem nenašel mezi instalovanými programy.Jak na to ?
-------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-08-24.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-27-2018
# Duration: 00:00:30
# OS: Windows 7 Home Premium
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SpybotPostWindows10UpgradeReInstall

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted izito.cz

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1344 octets] - [27/08/2018 07:20:47]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Tak zrejme to boli iba nejake zbytky po Spybot.

Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=154679

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23.08.2018
Ran by milan (27-08-2018 16:49:07)
Running from C:\Users\milan\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2012-01-01 14:04:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2709638672-2288162957-48926482-500 - Administrator - Enabled)
Guest (S-1-5-21-2709638672-2288162957-48926482-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2709638672-2288162957-48926482-1004 - Limited - Enabled)
milan (S-1-5-21-2709638672-2288162957-48926482-1000 - Administrator - Enabled) => C:\Users\milan

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (HKLM\...\{6553F4A8-B67F-49BA-A882-FF499C83CF4B}) (Version: 8.1.4 - Hewlett-Packard) Hidden
7-Zip 9.17 beta (HKLM\...\7-Zip) (Version: - )
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Photoshop Elements (HKLM\...\Adobe Photoshop Elements 1.0) (Version: 1.0 - Adobe Systems, Inc.)
Adobe SVG Viewer (HKLM\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.)
Avira (HKLM\...\{3EF074FE-D7BB-4237-A254-5E9D36C8DACA}) (Version: 1.2.118.18106 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM\...\{890aaa3c-e398-43d7-bbe0-f109738dd071}) (Version: 1.2.118.18106 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.39.5 - Avira Operations GmbH & Co. KG)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
Balíček ovladače systému Windows - Broadcom Corporation (bcbtums) Bluetooth (03/16/2012 6.5.1.2600) (HKLM\...\813EA266E806F300A8DAF30E5D823E268290B5D6) (Version: 03/16/2012 6.5.1.2600 - Broadcom Corporation)
Balíček ovladače systému Windows - Broadcom Corporation Bluetooth (03/16/2012 6.5.1.2600) (HKLM\...\13729598EDD1F263DD26E8584C5F347C88091A2E) (Version: 03/16/2012 6.5.1.2600 - Broadcom Corporation)
Balíček ovladače systému Windows - Broadcom Corporation Bluetooth (03/16/2012 6.5.1.2600) (HKLM\...\2A46B60EC8D844CB8197312FE2B88EF0F6B7E935) (Version: 03/16/2012 6.5.1.2600 - Broadcom Corporation)
Balíček ovladače systému Windows - Broadcom Corporation Bluetooth (03/16/2012 6.5.1.2600) (HKLM\...\ECAD4CB7FB923B839B29420FF9DFC73C3D3D28FE) (Version: 03/16/2012 6.5.1.2600 - Broadcom Corporation)
Balíček ovladače systému Windows - Broadcom HIDClass (09/11/2009 6.3.0.1500) (HKLM\...\CA3B55EAB525669DA92EC19475AF574597822688) (Version: 09/11/2009 6.3.0.1500 - Broadcom)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: 5.5.0 - Canon Inc.)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - )
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TS8000 series Elektronická příručka (HKLM\...\Canon TS8000 series Elektronická příručka) (Version: 1.1.0 - Canon Inc.)
Canon TS8000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS8000_series) (Version: 1.01 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Drive Manager (HKLM\...\{7AE0C124-77B6-4111-8BD1-26D218CE231B}) (Version: 1.0.179 - Clarus, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HP Commercial Scanjet 5590 TWAIN Driver (HKLM\...\HP Commercial Scanjet 5590 TWAIN Driver) (Version: - )
HPScanjet5590Corporate11 (HKLM\...\{4E985169-A6AF-4FAE-83F4-ACC9C21A3BFC}) (Version: 2.10.0000 - Název společnosti:)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.450 - Oracle)
kruhova-vysec version 1.0.2.0 (HKLM\...\kruhova-vysec 1.0.2.0_is1) (Version: - Company: Pepinator)
Microsoft .NET Framework 4.7.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0405-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Registrace uživatele zařízení Canon TS8000 series (HKLM\...\Registrace uživatele zařízení Canon TS8000 series) (Version: - ‭Canon Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-2709638672-2288162957-48926482-1000\...\SeznamInstall) (Version: 2.1.30 - Seznam.cz)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.57a - Ghisler Software GmbH)
TuneUp Utilities 2012 (HKLM\...\{32364CEA-7855-4A3C-B674-53D8E9B97936}) (Version: 12.0.2030.10 - TuneUp Software) Hidden
TuneUp Utilities 2012 (HKLM\...\TuneUp Utilities 2012) (Version: 12.0.2030.10 - TuneUp Software)
TuneUp Utilities Language Pack (en-US) (HKLM\...\{A95A76C9-6F65-477E-83A0-9F884B6DC21B}) (Version: 12.0.2030.10 - TuneUp Software) Hidden
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-10-04] (Igor Pavlov)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\AntiVir Desktop\shlext.dll [2018-08-08] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files\TuneUp Utilities 2012\SDShelEx-win32.dll [2011-10-20] (TuneUp Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-10-04] (Igor Pavlov)
ContextMenuHandlers4: [TuneUp Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files\TuneUp Utilities 2012\DseShExt-x86.dll [2011-10-20] (TuneUp Software)
ContextMenuHandlers4: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files\TuneUp Utilities 2012\SDShelEx-win32.dll [2011-10-20] (TuneUp Software)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\AntiVir Desktop\shlext.dll [2018-08-08] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C3BB27E-4FBD-4CB5-93FA-D245061295B6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-27] (Google Inc.)
Task: {10302E6B-9BCB-42F9-A498-A400D7D271FF} - System32\Tasks\Google Updater and Installer => C:\Users\milan\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {2FD49FF4-7357-4674-81B3-FF4BE32EE33B} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-11-14] ()
Task: {46FE9CF7-2516-47E6-B369-0DC87A5FD46C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {50872817-E927-4B65-BAB3-FC2807102A7F} - System32\Tasks\Adobe online aktualizační program => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {53FC82D3-3DB6-428C-BEC6-B1EF86A4F05A} - \AutoKMS -> No File <==== ATTENTION
Task: {6AEF310E-F4B2-4E6D-BF73-4CBC73F255EE} - \{6F435692-3137-40F5-A3B6-C2F369BC71B6} -> No File <==== ATTENTION
Task: {882AA2F3-6392-47DF-B3C3-19D8E5A03E4D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-08-15] (Adobe Systems Incorporated)
Task: {94314F6B-D619-41EC-B995-7B0E088E3AA2} - System32\Tasks\{A8BDAC5B-2BDC-4E6A-9C32-9F79437DED9A} => C:\Windows\system32\pcalua.exe -a C:\Users\milan\Desktop\kamera\cnr-wcam_345_drv_xpwv3264w73264_111103.exe -d C:\Users\milan\Desktop\kamera
Task: {9F53177C-23F8-457C-B69A-AD362E0A090F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-15] (Adobe Systems Incorporated)
Task: {AA50F9C0-D4E5-4E8B-B110-03A4E277086A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-27] (Google Inc.)
Task: {B179B957-AA1A-47E8-9E0A-522E19D1A6C5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {BB8DC964-30CD-42B7-AE5D-EBC197BB8B76} - \{4897B830-B093-42FF-86DA-19A193F425B6} -> No File <==== ATTENTION
Task: {EAFC8DAD-CF85-4D60-B443-5B54BF7936C9} - System32\Tasks\{AF383947-9332-4994-B769-CFA722C8E1E7} => C:\Program Files\Služební dokumenty\Dokumenty.exe
Task: {ED411AAC-1E7A-4F4D-8532-FDDFDFE23532} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files\TuneUp Utilities 2012\OneClick.exe [2011-10-20] (TuneUp Software)
Task: {EF9B1BAE-795A-41C7-88EF-118BD4FD9931} - \{FAFE20C6-672E-49FE-8A0C-A9DEEFC5FE10} -> No File <==== ATTENTION
Task: {F7343D6A-2D95-47C3-BE14-B5D7870BC9AB} - \{D159E7B9-CBE8-4198-9F76-E61B99C9CC13} -> No File <==== ATTENTION
Task: {F9E6FA26-C18A-42C6-B34F-8385E350D248} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2018-08-08] (Avira Operations GmbH & Co. KG)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\milan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1280,1024

