VIRY.CZ

Dobrý den,

asi před týdnem mi po startu notebooku vždycky vyskočila chybová hláška (příloha1), je to spojeno se spouštěním antiviru. Děje se tak i při následném spuštění antiviru (Avast Free), reinstalaci jsem zkoušel. Zkusil jsem ještě použít Kaspersky Online Scanner, ale nic nenašel. Chybová hláška se objevuje i při spuštění Adobe Reader (příloha1), reinstalaci jsem zkoušel. Málo často po startu ntb se chlazení (větrák) rozjede na plné otáčky a nepřestane - řeším restartem. Ihned přidám FRST log.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Ran by Ivika (administrator) on LENOVO (23-10-2018 16:50:06)
Running from C:\Users\Ivika\Desktop
Loaded Profiles: Ivika (Available Profiles: Ivika)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
Failed to access process -> AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [216064 2014-01-06] (Realtek Semiconductor Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276104 2014-06-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-01-21] (Realtek semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-15] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-07-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKU\S-1-5-21-1245984182-2301009141-24012118-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-07] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{74EEDAFB-AE40-460A-98AA-27E95668C01A}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{E0308B5F-1618-4F2C-87EF-80E88458C1DD}: [DhcpNameServer] 147.229.190.143 147.229.191.143

Internet Explorer:
==================
HKU\S-1-5-21-1245984182-2301009141-24012118-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1245984182-2301009141-24012118-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1245984182-2301009141-24012118-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1245984182-2301009141-24012118-1002 -> DefaultScope {656E9B19-7D74-4835-9B7B-AFEC4378F272} URL =
SearchScopes: HKU\S-1-5-21-1245984182-2301009141-24012118-1002 -> {656E9B19-7D74-4835-9B7B-AFEC4378F272} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-11-08] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-11-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-23] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-23] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-08] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-11-08] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-08] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-11-08] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-08] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-11-08] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-08] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-11-08] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: tqlwzfz0.default
FF ProfilePath: C:\Users\Ivika\AppData\Roaming\Mozilla\Firefox\Profiles\tqlwzfz0.default [2018-10-15]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-11-08] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-11-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-11-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)

Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Ivika\AppData\Local\Google\Chrome\User Data\Default [2018-10-23]
CHR Extension: (Prezentace) - C:\Users\Ivika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-01]
CHR Extension: (Dokumenty) - C:\Users\Ivika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-01]
CHR Extension: (Disk Google) - C:\Users\Ivika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-01]
CHR Extension: (YouTube) - C:\Users\Ivika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-02]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Ivika\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-10-16]
CHR Extension: (Tabulky) - C:\Users\Ivika\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ivika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-08]
CHR Extension: (AdBlock) - C:\Users\Ivika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-10-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ivika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Ivika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-01]
CHR Extension: (Chrome Media Router) - C:\Users\Ivika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-19]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-17] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-15] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-15] (AVAST Software)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [84992 2014-01-22] () [File not signed]
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8063656 2017-10-31] (Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-05-27] (Lenovo(beijing) Limited)
S2 UESDK1.0; C:\Program Files (x86)\Lenovo\UESDK\UESDK.exe [319472 2014-07-18] (Lenovo)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-12] (Advanced Micro Devices)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [201408 2018-10-15] (AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdrivera.sys [230512 2018-10-15] (AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsha.sys [201928 2018-10-15] (AVAST Software)
R0 aswblog; C:\windows\System32\drivers\aswbloga.sys [346760 2018-10-15] (AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniva.sys [59664 2018-10-15] (AVAST Software)
R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [185240 2018-10-15] (AVAST Software)
S3 aswHwid; C:\windows\System32\drivers\aswHwid.sys [47064 2018-10-15] (AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42456 2018-10-15] (AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [163376 2018-10-15] (AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [111968 2018-10-15] (AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [88112 2018-10-15] (AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [1028840 2018-10-15] (AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [467904 2018-10-15] (AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [208640 2018-10-15] (AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [381144 2018-10-15] (AVAST Software)
R3 AtiHDAudioService; C:\windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 RtkBtFilter; C:\windows\system32\DRIVERS\RtkBtfilter.sys [558296 2014-01-14] (Realtek Semiconductor Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [9105624 2014-01-21] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\windows\system32\DRIVERS\rtwlane.sys [3593432 2014-10-07] (Realtek Semiconductor Corporation )
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [35320 2014-09-22] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [258368 2014-09-22] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
U3 avgbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-23 16:50 - 2018-10-23 16:50 - 000015599 _____ C:\Users\Ivika\Desktop\FRST.txt
2018-10-23 16:48 - 2018-10-23 16:50 - 000000000 ____D C:\FRST
2018-10-23 16:47 - 2018-10-23 16:47 - 002414592 _____ (Farbar) C:\Users\Ivika\Desktop\FRST64.exe
2018-10-23 16:36 - 2018-10-23 16:43 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2018-10-23 16:36 - 2018-10-23 16:42 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-23 16:36 - 2018-10-23 16:36 - 000002078 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2018-10-22 18:25 - 2018-10-22 18:25 - 000111884 _____ C:\Users\Ivika\Downloads\202.pdf
2018-10-22 17:11 - 2018-10-22 17:13 - 038723938 _____ C:\Users\Ivika\Downloads\Finanční management VUT.zip
2018-10-15 13:05 - 2018-10-15 13:15 - 000000000 ____D C:\Users\Ivika\AppData\Local\AVG
2018-10-15 13:05 - 2018-10-15 13:15 - 000000000 ____D C:\Program Files (x86)\AVG
2018-10-15 13:03 - 2018-10-15 13:03 - 000000000 ____D C:\windows\System32\Tasks\AVG
2018-10-15 13:02 - 2018-10-15 13:02 - 000000000 ____D C:\Program Files\Common Files\AVG
2018-10-15 13:01 - 2018-10-15 13:15 - 000000000 ____D C:\ProgramData\AVG
2018-10-15 12:44 - 2018-10-15 12:44 - 000001949 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-10-15 12:44 - 2018-10-15 12:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2018-10-15 12:43 - 2018-10-22 21:45 - 000004168 _____ C:\windows\System32\Tasks\Avast Emergency Update
