VIRY.CZ

Přítelkyně má skoro nový ntb a je strašně pomalý.
Poradíte v čem by mohl být problém?
Děkuji


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Ran by rocko (administrator) on LAPTOP-M82ANOOV (23-10-2018 17:15:58)
Running from C:\Users\rocko\Desktop
Loaded Profiles: rocko (Available Profiles: rocko)
Platform: Windows 10 Home Version 1709 16299.665 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124757.inf_amd64_b607c305e0c4e0a1\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124757.inf_amd64_b607c305e0c4e0a1\IntelCpHDCPSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124757.inf_amd64_b607c305e0c4e0a1\IntelCpHeciSvc.exe
(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124757.inf_amd64_b607c305e0c4e0a1\igfxEM.exe
(HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Users\rocko\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
() C:\Users\rocko\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9217024 2017-10-21] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4388440 2017-10-20] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-09-11] (AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [703312 2017-07-21] (HP Inc.)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324600 2017-04-25] (HP)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] ()
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4509184 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsInd00] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.)
HKU\S-1-5-21-1776356175-1583320735-2546202235-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\rocko\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-21-1776356175-1583320735-2546202235-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\rocko\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-1776356175-1583320735-2546202235-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{5f0ef9a9-b4e8-4205-bfeb-ddb8b3390ac8}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{5f0ef9a9-b4e8-4205-bfeb-ddb8b3390ac8}: [DhcpNameServer] 192.168.88.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-1776356175-1583320735-2546202235-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-1776356175-1583320735-2546202235-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {A9928CD5-2CC7-4400-93EE-F692AC3C9A94} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {A9928CD5-2CC7-4400-93EE-F692AC3C9A94} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1776356175-1583320735-2546202235-1001 -> {08114F66-3291-4017-83AF-579FB303FC83} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1776356175-1583320735-2546202235-1001 -> {2B3EC6EC-67BB-47B5-AA66-0C429A176243} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-1776356175-1583320735-2546202235-1001 -> {354E7062-000A-4ACE-8BCC-6B8108E85482} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1776356175-1583320735-2546202235-1001 -> {4BA3D330-FE69-46F4-9E0D-A11D06E564C6} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-1776356175-1583320735-2546202235-1001 -> {831794C5-F523-44B5-A53B-E0803082868B} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-1776356175-1583320735-2546202235-1001 -> {A9928CD5-2CC7-4400-93EE-F692AC3C9A94} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1776356175-1583320735-2546202235-1001 -> {CB8AB117-51F5-4C02-BC51-5CD8E83D8541} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1776356175-1583320735-2546202235-1001 -> {EB45AB19-C729-4C7D-B0A8-5A40127FA1D2} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1776356175-1583320735-2546202235-1001 -> {F2006142-306E-4A90-B999-F3364E2C93A8} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1776356175-1583320735-2546202235-1001 -> {F2111E19-B5B5-4A33-9E53-84F955F9A1C1} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-09-27] (HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-09-27] (HP Inc.)

FireFox:
========
FF DefaultProfile: 5vprnhg8.default
FF ProfilePath: C:\Users\rocko\AppData\Roaming\Mozilla\Firefox\Profiles\5vprnhg8.default [2018-10-23]
FF Homepage: Mozilla\Firefox\Profiles\5vprnhg8.default -> hxxps://www.google.com/
FF Extension: (Avast SafePrice) - C:\Users\rocko\AppData\Roaming\Mozilla\Firefox\Profiles\5vprnhg8.default\Extensions\sp@avast.com.xpi [2018-09-11]
FF Extension: (Avast Online Security) - C:\Users\rocko\AppData\Roaming\Mozilla\Firefox\Profiles\5vprnhg8.default\Extensions\wrc@avast.com.xpi [2018-10-09]
FF Extension: (Telemetry coverage) - C:\Users\rocko\AppData\Roaming\Mozilla\Firefox\Profiles\5vprnhg8.default\features\{19e447d9-f63d-4521-b8ec-cc9fa079897f}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-10] [Legacy]
FF Extension: (No Name) - C:\Users\rocko\AppData\Roaming\Mozilla\Firefox\Profiles\5vprnhg8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-09-11] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-09-11] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-09-11] (AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 esifsvc; C:\windows\system32\Intel\DPTF\esif_uf.exe [1701480 2017-09-13] (Intel Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1327400 2017-09-05] (HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [477184 2017-10-06] (HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc.)