==================== Loaded Modules (Whitelisted) ==============

2013-09-05 01:14 - 2013-09-05 01:14 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-06-13 08:28 - 2014-06-10 00:00 - 000914352 _____ () C:\Program Files\Android-Sync\bin\adb.exe
2018-08-08 20:59 - 2018-08-08 20:57 - 001204472 _____ () C:\Program Files\Avira\AntiVir Desktop\crypto-42.dll
2018-08-08 20:59 - 2018-08-08 20:57 - 000243352 _____ () C:\Program Files\Avira\AntiVir Desktop\ssl-44.dll
2018-01-16 21:45 - 2017-07-11 11:36 - 000391744 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
2018-08-08 22:25 - 2018-08-08 02:55 - 002260824 _____ () C:\Program Files\Google\Chrome\Application\68.0.3440.106\swiftshader\libglesv2.dll
2018-08-08 22:25 - 2018-08-08 02:55 - 000124248 _____ () C:\Program Files\Google\Chrome\Application\68.0.3440.106\swiftshader\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\milan\Documents\2014-10-01 18.43.23.jpg:com.dropbox.attributes [1030]
AlternateDataStreams: C:\Users\milan\Documents\2014-10-01 18.43.32.jpg:com.dropbox.attributes [1038]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2709638672-2288162957-48926482-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2709638672-2288162957-48926482-1000\...\mojebanka.cz -> hxxps://etrading.mojebanka.cz

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2709638672-2288162957-48926482-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\milan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.88.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: DLLSuite2016 => C:\Program Files\DLL Suite\DLLSuite.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{8CE4723F-E3F0-41FD-836A-DD76FE3868D7}C:\windows\pixtran\pixnetsr.exe] => (Allow) C:\windows\pixtran\pixnetsr.exe
FirewallRules: [UDP Query User{17CFE34D-3224-46F1-BA45-322451B3B66D}C:\windows\pixtran\pixnetsr.exe] => (Allow) C:\windows\pixtran\pixnetsr.exe
FirewallRules: [{899D2477-74BB-4F9B-9B2A-DEDA3362E2C9}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{85D68649-D553-425D-8AA2-E79C5EBB9EC1}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{49B09CBE-FC61-44E4-AE3D-81C2C3197B36}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{422C0B01-85F1-4122-A2EB-BCD356C9D7DF}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [TCP Query User{9CD3235C-B0E1-4AAF-B28D-4AB1C3E90141}G:\záloha\disk d\program files\spyware terminator\spywareterminatorupdate.exe] => (Allow) G:\záloha\disk d\program files\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{5A5E2B36-050A-479B-81D9-2253B508E3D4}G:\záloha\disk d\program files\spyware terminator\spywareterminatorupdate.exe] => (Allow) G:\záloha\disk d\program files\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [{1378DBE3-DC66-43F9-A1F3-C2A924D3378C}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{C0603E57-1A1A-46EB-8437-4C76F4A97A58}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{3D195FE7-27B1-424D-A176-EC1B71C2CFB8}] => (Allow) C:\Users\milan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{257EA52B-A8B1-4B7F-8947-95E37B3F5482}] => (Allow) C:\Users\milan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{833D8DFF-E9B9-4529-AF08-70E6F35BF4EE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

13-08-2018 07:05:05 Windows Update
13-08-2018 07:07:50 Windows Zálohování
15-08-2018 22:27:35 Windows Update
19-08-2018 08:28:15 Windows Update
19-08-2018 19:00:45 Windows Zálohování
23-08-2018 07:03:25 Windows Update
26-08-2018 09:39:26 Windows Update
26-08-2018 19:02:32 Windows Zálohování

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/20/2018 06:55:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CNQMUPDT.EXE, verze: 2.8.5.0, časové razítko: 0x595c7036
Název chybujícího modulu: CNMDWLD.DLL, verze: 1.0.0.0, časové razítko: 0x4f5eedc8
Kód výjimky: 0xc0000005
Posun chyby: 0x000023c6
ID chybujícího procesu: 0x68c
Čas spuštění chybující aplikace: 0x01d4383fec9e3250
Cesta k chybující aplikaci: C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
Cesta k chybujícímu modulu: C:\Program Files\Canon\Quick Menu\CNMDWLD.DLL
ID zprávy: 3b9a9ad0-a435-11e8-8a38-0015f24b70f0

Error: (08/13/2018 06:55:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CNQMUPDT.EXE, verze: 2.8.5.0, časové razítko: 0x595c7036
Název chybujícího modulu: CNMDWLD.DLL, verze: 1.0.0.0, časové razítko: 0x4f5eedc8
Kód výjimky: 0xc0000005
Posun chyby: 0x000023c6
ID chybujícího procesu: 0xb40
Čas spuštění chybující aplikace: 0x01d432c0b8d77b3b
Cesta k chybující aplikaci: C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
Cesta k chybujícímu modulu: C:\Program Files\Canon\Quick Menu\CNMDWLD.DLL
ID zprávy: 16ba87b4-9eb5-11e8-a0f9-0015f24b70f0

Error: (08/09/2018 11:52:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OUTLOOK.EXE, verze: 14.0.7113.5000, časové razítko: 0x527d636c
Název chybujícího modulu: wwlib.dll, verze: 14.0.7015.1000, časové razítko: 0x51cca86e
Kód výjimky: 0xc0000005
Posun chyby: 0x00077efd
ID chybujícího procesu: 0xc30
Čas spuštění chybující aplikace: 0x01d42fc51a103671
Cesta k chybující aplikaci: C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
Cesta k chybujícímu modulu: C:\Program Files\Microsoft Office\Office14\wwlib.dll
ID zprávy: f4551b5d-9bb9-11e8-8add-0015f24b70f0