2018-10-15 12:42 - 2018-10-15 12:42 - 001028840 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2018-10-15 12:42 - 2018-10-15 12:42 - 000467904 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2018-10-15 12:42 - 2018-10-15 12:42 - 000381144 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2018-10-15 12:42 - 2018-10-15 12:42 - 000378584 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2018-10-15 12:42 - 2018-10-15 12:42 - 000208640 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2018-10-15 12:42 - 2018-10-15 12:42 - 000201408 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2018-10-15 12:42 - 2018-10-15 12:42 - 000163376 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2018-10-15 12:42 - 2018-10-15 12:42 - 000111968 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2018-10-15 12:42 - 2018-10-15 12:42 - 000088112 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2018-10-15 12:42 - 2018-10-15 12:42 - 000047064 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2018-10-15 12:42 - 2018-10-15 12:42 - 000042456 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2018-10-15 12:42 - 2018-10-15 12:41 - 000346760 _____ (AVAST Software) C:\windows\system32\Drivers\aswbloga.sys
2018-10-15 12:42 - 2018-10-15 12:41 - 000230512 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdrivera.sys
2018-10-15 12:42 - 2018-10-15 12:41 - 000201928 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsha.sys
2018-10-15 12:42 - 2018-10-15 12:41 - 000185240 _____ (AVAST Software) C:\windows\system32\Drivers\aswHdsKe.sys
2018-10-15 12:42 - 2018-10-15 12:41 - 000059664 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniva.sys
2018-10-15 12:41 - 2018-10-15 12:41 - 000000000 ____D C:\Program Files\AVAST Software
2018-10-15 11:04 - 2018-10-15 11:04 - 000000000 ____D C:\Users\Ivika\AppData\Local\ESET
2018-10-04 23:43 - 2018-10-15 13:13 - 000000000 ____D C:\Users\Ivika\AppData\Local\CrashDumps
2018-10-04 23:36 - 2018-07-17 00:02 - 000563832 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2018-10-04 23:02 - 2018-10-04 23:02 - 000003870 _____ C:\windows\System32\Tasks\CCleaner Update
2018-10-04 23:02 - 2018-10-04 23:02 - 000002786 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2018-10-04 23:01 - 2018-10-04 23:02 - 000000000 ____D C:\Program Files\CCleaner
2018-10-04 23:01 - 2018-10-04 23:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-23 16:47 - 2017-11-01 20:20 - 000003594 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1245984182-2301009141-24012118-1002
2018-10-23 16:40 - 2017-11-05 22:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-10-23 16:40 - 2017-11-05 22:37 - 000000000 ____D C:\Program Files (x86)\Java
2018-10-23 16:38 - 2017-11-05 22:37 - 000098680 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2018-10-23 16:36 - 2017-11-08 12:23 - 000000000 ____D C:\Users\Ivika\AppData\Local\Adobe
2018-10-23 16:35 - 2017-11-08 12:24 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-10-23 15:55 - 2015-05-27 01:20 - 000739924 _____ C:\windows\system32\perfh005.dat
2018-10-23 15:55 - 2015-05-27 01:20 - 000151610 _____ C:\windows\system32\perfc005.dat
2018-10-23 15:55 - 2014-11-21 06:44 - 001745984 _____ C:\windows\system32\PerfStringBackup.INI
2018-10-23 15:55 - 2013-08-22 15:36 - 000000000 ____D C:\windows\Inf
2018-10-23 11:01 - 2013-08-22 16:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-10-22 22:40 - 2015-05-27 01:51 - 000065536 _____ C:\windows\system32\spu_storage.bin
2018-10-22 22:40 - 2013-08-22 15:25 - 000262144 ___SH C:\windows\system32\config\BBI
2018-10-22 22:10 - 2013-08-22 17:36 - 000000000 ____D C:\windows\system32\NDF
2018-10-19 16:39 - 2017-11-01 20:14 - 000000000 ____D C:\Users\Ivika
2018-10-19 14:31 - 2018-02-20 19:27 - 000003830 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1519147633
2018-10-19 14:31 - 2018-02-20 19:27 - 000001032 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2018-10-19 14:31 - 2018-02-20 19:26 - 000000000 ____D C:\Program Files\Opera
2018-10-17 19:54 - 2017-11-01 20:56 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-16 18:32 - 2018-09-19 16:42 - 000000000 ____D C:\Users\Ivika\Desktop\Zimní semestr
2018-10-15 13:27 - 2015-05-27 01:49 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-15 13:26 - 2017-11-01 21:24 - 000000000 ____D C:\ProgramData\AVAST Software
2018-10-04 23:11 - 2013-08-22 16:44 - 000435048 _____ C:\windows\system32\FNTCACHE.DAT
2018-10-04 23:03 - 2018-07-08 19:04 - 000000000 ____D C:\windows\Minidump
2018-10-04 23:03 - 2014-12-10 03:49 - 000000000 ____D C:\windows\Panther
2018-10-04 22:39 - 2017-11-08 12:31 - 000000000 ____D C:\Users\Ivika\AppData\Roaming\vlc
2018-09-25 19:58 - 2018-02-20 13:05 - 000000000 ____D C:\Users\Ivika\Desktop\Škola
2018-09-25 11:48 - 2017-11-01 20:15 - 000000000 ____D C:\Users\Ivika\AppData\Local\Packages
2018-09-24 20:13 - 2018-01-18 18:37 - 000000000 ____D C:\Users\Ivika\AppData\Roaming\dvdcss