R2 ibtsiva; C:\windows\system32\ibtsiva.exe [542392 2017-10-18] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-09-21] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-09-21] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-09-25] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265864 2018-03-19] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-10-21] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269912 2017-10-20] (Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-10-23] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-10-23] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848328 2018-03-19] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [199712 2018-09-11] (AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdrivera.sys [229384 2018-09-11] (AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsha.sys [201320 2018-09-11] (AVAST Software)
R0 aswblog; C:\windows\System32\drivers\aswbloga.sys [346664 2018-09-11] (AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniva.sys [59568 2018-09-11] (AVAST Software)
R0 aswElam; C:\windows\System32\drivers\aswElam.sys [15360 2018-09-11] (AVAST Software)
R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [249016 2018-09-11] (AVAST Software)
S3 aswHwid; C:\windows\System32\drivers\aswHwid.sys [46968 2018-09-11] (AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [163392 2018-09-13] (AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [111864 2018-09-11] (AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [87904 2018-09-11] (AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [1027720 2018-09-11] (AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [467320 2018-09-11] (AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [215920 2018-09-13] (AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [381560 2018-09-11] (AVAST Software)
R3 dptf_cpu; C:\windows\System32\drivers\dptf_cpu.sys [69560 2017-09-13] (Intel Corporation)
R3 esif_lf; C:\windows\system32\DRIVERS\esif_lf.sys [382392 2017-09-13] (Intel Corporation)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [199192 2018-05-11] (Intel Corporation)
R3 Netwtw04; C:\windows\System32\drivers\Netwtw04.sys [8623128 2018-04-04] (Intel Corporation)
R3 rt640x64; C:\windows\System32\drivers\rt640x64.sys [1009128 2017-08-25] (Realtek )
S3 RTSUER; C:\windows\system32\Drivers\RtsUer.sys [420832 2017-09-21] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\windows\System32\drivers\Smb_driver_AMDASF.sys [45144 2017-10-20] (Synaptics Incorporated)
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [46680 2017-10-20] (Synaptics Incorporated)
S3 WdBoot; C:\windows\system32\drivers\wd\WdBoot.sys [46184 2018-10-23] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\wd\WdFilter.sys [328696 2018-10-23] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [60408 2018-10-23] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\windows\system32\DRIVERS\WirelessButtonDriver64.sys [34960 2018-02-02] (HP)
U1 aswbdisk; no ImagePath
S3 H2OFFT; \SystemRoot\System32\drivers\H2OFFT64.sys [X]
S1 SABKUTIL; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys [X]
S3 SABProcEnum; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-23 17:15 - 2018-10-23 17:16 - 000016648 _____ C:\Users\rocko\Desktop\FRST.txt
2018-10-23 17:15 - 2018-10-23 17:15 - 000000000 ____D C:\FRST
2018-10-23 17:13 - 2018-10-23 17:13 - 002414592 _____ (Farbar) C:\Users\rocko\Desktop\FRST64.exe
2018-10-23 16:51 - 2018-10-23 16:51 - 000000000 ___HD C:\OneDriveTemp
2018-10-23 16:47 - 2018-10-23 16:48 - 000000000 ___HD C:\$WINDOWS.~BT
2018-10-23 16:39 - 2018-10-02 21:57 - 000835152 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2018-10-23 16:39 - 2018-10-02 21:57 - 000179792 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-10-23 16:31 - 2018-10-23 16:41 - 000000000 ____D C:\windows\system32\Drivers\wd