Error: (08/07/2018 10:40:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OneClick.exe, verze: 12.0.2030.10, časové razítko: 0x4ea01c20
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.24168, časové razítko: 0x5b1aa758
Kód výjimky: 0xc0000005
Posun chyby: 0x00052851
ID chybujícího procesu: 0x368
Čas spuštění chybující aplikace: 0x01d42e102a95b063
Cesta k chybující aplikaci: C:\Program Files\TuneUp Utilities 2012\OneClick.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 83a838f4-9a1d-11e8-a4d6-0015f24b70f0

Error: (08/02/2018 03:35:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OneClick.exe, verze: 12.0.2030.10, časové razítko: 0x4ea01c20
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.24168, časové razítko: 0x5b1aa758
Kód výjimky: 0xc0000005
Posun chyby: 0x00052851
ID chybujícího procesu: 0x177c
Čas spuštění chybující aplikace: 0x01d42a4cec8bbc7c
Cesta k chybující aplikaci: C:\Program Files\TuneUp Utilities 2012\OneClick.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: ecab021e-9658-11e8-8720-0015f24b70f0

Error: (07/30/2018 06:55:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CNQMUPDT.EXE, verze: 2.8.5.0, časové razítko: 0x595c7036
Název chybujícího modulu: CNMDWLD.DLL, verze: 1.0.0.0, časové razítko: 0x4f5eedc8
Kód výjimky: 0xc0000005
Posun chyby: 0x000023c6
ID chybujícího procesu: 0x378
Čas spuštění chybující aplikace: 0x01d427c18232d94a
Cesta k chybující aplikaci: C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
Cesta k chybujícímu modulu: C:\Program Files\Canon\Quick Menu\CNMDWLD.DLL
ID zprávy: c9ef8201-93b4-11e8-95df-0015f24b70f0

Error: (07/22/2018 10:24:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CNQMUPDT.EXE, verze: 2.8.5.0, časové razítko: 0x595c7036
Název chybujícího modulu: CNMDWLD.DLL, verze: 1.0.0.0, časové razítko: 0x4f5eedc8
Kód výjimky: 0xc0000005
Posun chyby: 0x000023c6
ID chybujícího procesu: 0x904
Čas spuštění chybující aplikace: 0x01d4217ffe729d55
Cesta k chybující aplikaci: C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
Cesta k chybujícímu modulu: C:\Program Files\Canon\Quick Menu\CNMDWLD.DLL
ID zprávy: acd1a551-8d88-11e8-8126-0015f24b70f0

Error: (07/22/2018 09:54:04 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.1.7601.23537 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: de0

Čas spuštění: 01d4217f7fb4ad5c

Čas ukončení: 11380

Cesta k aplikaci: C:\Windows\Explorer.EXE

ID hlášení: 5983f063-8d84-11e8-8126-0015f24b70f0


System errors:
=============
Error: (08/27/2018 04:49:48 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (08/27/2018 04:45:05 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (08/27/2018 04:39:46 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (08/27/2018 04:34:46 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (08/27/2018 04:30:02 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (08/27/2018 04:24:58 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (08/27/2018 04:19:54 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (08/27/2018 04:15:04 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.


Windows Defender:
===================================
Date: 2017-08-12 03:33:14.791
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{8ECD1FE0-A492-4454-9016-D4D0CE2A09F0}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2015-11-21 05:26:56.984
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{EB7DBE3C-616D-41D1-A463-E7EEBD2F9366}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2015-11-12 04:28:47.821
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{BA1751A1-A01A-4A8F-AE8A-20AF0CA04CF1}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2018-07-04 07:28:38.497
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.442.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-04 07:28:38.497
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

CodeIntegrity:
===================================

Date: 2018-07-10 06:12:31.609
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-06-30 11:07:28.265
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-06-21 06:13:00.437
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-06-15 06:15:40.859
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU 2.80GHz
Percentage of memory in use: 59%
Total physical RAM: 1526.8 MB
Available physical RAM: 610.95 MB
Total Virtual: 3053.61 MB
Available Virtual: 1806.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.04 GB) (Free:68.65 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: () (Fixed) (Total:189.91 GB) (Free:89.99 GB) NTFS
Drive f: (VERBATIM HD) (Fixed) (Total:465.76 GB) (Free:11.47 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 000DD66B)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 189.9 GB) (Disk ID: CBF61413)
Partition 1: (Not Active) - (Size=189.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 38EE6082)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
can result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23.08.2018
Ran by milan (administrator) on MILAN-PC (27-08-2018 16:44:25)
Running from C:\Users\milan\Desktop
Loaded Profiles: milan (Available Profiles: milan)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(hxxp://www.android-sync.com) C:\Program Files\Android-Sync\AndroidSync.exe
(CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE
(Clarus, Inc.) C:\Program Files\Clarus\Drive Manager\Drive Manager.exe
(Clarus, Inc.) C:\Program Files\Clarus\Drive Manager\ABRTMonM.exe
() C:\Program Files\Android-Sync\bin\adb.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(CANON INC.) C:\Program Files\Canon\IJ Scan Utility\SETEVENT.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Clarus, Inc.) C:\Program Files\Clarus\Drive Manager\SZDrvSvcM.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
(CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AndroidSync] => C:\Program Files\Android-Sync\AndroidSync.exe [6252976 2014-06-10] (hxxp://www.android-sync.com)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-08-03] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (CANON INC.)
HKLM\...\Run: [Drive Manager] => C:\Program Files\Clarus\Drive Manager\Drive Manager.exe [8284376 2016-05-12] (Clarus, Inc.)
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-2709638672-2288162957-48926482-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2709638672-2288162957-48926482-1000\...\Policies\Explorer: [RestrictRun] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Drive Manager Real-Time.lnk [2018-02-20]
ShortcutTarget: Drive Manager Real-Time.lnk -> C:\Program Files\Clarus\Drive Manager\ABRTMonM.exe (Clarus, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{60FE4FEA-55D3-41E7-9E05-1DFF5EC5BDA7}: [DhcpNameServer] 192.168.88.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2709638672-2288162957-48926482-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKU\.DEFAULT -> No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File