==================== Files in the root of some directories =======

2017-11-01 20:14 - 2018-10-15 13:45 - 001037192 _____ () C:\Users\Ivika\AppData\Local\BTServer.log

Some files in TEMP:
====================
2018-10-04 23:17 - 2018-10-04 23:17 - 001906040 _____ (Oracle Corporation) C:\Users\Ivika\AppData\Local\Temp\jre-8u181-windows-au.exe
2018-10-23 16:37 - 2018-10-23 16:37 - 001892728 _____ (Oracle Corporation) C:\Users\Ivika\AppData\Local\Temp\jre-8u191-windows-au.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-15 12:56

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by Ivika (23-10-2018 16:51:45)
Running from C:\Users\Ivika\Desktop
Windows 8.1 (Update) (X64) (2017-11-01 18:14:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1245984182-2301009141-24012118-500 - Administrator - Disabled)
Guest (S-1-5-21-1245984182-2301009141-24012118-501 - Limited - Disabled)
Ivika (S-1-5-21-1245984182-2301009141-24012118-1002 - Administrator - Enabled) => C:\Users\Ivika

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACP Application (HKLM\...\{196F5F17-137D-DB3E-28FC-6847252A83E3}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F91A288E-425B-414B-0721-A89D220DF50D}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ARIS Express (HKLM-x32\...\{1252F398-5142-4D81-AD31-8B0204C26E8C}) (Version: 1.00 - Your Company Name)
ARIS EXPRESS (HKLM-x32\...\{49ABE0DF-5BC9-40E8-8996-7A2938BFB5C2}) (Version: 2.4 - Software AG)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG2900 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2900_series) (Version: 1.01 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Farm Frenzy 4 (HKLM-x32\...\Farm Frenzy 4) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.67 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.44.3 - ELAN Microelectronic Corp.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.8625.2121 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1245984182-2301009141-24012118-1002\...\OneDriveSetup.exe) (Version: 18.162.0812.0001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{1D464EFF-EC8B-F225-2F74-F74143200DDF}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2121 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2121 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
Opera Stable 56.0.3051.52 (HKLM-x32\...\Opera 56.0.3051.52) (Version: 56.0.3051.52 - Opera Software)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.806.012214 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39058 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.20.243 - REALTEK Semiconductor Corp.)
STORMWARE POHODA Start CZ (HKLM-x32\...\{933F6AB3-06F2-4656-B18A-6B92CBCB405F}) (Version: 11804.13 - STORMWARE)
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: - )
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-15] (AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-15] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-15] (AVAST Software)
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-01-06] (Realtek Semiconductor Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-15] (AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-07-17] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-15] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {35956DD5-83D6-4521-A137-EAABF33FFD7B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-11-08] ()
Task: {40D34221-3435-426B-8374-8B272EBB56D8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-10-15] (AVAST Software)
Task: {46C1BCA6-C152-4B0D-8D45-3C2C8390CFCE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-31] (Microsoft Corporation)
Task: {48B99E82-9A4B-4903-9A43-7282D58AFA84} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-07] (Piriform Ltd)
Task: {49C84ADC-1F49-4F75-B75C-181FA61FED8F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-01] (Google Inc.)
Task: {5C060305-F986-4EB0-93FB-18022E6510EB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {658225D2-56C8-484B-9ACD-0A9C6049A974} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-07] (Piriform Ltd)
Task: {68698D7B-2516-452C-AFE8-D5A31B954421} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-11-08] (Microsoft Corporation)
Task: {7AB7E1DD-E5E2-4663-A171-6BACEABA13FF} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
Task: {7B199A38-93DE-4824-ACF3-C30C5E238964} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-11-08] (Microsoft Corporation)
Task: {806710CC-6E0D-4116-8820-85A588A6B7A8} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-10-15] (AVG Technologies CZ, s.r.o.)