2018-10-23 16:24 - 2018-10-23 16:21 - 000559880 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2018-10-23 16:23 - 2018-10-23 16:23 - 000000000 ____D C:\Users\rocko\AppData\Local\DBG
2018-10-22 16:20 - 2018-10-22 16:20 - 000697970 _____ C:\Users\rocko\Documents\LP-Hradent- Ročková Martina.pdf
2018-10-19 13:59 - 2018-10-19 13:59 - 000471660 _____ C:\Users\rocko\Documents\new-document.pdf
2018-10-18 19:28 - 2018-10-18 19:28 - 000316599 _____ C:\Users\rocko\Documents\kriticke-stavy-v-porodnictvi-08122018-prvni-informace.pdf
2018-10-15 20:17 - 2018-10-15 20:17 - 000000000 ____D C:\Users\rocko\AppData\Roaming\SuperAdBlocker.com
2018-10-15 20:15 - 2018-10-15 20:15 - 000000000 ____D C:\windows\SysWOW64\URTTemp
2018-10-15 20:15 - 2018-10-15 20:15 - 000000000 ____D C:\Program Files (x86)\SuperAdBlocker.com
2018-10-15 20:11 - 2018-10-15 20:11 - 016936128 _____ C:\Users\rocko\Downloads\SuperAdBlocker.exe
2018-10-04 19:29 - 2018-10-04 19:33 - 000000000 ____D C:\Users\rocko\Documents\Knížky
2018-10-01 17:03 - 2018-10-01 17:04 - 059355909 _____ C:\Users\rocko\Documents\Úvod k péči PA o ženu s patologickým a rizikovým těhotenstvím.pdf
2018-09-25 17:53 - 2018-09-25 18:16 - 000000000 ____D C:\Users\rocko\Documents\Doporučené postupy
2018-09-24 15:52 - 2018-10-15 16:59 - 000000000 ____D C:\Users\rocko\Documents\UPCE
2018-09-24 14:57 - 2018-09-24 14:57 - 000001012 _____ C:\Users\rocko\Desktop\Původní znění s titulky – zástupce.lnk
2018-09-24 14:57 - 2018-09-24 14:57 - 000000899 _____ C:\Users\rocko\Desktop\Mentalista – zástupce.lnk
2018-09-24 14:57 - 2018-09-24 14:57 - 000000888 _____ C:\Users\rocko\Desktop\House M.D – zástupce.lnk
2018-09-23 17:39 - 2018-09-23 17:39 - 000002139 _____ C:\Users\Public\Desktop\Brother Utilities.lnk
2018-09-23 17:39 - 2018-09-23 17:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2018-09-23 17:38 - 2018-09-23 17:38 - 000000000 ____D C:\Program Files (x86)\BrownyInd
2018-09-23 17:38 - 2018-09-23 17:38 - 000000000 ____D C:\Program Files (x86)\Browny02
2018-09-23 17:38 - 2018-09-23 17:38 - 000000000 ____D C:\Program Files (x86)\Brother
2018-09-23 17:38 - 2018-09-23 17:38 - 000000000 ____D C:\Brother
2018-09-23 17:38 - 2015-08-28 03:59 - 000180224 _____ (Brother Industries, Ltd.) C:\windows\SysWOW64\BROSNMP.DLL
2018-09-23 17:38 - 2015-08-28 03:59 - 000113744 _____ (Brother Industries Ltd) C:\windows\SysWOW64\BRRBTOOL.EXE
2018-09-23 17:38 - 2015-08-28 03:59 - 000077824 _____ (Brother Industries, Ltd.) C:\windows\SysWOW64\BRLMW03A.DLL
2018-09-23 17:38 - 2015-08-28 03:59 - 000045056 _____ C:\windows\SysWOW64\BRTCPCON.DLL
2018-09-23 17:38 - 2015-08-28 03:59 - 000025299 _____ (Brother Industries, Ltd) C:\windows\SysWOW64\BRLM03A.DLL
2018-09-23 17:38 - 2015-08-28 03:59 - 000000114 _____ C:\windows\SysWOW64\BRLMW03A.INI
2018-09-23 17:38 - 2015-08-28 03:59 - 000000050 _____ C:\windows\system32\BRADM12A.DAT
2018-09-23 17:38 - 2015-08-27 18:01 - 000226816 _____ (Brother Industries, Ltd.) C:\windows\system32\BRCOM12A.DLL
2018-09-23 17:37 - 2018-09-23 17:39 - 000000000 ____D C:\ProgramData\Brother
2018-09-23 17:34 - 2018-09-23 17:36 - 038725032 _____ (A.I.SOFT,INC.) C:\Users\rocko\Desktop\HL-1110-inst-B1-EU.EXE

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-23 17:14 - 2018-09-11 15:10 - 000000000 ____D C:\Users\rocko\AppData\LocalLow\Mozilla
2018-10-23 16:59 - 2017-09-29 15:46 - 000000000 ____D C:\windows\DeliveryOptimization
2018-10-23 16:58 - 2017-10-06 02:33 - 000000000 ____D C:\windows\Panther
2018-10-23 16:56 - 2017-09-29 15:44 - 000000000 ____D C:\windows\INF
2018-10-23 16:55 - 2018-09-11 16:18 - 000000000 ____D C:\Users\rocko\AppData\Roaming\Seznam.cz