FireFox:
========
FF ProfilePath: C:\Users\milan\AppData\Roaming\TomTom\HOME\Profiles\dnqr7n0g.default [2016-01-13]
FF Homepage: TomTom\HOME\Profiles\dnqr7n0g.default -> about:home
FF NewTab: TomTom\HOME\Profiles\dnqr7n0g.default -> about:newtab
FF Extension: (Emulator) - C:\Users\milan\AppData\Roaming\TomTom\HOME\Profiles\dnqr7n0g.default\Extensions\Navcore.9.400.851694@tomtom.com [2012-02-14] [Legacy] [not signed]
FF Extension: (No Name) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default [2016-01-13]
FF Homepage: Mozilla\Firefox\Profiles\nahd6ha2.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\nahd6ha2.default -> about:newtab
FF Extension: (Seznam lištička) - C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2018-01-15] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-08-15] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultSearchKeyword: Default -> google.cz_
CHR Profile: C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default [2018-08-27]
CHR Extension: (Dokumenty) - C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-14]
CHR Extension: (DuckDuckGo) - C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2018-08-25]
CHR Extension: (YouTube) - C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-14]
CHR Extension: (Chrome Media Router) - C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-02]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [890896 2018-08-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [231176 2018-08-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [231176 2018-08-08] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1148568 2018-08-08] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [431144 2018-08-03] (Avira Operations GmbH & Co. KG)
R2 CIJSRegister; C:\Program Files\Canon\IJ Scan Utility\SETEVENT.exe [153736 2016-06-02] (CANON INC.)
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2014-04-30] (Teruten) [File not signed]
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [391744 2017-07-11] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [45568 2011-04-13] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [55808 2011-04-13] (Hewlett-Packard) [File not signed]
R2 SZDrvSvc_General; C:\Program Files\Clarus\Drive Manager\SZDrvSvcM.exe [24792 2016-05-12] (Clarus, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1479488 2011-10-20] (TuneUp Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [46440 2017-06-13] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [132448 2018-07-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [147880 2018-07-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35840 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [59000 2017-03-02] (Avira Operations GmbH & Co. KG)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2014-04-30] () [File not signed]
R3 mvdM23; C:\Program Files\Clarus\Drive Manager\mvdM23.sys [90160 2015-12-02] ()
R1 NetworkX; C:\Windows\system32\ckldrv.sys [19584 2008-03-17] () [File not signed]
S3 snpmi03; C:\Windows\System32\DRIVERS\snpmi03.sys [186112 2004-01-12] ()
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [10064 2011-10-20] (TuneUp Software)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2013-02-12] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 cpuz134; \??\C:\Users\milan\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X] <==== ATTENTION
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-27 16:44 - 2018-08-27 16:47 - 000014088 _____ C:\Users\milan\Desktop\FRST.txt
2018-08-27 16:43 - 2018-08-27 16:44 - 000000000 ____D C:\FRST
2018-08-27 16:36 - 2018-08-27 16:35 - 001773568 _____ (Farbar) C:\Users\milan\Desktop\FRST.exe
2018-08-27 16:34 - 2018-08-27 16:35 - 001773568 _____ (Farbar) C:\Users\milan\Downloads\FRST.exe
2018-08-27 06:53 - 2018-08-27 06:57 - 007417040 _____ (Malwarebytes) C:\Users\milan\Desktop\adwcleaner_7.2.2.exe
2018-08-26 20:14 - 2018-08-26 20:14 - 001107968 _____ C:\Users\milan\Downloads\RSIT (2).exe
2018-08-26 19:57 - 2018-08-26 20:00 - 000000000 ____D C:\rsit
2018-08-26 19:56 - 2018-08-26 19:56 - 001107968 _____ C:\Users\milan\Downloads\RSIT.exe
2018-08-26 19:56 - 2018-08-26 19:56 - 001107968 _____ C:\Users\milan\Downloads\RSIT (1).exe
2018-08-26 19:55 - 2018-08-26 19:56 - 001222144 _____ C:\Users\milan\Downloads\RSITx64.exe
2018-08-26 10:23 - 2018-08-26 10:23 - 000000000 ____D C:\Users\milan\AppData\Local\Clarus
2018-08-15 07:09 - 2018-07-19 06:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-15 07:09 - 2018-06-29 17:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2018-08-15 07:09 - 2018-06-29 17:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2018-08-15 07:08 - 2018-08-03 17:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-15 07:08 - 2018-08-02 04:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2018-08-15 07:08 - 2018-08-02 04:45 - 003959984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-15 07:08 - 2018-08-02 04:45 - 000189616 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2018-08-15 07:08 - 2018-08-02 04:45 - 000189616 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-08-15 07:08 - 2018-08-02 04:45 - 000136368 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2018-08-15 07:08 - 2018-08-02 04:44 - 000137904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-08-15 07:08 - 2018-08-02 04:44 - 000067248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-08-15 07:08 - 2018-08-02 04:43 - 001310464 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-15 07:08 - 2018-08-02 04:41 - 001063424 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-08-15 07:08 - 2018-08-02 04:41 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-08-15 07:08 - 2018-08-02 04:41 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-08-15 07:08 - 2018-08-02 04:41 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-08-15 07:08 - 2018-08-02 04:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-08-15 07:08 - 2018-08-02 04:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-08-15 07:08 - 2018-08-02 04:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-08-15 07:08 - 2018-08-02 04:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-08-15 07:08 - 2018-08-02 04:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-08-15 07:08 - 2018-08-02 04:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-08-15 07:08 - 2018-08-02 04:41 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-08-15 07:08 - 2018-08-02 04:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-08-15 07:08 - 2018-08-02 04:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-08-15 07:08 - 2018-08-02 04:41 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-08-15 07:08 - 2018-08-02 04:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-08-15 07:08 - 2018-08-02 04:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-08-15 07:08 - 2018-08-02 04:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-08-15 07:08 - 2018-08-02 04:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-08-15 07:08 - 2018-08-02 04:40 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-08-15 07:08 - 2018-08-02 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-08-15 07:08 - 2018-08-02 04:40 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-08-15 07:08 - 2018-08-02 04:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-08-15 07:08 - 2018-08-02 04:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-08-15 07:08 - 2018-08-02 04:16 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-08-15 07:08 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-15 07:08 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-08-15 07:08 - 2018-08-02 04:16 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-08-15 07:08 - 2018-08-02 04:16 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-08-15 07:08 - 2018-08-02 04:14 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-08-15 07:08 - 2018-08-02 04:13 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-08-15 07:08 - 2018-08-02 04:11 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-08-15 07:08 - 2018-08-02 04:11 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-08-15 07:08 - 2018-08-02 04:11 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-08-15 07:08 - 2018-08-02 04:10 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-08-15 07:08 - 2018-08-02 04:10 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-08-15 07:08 - 2018-08-02 04:10 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-08-15 07:08 - 2018-08-02 04:10 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2018-08-15 07:08 - 2018-08-02 04:10 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-08-15 07:08 - 2018-08-02 04:10 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-08-15 07:08 - 2018-08-02 04:10 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-08-15 07:08 - 2018-08-02 04:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-08-15 07:08 - 2018-08-02 04:10 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-08-15 07:08 - 2018-07-20 00:58 - 000350272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-08-15 07:08 - 2018-07-19 06:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-08-15 07:08 - 2018-07-19 06:16 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-08-15 07:08 - 2018-07-19 06:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-15 07:08 - 2018-07-19 06:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-15 07:08 - 2018-07-19 06:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-08-15 07:08 - 2018-07-19 06:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-08-15 07:08 - 2018-07-19 06:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-08-15 07:08 - 2018-07-19 06:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-15 07:08 - 2018-07-19 05:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-08-15 07:08 - 2018-07-19 05:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-08-15 07:08 - 2018-07-19 05:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-15 07:08 - 2018-07-19 05:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-15 07:08 - 2018-07-19 05:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-08-15 07:08 - 2018-07-19 05:55 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-08-15 07:08 - 2018-07-19 05:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-15 07:08 - 2018-07-19 05:49 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-15 07:08 - 2018-07-19 05:46 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-08-15 07:08 - 2018-07-19 05:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-15 07:08 - 2018-07-19 05:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-15 07:08 - 2018-07-19 05:41 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-08-15 07:08 - 2018-07-19 05:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-08-15 07:08 - 2018-07-19 05:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-08-15 07:08 - 2018-07-19 05:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-08-15 07:08 - 2018-07-19 05:35 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-08-15 07:08 - 2018-07-19 05:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-15 07:08 - 2018-07-19 05:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-15 07:08 - 2018-07-19 05:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-15 07:08 - 2018-07-19 05:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-15 07:08 - 2018-07-19 05:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-15 07:08 - 2018-07-19 05:28 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-15 07:08 - 2018-07-19 05:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-08-15 07:08 - 2018-07-19 05:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-15 07:08 - 2018-07-19 05:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-15 07:08 - 2018-07-19 05:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-15 07:08 - 2018-07-13 21:07 - 001309888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-08-15 07:08 - 2018-07-13 21:06 - 000240832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-08-15 07:08 - 2018-07-13 21:06 - 000187584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-08-15 07:08 - 2018-07-08 17:47 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-08-15 07:08 - 2018-07-08 17:42 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-15 07:08 - 2018-07-08 17:41 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-15 07:08 - 2018-07-08 17:41 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-08-15 07:08 - 2018-07-08 17:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-08-15 07:08 - 2018-07-08 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-08-15 07:08 - 2018-07-07 17:19 - 002404352 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-15 07:08 - 2018-07-06 17:54 - 000713408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-15 07:08 - 2018-07-06 17:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-08-15 07:08 - 2018-07-06 17:48 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-08-15 07:08 - 2018-06-27 17:50 - 000105152 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-08-15 07:08 - 2018-06-27 17:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-15 07:08 - 2018-06-27 17:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-15 07:08 - 2018-06-27 17:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-08-15 07:08 - 2018-06-27 17:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-08-15 07:08 - 2018-06-27 17:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-15 07:08 - 2018-06-27 17:41 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-08-15 07:08 - 2018-06-27 17:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-15 07:08 - 2018-06-21 05:09 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-08-14 06:55 - 2018-08-14 06:55 - 000001074 _____ C:\Users\Public\Desktop\Avira.lnk
2018-08-06 10:30 - 2018-08-06 10:30 - 000069170 _____ C:\Users\milan\Desktop\Kreivi.pdf
2018-08-06 10:21 - 2018-08-06 10:21 - 000067180 _____ C:\Users\milan\Desktop\Mildenberger.pdf
2018-08-01 09:47 - 2018-08-01 09:47 - 000073728 _____ C:\Users\milan\Desktop\Tibor_NSU Angebot.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-27 13:11 - 2012-01-01 16:13 - 001593150 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-27 13:11 - 2009-07-14 10:44 - 000672136 _____ C:\Windows\system32\perfh005.dat
2018-08-27 13:11 - 2009-07-14 10:44 - 000142732 _____ C:\Windows\system32\perfc005.dat
2018-08-27 13:11 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2018-08-27 08:02 - 2018-01-16 21:12 - 000000000 ____D C:\Users\milan\AppData\Local\CrashDumps
2018-08-27 07:35 - 2009-07-14 06:34 - 000014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-27 07:35 - 2009-07-14 06:34 - 000014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-27 07:24 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-27 07:20 - 2018-03-06 22:38 - 000000000 ____D C:\AdwCleaner
2018-08-26 19:57 - 2013-07-04 21:57 - 000000000 ____D C:\Program Files\trend micro
2018-08-22 13:46 - 2012-09-03 16:15 - 001687040 ___SH C:\Users\milan\Documents\Thumbs.db
2018-08-22 13:42 - 2018-01-16 21:45 - 000000000 ____D C:\ProgramData\CanonIJPLM
2018-08-16 23:10 - 2014-09-03 07:02 - 000066116 _____ C:\Users\milan\Documents\Antonín Dědek 3.9.2014.xlsx
2018-08-16 12:31 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\rescache
2018-08-16 11:18 - 2017-01-15 19:22 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-16 10:52 - 2009-07-14 06:53 - 000032582 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-08-16 10:52 - 2009-07-14 06:33 - 000408088 _____ C:\Windows\system32\FNTCACHE.DAT
2018-08-15 22:50 - 2013-08-14 22:31 - 000000000 ____D C:\Windows\system32\MRT
2018-08-15 22:50 - 2012-02-10 21:35 - 134276632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-08-15 22:49 - 2009-07-14 04:04 - 000000487 _____ C:\Windows\win.ini
2018-08-15 07:11 - 2013-02-27 08:14 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2018-08-15 07:11 - 2013-02-27 08:14 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2018-08-15 07:11 - 2013-02-27 08:14 - 000000000 ____D C:\Windows\system32\Macromed
2018-08-15 06:18 - 2016-01-14 11:37 - 000000000 ____D C:\ProgramData\Package Cache
2018-08-14 06:55 - 2015-01-28 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-08-08 22:25 - 2015-02-27 17:32 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-07 21:47 - 2014-07-15 10:02 - 000000000 ____D C:\Users\milan\Documents\spolek SNONV
2018-07-30 22:16 - 2018-02-20 10:10 - 000000000 ____D C:\Users\milan\Desktop\Nová složka