Task: {81B0CD31-632D-4199-980B-CD9FB4960EA8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-31] (Microsoft Corporation)
Task: {98805FB6-20AC-4142-AE8C-0611BE57544B} - System32\Tasks\Opera scheduled Autoupdate 1519147633 => C:\Program Files\Opera\launcher.exe [2018-10-17] (Opera Software)
Task: {9C7EAF2D-ABB0-4CE4-9C2E-BA1EC20350EB} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {9EAD68DA-448C-4356-BB1B-ED0363BC52A2} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
Task: {A3419D0B-E679-4675-BD1D-B1370C3F368C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {C58F190E-557A-4AD4-89AE-A80255079C0A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-09-15] (AVAST Software)
Task: {C733B0E3-1E0E-4C1B-AF29-40C35199FE16} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-11-08] (Microsoft Corporation)
Task: {F9D3D929-C2C2-40CB-903B-99B0644549DB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-11-08] ()
Task: {FE91F363-871A-4A63-91B3-F6B820502AB1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-01] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2014-07-17 17:54 - 2014-07-17 17:54 - 000127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-05-27 02:00 - 2014-01-22 23:04 - 000084992 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2015-05-27 01:57 - 2010-10-26 06:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2015-05-27 02:33 - 2014-07-10 02:19 - 000592880 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
2018-10-17 19:54 - 2018-10-16 02:01 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.67\libglesv2.dll
2018-10-17 19:54 - 2018-10-16 02:01 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.67\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2018-10-19 11:57 - 000000827 _____ C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1245984182-2301009141-24012118-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Ivika\Pictures\flowers.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "BtServer"
HKU\S-1-5-21-1245984182-2301009141-24012118-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{71F45A31-69AC-465D-95FC-0C1FFFE8C971}] => (Allow) LPort=55100
FirewallRules: [{84044A3F-85FE-4688-9780-E189C0563B6D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{AC5C5E3A-33E6-43C5-B1BB-19B4BCCDCED4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{508367FC-5A85-4D12-B8F1-A37F09F5DC12}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{2BDE4E37-EDB5-453C-BC41-9CF2F49DC935}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{2BB59F81-F1F0-4A93-A59A-68B328AD0A84}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{80294350-45FE-46BE-BD35-48A202F6B857}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{38E0E296-4262-4048-B46D-4520C18B386D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{6E7F79D7-1E5A-41E4-8500-B3AC2376230A}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{35990EA0-B1B6-47D8-8C7B-0B2A3AACA1E7}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{1B976A19-F678-44C3-9B0B-8F5C27560123}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{B7F5682B-D597-4319-BA7E-662B38C5BA02}] => (Allow) C:\Program Files\Opera\56.0.3051.43\opera.exe
FirewallRules: [{E95FD3AD-8A9B-40D4-8C16-05F0781C0849}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8A7DE922-8BB9-4219-96CC-D296090AC296}] => (Allow) C:\Program Files\Opera\56.0.3051.52\opera.exe

==================== Restore Points =========================

25-09-2018 10:40:32 Naplánovaný kontrolní bod
15-10-2018 12:28:19 Removed Adobe Acrobat Reader DC - Czech.
22-10-2018 19:37:25 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/23/2018 11:03:21 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program Avast Antivirus.

Program: Avast Antivirus
Soubor:

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: 00000000
Typ disku: 0

Error: (10/23/2018 11:03:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AvastUI.exe, verze: 18.7.4041.389, časové razítko: 0x5bc708e8
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.18233, časové razítko: 0x56bb4e1d
Kód výjimky: 0xc000012f
Posun chyby: 0x0009d3c2
ID chybujícího procesu: 0xdb8
Čas spuštění chybující aplikace: 0x01d46aaef4d41ac8
Cesta k chybující aplikaci: C:\Program Files\AVAST Software\Avast\AvastUI.exe
Cesta k chybujícímu modulu: C:\windows\SYSTEM32\ntdll.dll
ID zprávy: 7cf19233-d6a2-11e8-8331-c48e8fc82324
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/23/2018 11:02:16 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.