==================== Files in the root of some directories =======

2012-01-03 12:54 - 2011-09-27 10:06 - 024880733 _____ () C:\Program Files\portable-BurningStudio7.21.exe
2012-02-22 22:40 - 2012-02-22 22:40 - 000136007 _____ () C:\Users\milan\AppData\Roaming\HEBEL 003.jpg
2016-12-29 22:37 - 2016-12-29 23:27 - 000037167 _____ () C:\Users\milan\AppData\Roaming\Hodnoty oddělené čárkami (DOS).ADR
2016-12-29 22:16 - 2016-12-29 23:29 - 000037187 _____ () C:\Users\milan\AppData\Roaming\Hodnoty oddělené čárkami (Windows).ADR
2014-01-08 22:42 - 2014-01-17 07:20 - 000000027 _____ () C:\Users\milan\AppData\Roaming\msaaqeui.dat
2014-01-08 22:43 - 2014-01-10 08:12 - 000001705 _____ () C:\Users\milan\AppData\Roaming\msvlmc.dat
2012-06-26 19:08 - 2014-02-10 12:25 - 000004096 ____H () C:\Users\milan\AppData\Local\keyfile3.drm
2014-12-04 11:17 - 2014-12-04 11:17 - 000000017 _____ () C:\Users\milan\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-08-26 10:13

==================== End of FRST.txt ============================

Ak nepouzivas, odporucam odinstalovat Seznam Software (Seznam Listicka).

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  File: C:\Program Files\Android-Sync\AndroidSync.exe
  File: C:\Windows\system32\FsUsbExService.Exe
  File: C:\Windows\system32\HPZinw12.dll
  File: C:\Windows\system32\HPZipm12.dll
  File: C:\Windows\system32\FsUsbExDisk.SYS
  File: C:\Windows\system32\ckldrv.sys
  File: C:\Windows\system32\Drivers\StarOpen.sys
  
  HKLM\...\Policies\Explorer: [RestrictRun] 0
  HKU\S-1-5-21-2709638672-2288162957-48926482-1000\...\Policies\Explorer: [RestrictRun] 0
  HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
  HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
  SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  Toolbar: HKU\.DEFAULT -> No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} -  No File
  Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
  FF Homepage: TomTom\HOME\Profiles\dnqr7n0g.default -> about:home
  FF NewTab: TomTom\HOME\Profiles\dnqr7n0g.default -> about:newtab
  FF Extension: (Emulator) - C:\Users\milan\AppData\Roaming\TomTom\HOME\Profiles\dnqr7n0g.default\Extensions\Navcore.9.400.851694@tomtom.com [2012-02-14] [Legacy] [not signed]
  FF Extension: (No Name) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
  FF Homepage: Mozilla\Firefox\Profiles\nahd6ha2.default -> about:home
  FF NewTab: Mozilla\Firefox\Profiles\nahd6ha2.default -> about:newtab
  FF Extension: (Seznam lištička) - C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2018-01-15] [Legacy]
  FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
  U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
  S3 cpuz134; \??\C:\Users\milan\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X] <==== ATTENTION
  S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
  2018-08-26 20:14 - 2018-08-26 20:14 - 001107968 _____ C:\Users\milan\Downloads\RSIT (2).exe
  2018-08-26 19:57 - 2018-08-26 20:00 - 000000000 ____D C:\rsit
  2018-08-26 19:56 - 2018-08-26 19:56 - 001107968 _____ C:\Users\milan\Downloads\RSIT.exe
  2018-08-26 19:56 - 2018-08-26 19:56 - 001107968 _____ C:\Users\milan\Downloads\RSIT (1).exe
  2018-08-26 19:55 - 2018-08-26 19:56 - 001222144 _____ C:\Users\milan\Downloads\RSITx64.exe
  2018-08-26 19:57 - 2013-07-04 21:57 - 000000000 ____D C:\Program Files\trend micro
  2012-01-03 12:54 - 2011-09-27 10:06 - 024880733 _____ () C:\Program Files\portable-BurningStudio7.21.exe
  
  ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
  Task: {53FC82D3-3DB6-428C-BEC6-B1EF86A4F05A} - \AutoKMS -> No File <==== ATTENTION
  Task: {6AEF310E-F4B2-4E6D-BF73-4CBC73F255EE} - \{6F435692-3137-40F5-A3B6-C2F369BC71B6} -> No File <==== ATTENTION
  Task: {BB8DC964-30CD-42B7-AE5D-EBC197BB8B76} - \{4897B830-B093-42FF-86DA-19A193F425B6} -> No File <==== ATTENTION
  Task: {EF9B1BAE-795A-41C7-88EF-118BD4FD9931} - \{FAFE20C6-672E-49FE-8A0C-A9DEEFC5FE10} -> No File <==== ATTENTION
  Task: {F7343D6A-2D95-47C3-BE14-B5D7870BC9AB} - \{D159E7B9-CBE8-4198-9F76-E61B99C9CC13} -> No File <==== ATTENTION
  AlternateDataStreams: C:\Users\milan\Documents\2014-10-01 18.43.23.jpg:com.dropbox.attributes [1030]
  AlternateDataStreams: C:\Users\milan\Documents\2014-10-01 18.43.32.jpg:com.dropbox.attributes [1038]
  FirewallRules: [TCP Query User{9CD3235C-B0E1-4AAF-B28D-4AB1C3E90141}G:\záloha\disk d\program files\spyware terminator\spywareterminatorupdate.exe] => (Allow) G:\záloha\disk d\program files\spyware terminator\spywareterminatorupdate.exe
  FirewallRules: [UDP Query User{5A5E2B36-050A-479B-81D9-2253B508E3D4}G:\záloha\disk d\program files\spyware terminator\spywareterminatorupdate.exe] => (Allow) G:\záloha\disk d\program files\spyware terminator\spywareterminatorupdate.exe
  
  C:\Program Files\Common Files\AV\Spybot - Search and Destroy
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Díky zde je fixlog.txt
Fix result of Farbar Recovery Scan Tool (x86) Version: 23.08.2018
Ran by milan (27-08-2018 21:55:47) Run:1
Running from C:\Users\milan\Desktop
Loaded Profiles: milan (Available Profiles: milan)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files\Android-Sync\AndroidSync.exe
File: C:\Windows\system32\FsUsbExService.Exe
File: C:\Windows\system32\HPZinw12.dll
File: C:\Windows\system32\HPZipm12.dll
File: C:\Windows\system32\FsUsbExDisk.SYS
File: C:\Windows\system32\ckldrv.sys
File: C:\Windows\system32\Drivers\StarOpen.sys

HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-2709638672-2288162957-48926482-1000\...\Policies\Explorer: [RestrictRun] 0
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\.DEFAULT -> No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
FF Homepage: TomTom\HOME\Profiles\dnqr7n0g.default -> about:home
FF NewTab: TomTom\HOME\Profiles\dnqr7n0g.default -> about:newtab
FF Extension: (Emulator) - C:\Users\milan\AppData\Roaming\TomTom\HOME\Profiles\dnqr7n0g.default\Extensions\Navcore.9.400.851694@tomtom.com [2012-02-14] [Legacy] [not signed]
FF Extension: (No Name) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF Homepage: Mozilla\Firefox\Profiles\nahd6ha2.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\nahd6ha2.default -> about:newtab
FF Extension: (Seznam li�ti�ka) - C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2018-01-15] [Legacy]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 cpuz134; \??\C:\Users\milan\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X] <==== ATTENTION
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
2018-08-26 20:14 - 2018-08-26 20:14 - 001107968 _____ C:\Users\milan\Downloads\RSIT (2).exe
2018-08-26 19:57 - 2018-08-26 20:00 - 000000000 ____D C:\rsit
2018-08-26 19:56 - 2018-08-26 19:56 - 001107968 _____ C:\Users\milan\Downloads\RSIT.exe
2018-08-26 19:56 - 2018-08-26 19:56 - 001107968 _____ C:\Users\milan\Downloads\RSIT (1).exe
2018-08-26 19:55 - 2018-08-26 19:56 - 001222144 _____ C:\Users\milan\Downloads\RSITx64.exe
2018-08-26 19:57 - 2013-07-04 21:57 - 000000000 ____D C:\Program Files\trend micro
2012-01-03 12:54 - 2011-09-27 10:06 - 024880733 _____ () C:\Program Files\portable-BurningStudio7.21.exe