Error: (10/23/2018 11:02:15 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (10/22/2018 06:54:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files\microsoft office\root\Office16\odbc drivers\salesforce\lib\libcurl64.dlla\libcurl.dll se nezdařilo.
Závislé sestavení OpenSSL.DllA,processorArchitecture="*",type="x64",version="1.0.0.4" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/22/2018 04:54:58 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program Avast Antivirus.

Program: Avast Antivirus
Soubor:

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: 00000000
Typ disku: 0

Error: (10/22/2018 04:54:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AvastUI.exe, verze: 18.7.4041.389, časové razítko: 0x5bc708e8
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.18233, časové razítko: 0x56bb4e1d
Kód výjimky: 0xc000012f
Posun chyby: 0x0009d3c2
ID chybujícího procesu: 0xed8
Čas spuštění chybující aplikace: 0x01d46a1722ce2771
Cesta k chybující aplikaci: C:\Program Files\AVAST Software\Avast\AvastUI.exe
Cesta k chybujícímu modulu: C:\windows\SYSTEM32\ntdll.dll
ID zprávy: 71443a60-d60a-11e8-8330-c48e8fc82324
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/21/2018 02:56:03 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program Avast Antivirus.

Program: Avast Antivirus
Soubor:

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: 00000000
Typ disku: 0


System errors:
=============
Error: (10/23/2018 03:55:00 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/23/2018 03:54:29 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/22/2018 06:53:01 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/22/2018 06:52:31 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/22/2018 04:54:15 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
a APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
uživateli LENOVO\Ivika (SID: S-1-5-21-1245984182-2301009141-24012118-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/22/2018 04:54:15 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
a APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
uživateli LENOVO\Ivika (SID: S-1-5-21-1245984182-2301009141-24012118-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/21/2018 04:03:58 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/21/2018 04:03:28 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===================================

Date: 2018-02-21 10:49:53.745
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-21 10:49:53.495
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-21 10:49:53.230
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-21 10:49:52.980
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-21 10:49:52.714
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-21 10:49:52.464
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-21 10:49:52.198
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-21 10:49:51.917
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: AMD A10-7300 Radeon R6, 10 Compute Cores 4C+6G
Percentage of memory in use: 33%
Total physical RAM: 7098.61 MB
Available physical RAM: 4721.84 MB
Total Virtual: 8250.61 MB
Available Virtual: 5887.55 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:891.88 GB) (Free:791.46 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.65 GB) NTFS

\\?\Volume{0a54706e-4dce-40b5-a9c6-377d21e29e8b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.66 GB) NTFS
\\?\Volume{f7a9c377-a773-4125-91a5-71fe989eb13e}\ (PBR_DRV) (Fixed) (Total:12.3 GB) (Free:1.79 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: F87C5A8A)

Partition: GPT.

==================== End of Addition.txt ============================

Zdravím!
Jako první zkuste obnovu swystému k datu, kdy korketně fungoval.

Nemám tu vytvořené body k obnově, naposledy před pár dny, kdy jsem zkusil přeinstalovat Adobe Reader.

Tak to je smůla. Zkusíme PC vyčistit, myslím ale, že je to problém systému samotného. Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Nechtěl jsem to hned řešit reinstalací OS, ale zkusit něco jiného.