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Task: {53FC82D3-3DB6-428C-BEC6-B1EF86A4F05A} - \AutoKMS -> No File <==== ATTENTION
Task: {6AEF310E-F4B2-4E6D-BF73-4CBC73F255EE} - \{6F435692-3137-40F5-A3B6-C2F369BC71B6} -> No File <==== ATTENTION
Task: {BB8DC964-30CD-42B7-AE5D-EBC197BB8B76} - \{4897B830-B093-42FF-86DA-19A193F425B6} -> No File <==== ATTENTION
Task: {EF9B1BAE-795A-41C7-88EF-118BD4FD9931} - \{FAFE20C6-672E-49FE-8A0C-A9DEEFC5FE10} -> No File <==== ATTENTION
Task: {F7343D6A-2D95-47C3-BE14-B5D7870BC9AB} - \{D159E7B9-CBE8-4198-9F76-E61B99C9CC13} -> No File <==== ATTENTION
AlternateDataStreams: C:\Users\milan\Documents\2014-10-01 18.43.23.jpg:com.dropbox.attributes [1030]
AlternateDataStreams: C:\Users\milan\Documents\2014-10-01 18.43.32.jpg:com.dropbox.attributes [1038]
FirewallRules: [TCP Query User{9CD3235C-B0E1-4AAF-B28D-4AB1C3E90141}G:\z�loha\disk d\program files\spyware terminator\spywareterminatorupdate.exe] => (Allow) G:\z�loha\disk d\program files\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{5A5E2B36-050A-479B-81D9-2253B508E3D4}G:\z�loha\disk d\program files\spyware terminator\spywareterminatorupdate.exe] => (Allow) G:\z�loha\disk d\program files\spyware terminator\spywareterminatorupdate.exe

C:\Program Files\Common Files\AV\Spybot - Search and Destroy

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 119
Average :
Sum : 150513751
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========


========================= File: C:\Program Files\Android-Sync\AndroidSync.exe ========================

C:\Program Files\Android-Sync\AndroidSync.exe
File is digitally signed
MD5: 98315F6666FF11533754687F11458B8E
Creation and modification date: 2014-06-13 08:27 - 2014-06-10 00:00
Size: 006252976
Attributes: ----A
Company Name: http://www.android-sync.com
Internal Name:
Original Name:
Product: Android-Sync
Description:
File Version: 1.1.3.0
Product Version: 1.1.3.0
Copyright:
VirusTotal: https://www.virustotal.com/file/80bad8a ... 478076274/

====== End of File: ======


========================= File: C:\Windows\system32\FsUsbExService.Exe ========================

C:\Windows\system32\FsUsbExService.Exe
File not signed
MD5: 0796C1E47ADB9825269E64B9DAB4E741
Creation and modification date: 2014-06-17 15:45 - 2014-04-30 12:43
Size: 000233472
Attributes: ----A
Company Name: Teruten
Internal Name: FsUsbDevice
Original Name: FsUsbDevice.EXE
Product: CwService
Description: FsUsbDevice
File Version: 1, 0, 1, 0
Product Version: 1, 0, 1, 0
Copyright: Copyright (C) 2005
VirusTotal: https://www.virustotal.com/file/a9e4762 ... 535364473/

====== End of File: ======


========================= File: C:\Windows\system32\HPZinw12.dll ========================

C:\Windows\system32\HPZinw12.dll
File not signed
MD5: F7C14F5077BF2BC476C348B88A7F74E2
Creation and modification date: 2011-04-13 17:07 - 2011-04-13 17:07
Size: 000045568
Attributes: ----A
Company Name: Hewlett-Packard
Internal Name: Dot4Net
Original Name: Dot4Net.DLL
Product: Bidi User Mode
Description: Dot4Net Module
File Version: 12,1,7,51
Product Version: 12,1,7,51
Copyright: Copyright © 2006, 2007 Hewlett-Packard
VirusTotal: https://www.virustotal.com/file/2b9b731 ... 519696403/

====== End of File: ======


========================= File: C:\Windows\system32\HPZipm12.dll ========================

C:\Windows\system32\HPZipm12.dll
File not signed
MD5: E638656001C52A1FAA34F92E6D3A086B
Creation and modification date: 2011-04-13 17:07 - 2011-04-13 17:07
Size: 000055808
Attributes: ----A
Company Name: Hewlett-Packard
Internal Name: PmlDrv
Original Name: PmlDrv.DLL
Product: Bidi User Mode
Description: PmlDrv Module
File Version: 12,1,7,51
Product Version: 12,1,7,51
Copyright: Copyright © 2006, 2007 Hewlett-Packard
VirusTotal: https://www.virustotal.com/file/1dfb399 ... 518468029/

====== End of File: ======


========================= File: C:\Windows\system32\FsUsbExDisk.SYS ========================

C:\Windows\system32\FsUsbExDisk.SYS
File not signed
MD5: DDEE99DC54EFA20BD5A442CD733C4462
Creation and modification date: 2014-06-17 15:45 - 2014-04-30 12:43
Size: 000037344
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======


========================= File: C:\Windows\system32\ckldrv.sys ========================

C:\Windows\system32\ckldrv.sys
File not signed
MD5: 5EF7DD401771693245D46F4B0B69FE2B
Creation and modification date: 2014-10-21 20:01 - 2008-03-17 18:45
Size: 000019584
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======


========================= File: C:\Windows\system32\Drivers\StarOpen.sys ========================

C:\Windows\system32\Drivers\StarOpen.sys
File not signed
MD5: 306521935042FC0A6988D528643619B3
Creation and modification date: 2013-09-27 08:53 - 2006-07-24 16:05
Size: 000005632
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======

"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\RestrictRun" => removed successfully.
"HKU\S-1-5-21-2709638672-2288162957-48926482-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\RestrictRun" => removed successfully.
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page" => removed successfully.
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{91397D20-1446-11D4-8AF4-0040CA1127B6}" => removed successfully.
HKLM\Software\Classes\CLSID\{91397D20-1446-11D4-8AF4-0040CA1127B6} => not found
"HKLM\Software\Classes\PROTOCOLS\Handler\skype-ie-addon-data" => removed successfully.
HKLM\Software\Classes\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => not found
"Firefox homepage" => removed successfully.
"Firefox newtab" => removed successfully.
C:\Users\milan\AppData\Roaming\TomTom\HOME\Profiles\dnqr7n0g.default\Extensions\Navcore.9.400.851694@tomtom.com => moved successfully
C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com => path removed successfully.
"Firefox homepage" => removed successfully.
"Firefox newtab" => removed successfully.
C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => moved successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully.
"HKLM\System\CurrentControlSet\Services\AppMgmt" => removed successfully.
AppMgmt => service removed successfully.
"HKLM\System\CurrentControlSet\Services\cpuz134" => removed successfully.
cpuz134 => service removed successfully.
"HKLM\System\CurrentControlSet\Services\dgderdrv" => removed successfully.
dgderdrv => service removed successfully.
C:\Users\milan\Downloads\RSIT (2).exe => moved successfully
C:\rsit => moved successfully
C:\Users\milan\Downloads\RSIT.exe => moved successfully
C:\Users\milan\Downloads\RSIT (1).exe => moved successfully
C:\Users\milan\Downloads\RSITx64.exe => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Program Files\portable-BurningStudio7.21.exe => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => removed successfully.
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{53FC82D3-3DB6-428C-BEC6-B1EF86A4F05A}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53FC82D3-3DB6-428C-BEC6-B1EF86A4F05A}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6AEF310E-F4B2-4E6D-BF73-4CBC73F255EE}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AEF310E-F4B2-4E6D-BF73-4CBC73F255EE}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6F435692-3137-40F5-A3B6-C2F369BC71B6}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB8DC964-30CD-42B7-AE5D-EBC197BB8B76}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB8DC964-30CD-42B7-AE5D-EBC197BB8B76}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4897B830-B093-42FF-86DA-19A193F425B6}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF9B1BAE-795A-41C7-88EF-118BD4FD9931}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF9B1BAE-795A-41C7-88EF-118BD4FD9931}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FAFE20C6-672E-49FE-8A0C-A9DEEFC5FE10}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F7343D6A-2D95-47C3-BE14-B5D7870BC9AB}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7343D6A-2D95-47C3-BE14-B5D7870BC9AB}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D159E7B9-CBE8-4198-9F76-E61B99C9CC13}" => removed successfully.
C:\Users\milan\Documents\2014-10-01 18.43.23.jpg => ":com.dropbox.attributes" ADS removed successfully.
C:\Users\milan\Documents\2014-10-01 18.43.32.jpg => ":com.dropbox.attributes" ADS removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9CD3235C-B0E1-4AAF-B28D-4AB1C3E90141}G:\z�loha\disk d\program files\spyware terminator\spywareterminatorupdate.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5A5E2B36-050A-479B-81D9-2253B508E3D4}G:\z�loha\disk d\program files\spyware terminator\spywareterminatorupdate.exe" => not found
C:\Program Files\Common Files\AV\Spybot - Search and Destroy => moved successfully
Could not restore Hosts.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9443720 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 58793037 B
Edge => 0 B
Chrome => 119701135 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 33058 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33186 B
LocalService => 33125 B
NetworkService => 33125 B
milan => 1377175 B