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-22.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-23-2018
# Duration: 00:00:02
# OS: Windows 8.1
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1246 octets] - [23/10/2018 18:04:20]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

OK. Pár možností můžeme zkusit. Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKU\S-1-5-21-1245984182-2301009141-24012118-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1245984182-2301009141-24012118-1002 -> DefaultScope {656E9B19-7D74-4835-9B7B-AFEC4378F272} URL =
SearchScopes: HKU\S-1-5-21-1245984182-2301009141-24012118-1002 -> {656E9B19-7D74-4835-9B7B-AFEC4378F272} URL =
U3 avgbdisk; no ImagePath
C:\Users\Ivika\AppData\Local\Temp
Task: {49C84ADC-1F49-4F75-B75C-181FA61FED8F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-01] (Google Inc.)
Task: {806710CC-6E0D-4116-8820-85A588A6B7A8} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-10-15] (AVG Technologies CZ, s.r.o.)
Task: {FE91F363-871A-4A63-91B3-F6B820502AB1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-01] (Google Inc.)

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte. Jde jen o zbytečnosti. V systému jsou zbytky po antivirech AVG a ESET, Proskenujte systémn těmito utilitami: https://www.stahuj.cz/utility_a_ostatni ... g-remover/ (nutno provést v nouz. režimu) a https://www.eset.com/cz/stahnout-nastroje/ .

Který z těch utilit ESETu mám použít?

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by Ivika (23-10-2018 19:29:30) Run:1
Running from C:\Users\Ivika\Desktop
Loaded Profiles: Ivika (Available Profiles: Ivika)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKU\S-1-5-21-1245984182-2301009141-24012118-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1245984182-2301009141-24012118-1002 -> DefaultScope {656E9B19-7D74-4835-9B7B-AFEC4378F272} URL =
SearchScopes: HKU\S-1-5-21-1245984182-2301009141-24012118-1002 -> {656E9B19-7D74-4835-9B7B-AFEC4378F272} URL =
U3 avgbdisk; no ImagePath
C:\Users\Ivika\AppData\Local\Temp
Task: {49C84ADC-1F49-4F75-B75C-181FA61FED8F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-01] (Google Inc.)
Task: {806710CC-6E0D-4116-8820-85A588A6B7A8} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-10-15] (AVG Technologies CZ, s.r.o.)
Task: {FE91F363-871A-4A63-91B3-F6B820502AB1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-01] (Google Inc.)

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKU\S-1-5-21-1245984182-2301009141-24012118-1002\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-1245984182-2301009141-24012118-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1245984182-2301009141-24012118-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{656E9B19-7D74-4835-9B7B-AFEC4378F272} => removed successfully
HKLM\Software\Classes\CLSID\{656E9B19-7D74-4835-9B7B-AFEC4378F272} => not found
HKLM\System\CurrentControlSet\Services\avgbdisk => removed successfully
avgbdisk => service removed successfully
C:\Users\Ivika\AppData\Local\Temp => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{49C84ADC-1F49-4F75-B75C-181FA61FED8F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49C84ADC-1F49-4F75-B75C-181FA61FED8F}" => removed successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{806710CC-6E0D-4116-8820-85A588A6B7A8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{806710CC-6E0D-4116-8820-85A588A6B7A8}" => removed successfully
C:\windows\System32\Tasks\AVG\Overseer => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG\Overseer" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE91F363-871A-4A63-91B3-F6B820502AB1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE91F363-871A-4A63-91B3-F6B820502AB1}" => removed successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12682911 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 6432236 B
Edge => 0 B
Chrome => 95131349 B
Firefox => 21451241 B
Opera => 392024 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 20778 B
NetworkService => 10398 B
Ivika => 791436 B

RecycleBin => 115099118 B
EmptyTemp: => 248.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:29:47 ====

ESET AV Remover tool. Jinak smazáno.

Děkuju za pomoc. Já se teda zítra dám do reinstalace. Mohl bych se ještě zeptat na nějaký software, který by mohl něco hledat při/před bootováním?

Jedině AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 by mohl něco najít. Já se osobně přikláním k chybě systému. Mohl byste zkusit opravu pomocí WindowsRepair: https://www.stahuj.cz/utility_a_ostatni ... ws-repair/ dříve, než se pustíte do reinstalu.