RecycleBin => 36384 B
EmptyTemp: => 188.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:59:30 ====

Stiahni Zoek: http://download.bleepingcomputer.com/smeenk/zoek.exe

• Uloz na plochu a spusti ako spravca
• Do okna skopiruj nasledujuci script:

  Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;

• Klikni na Run script
• Pockaj na dokoncenie a restartovanie PC
• Po restartovani vyskoci log (pripadne bude v C:\zoek-results.log), jeho obsah sem skopiruj

Ak sa Zoek zasekne a jeho cinnost potrva dlhsie ako cca 30 minut, restartuj PC manualne a daj vediet.

log se Zoek zde

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by milan on Łt 28.08.2018 at 7:44:10,45.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\milan\Desktop\zoek (2).exe [Scan all users] [Script inserted]

==== System Restore Info ======================

28.8.2018 7:50:48 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Program Files\Convert PDF to Word Desktop Software deleted successfully
C:\Program Files\Seznam.cz deleted successfully
C:\Program Files\Common Files\AV deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\prefs.js:

Added to C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\milan\AppData\Roaming\TomTom\HOME\Profiles\dnqr7n0g.default\prefs.js:

Added to C:\Users\milan\AppData\Roaming\TomTom\HOME\Profiles\dnqr7n0g.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Program Files\Convert PDF to Word Desktop Software not found
C:\Program Files\Seznam.cz not found
C:\Users\milan\.android deleted
C:\PROGRA~2\{32364CEA-7855-4A3C-B674-53D8E9B97936} deleted
C:\PROGRA~2\Package Cache deleted
C:\Windows\wininit.ini deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\milan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\milan\AppData\Roaming\TomTom\HOME\Profiles\dnqr7n0g.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\milan\AppData\Roaming\TomTom\HOME\Profiles\dnqr7n0g.default
- Undetermined - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 68.0.3440.106

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
flliilndjeohchalpbbcdekjklbdgfkk - No path found[]

Chrome Media Router - milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}"
HKLM\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - http://www.google.com/search?q={searchT ... utEncoding?}
HKCU\SearchScopes "DefaultScope"="{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - http://www.google.com/search?q={searchT ... utEncoding?}

==== Reset Google Chrome ======================

C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLLSuite2016 deleted successfully

==== Empty IE Cache ======================

C:\Users\milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=46 folders=15 41139350 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\milan\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\milan\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Łt 28.08.2018 at 11:39:56,37 ======================

Vyzera to OK. Nastala nejaka zmena alebo su este nejake problemy?

Co sa tyka FB, odporucam v nastaveniach zmenit heslo a odhlasit vsetky pripojene zariadenia.

Díky, dojde mě taková zpráva na emal .Vypadá to zatím , že již jen ze Severní Koreje. Před tím jich chodilo víc

Uživateli Milan, 박종훈 potvrdil(a), že jste na Facebooku přáteli. Možná znáte některé přátele uživatele 종훈: 신상현 10 společných přátel Přidat do přátel 천권준 6 společných přátel Přidat do přátel Dancer Dean 4 společní přátelé Přidat do přátel Sung Mi Moon 4 společní přátelé Přidat do přátel Yang Moonchang 3 společní přátelé Přidat do přátel 박진권 2 společní přátelé Přidat do přátel
facebook

Tohle je zpráva dnes z 18 52 Nikdy jsem nic nepotvrdil . Heslo jsem změnil dvakrát minulý týden. Má cenu po tomto čištění změnit zase heslo ? .

Z akej presne e-mailovej adresy prisiel ten mail? Tie ucty sa aj realne objavia v priateloch na tvojom FB ucte?

1. na facebooku se objevují jenom žádosti o přátelství, které každý den mažu. Dnes ca. 30. Ani jednu nenajdu na facebook, potvrzenou, ale jenom v oznámení na outlook, které antispamem neustále mažu jako nevyžádnané. Před Vaším zásahem jich chodilo víc (nevím ADRESU ) většinou Severní Korea.

2. Dnes poslední rozesíláno je z této adresy 박종훈 na Facebooku <notification+iic6ogz1@facebookmail.com>
text oznámení vypadá takto

Od vaší poslední návštěvy přijali vaši žádost o přidání mezi přátelé někteří uživatelé (3).

박종훈

37 přátel

김일식

422 přátel

이조원
POkud přejdu do modu Facebook načte vstupní okno facebook s mým login (celá adresa https://www.facebook.com/n/?find-friend ... 0U5Mc&n_m= + moje emailová adresa)

Ty oznámení se těžko díky znakům rozlišují zda jsou stejné.

Aha, tak v tom pripade tie e-maily su naozaj od Facebooku. Namiesto oznacovania ako spam by som skor odporucil odhlasit odber e-mailov o novych ziadostiach, a na Facebooku by sa v nastaveniach sukromia malo dat obmedzit, kto moze posielat ziadosti o priatelstvo.

Okrem tych ziadosti sa nic ine nedeje?

Inak PC vyzera cisty, ak uz nie su ine problemy, tak este upraceme po pouzitych nastrojoch:

• Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
• Uloz na plochu a spusti
• Nechaj oznacenu moznost "Remove disinfection tools"
• Klikni na "Run"

Udělám to tak, všechno ostaní už je v pořádku moc Vám děkuji.