2018-10-23 16:54 - 2018-09-11 15:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-23 16:53 - 2018-09-11 15:10 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-10-23 16:53 - 2018-09-11 15:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-10-23 16:52 - 2018-09-11 15:34 - 000000000 ____D C:\Users\rocko\AppData\Local\AVAST Software
2018-10-23 16:52 - 2017-09-29 15:46 - 000000000 ____D C:\windows\AppReadiness
2018-10-23 16:51 - 2018-09-11 15:05 - 000000000 __RDL C:\Users\rocko\OneDrive
2018-10-23 16:49 - 2018-09-11 15:01 - 000000000 ___RD C:\Users\rocko\3D Objects
2018-10-23 16:49 - 2017-10-06 01:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-23 16:48 - 2018-09-11 15:01 - 000000000 __SHD C:\Users\rocko\IntelGraphicsProfiles
2018-10-23 16:44 - 2017-11-13 14:34 - 000929470 _____ C:\windows\system32\perfh005.dat
2018-10-23 16:44 - 2017-11-13 14:34 - 000210432 _____ C:\windows\system32\perfc005.dat
2018-10-23 16:44 - 2017-10-06 01:40 - 002217334 _____ C:\windows\system32\PerfStringBackup.INI
2018-10-23 16:38 - 2018-02-08 00:54 - 000000000 ____D C:\Program Files (x86)\McAfee
2018-10-23 16:37 - 2017-10-06 01:37 - 000308752 _____ C:\windows\system32\FNTCACHE.DAT
2018-10-23 16:36 - 2017-10-06 01:37 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-10-23 16:35 - 2017-09-29 10:45 - 000524288 _____ C:\windows\system32\config\BBI
2018-10-23 16:32 - 2017-09-29 16:42 - 000000000 ____D C:\windows\OCR
2018-10-23 16:32 - 2017-09-29 15:46 - 000000000 ___SD C:\windows\SysWOW64\F12
2018-10-23 16:32 - 2017-09-29 15:46 - 000000000 ___SD C:\windows\SysWOW64\DiagSvcs
2018-10-23 16:32 - 2017-09-29 15:46 - 000000000 ___SD C:\windows\system32\F12
2018-10-23 16:32 - 2017-09-29 15:46 - 000000000 ___SD C:\windows\system32\DiagSvcs
2018-10-23 16:32 - 2017-09-29 15:46 - 000000000 ____D C:\windows\TextInput
2018-10-23 16:32 - 2017-09-29 15:46 - 000000000 ____D C:\windows\SysWOW64\Dism
2018-10-23 16:32 - 2017-09-29 15:46 - 000000000 ____D C:\windows\system32\WinBioPlugIns
2018-10-23 16:32 - 2017-09-29 15:46 - 000000000 ____D C:\windows\system32\oobe
2018-10-23 16:32 - 2017-09-29 15:46 - 000000000 ____D C:\windows\system32\appraiser
2018-10-23 16:32 - 2017-09-29 10:45 - 000000000 ____D C:\windows\system32\Dism
2018-10-23 16:31 - 2017-09-29 15:46 - 000000000 ___RD C:\windows\PrintDialog
2018-10-23 16:31 - 2017-09-29 15:46 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2018-10-23 16:31 - 2017-09-29 15:46 - 000000000 ___RD C:\Program Files\Windows Defender
2018-10-23 16:31 - 2017-09-29 15:46 - 000000000 ____D C:\windows\ShellExperiences
2018-10-23 16:31 - 2017-09-29 15:46 - 000000000 ____D C:\windows\bcastdvr
2018-10-23 16:31 - 2017-09-29 10:45 - 000000000 ____D C:\windows\servicing
2018-10-23 16:27 - 2018-02-08 00:54 - 000000000 ____D C:\windows\System32\Tasks\McAfee
2018-10-23 16:27 - 2017-09-29 15:46 - 000000000 ___HD C:\windows\ELAMBKUP
2018-10-23 16:27 - 2017-09-29 10:45 - 000032768 _____ C:\windows\system32\config\ELAM
2018-10-23 14:27 - 2018-09-11 17:00 - 000000000 ____D C:\Users\rocko\Documents\UPOL
2018-10-23 14:22 - 2017-10-06 01:37 - 000000000 ____D C:\windows\system32\SleepStudy
2018-10-23 13:53 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-23 13:49 - 2018-09-11 21:16 - 000004212 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{C61DE033-A69F-4915-9171-08EC58B19D54}
2018-10-22 21:39 - 2018-09-11 21:07 - 000000000 ____D C:\windows\System32\Tasks\AVAST Software
2018-10-22 21:39 - 2018-09-11 16:12 - 000003482 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2018-10-22 21:39 - 2018-09-11 15:07 - 000002860 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1776356175-1583320735-2546202235-1001
2018-10-22 21:39 - 2018-02-08 00:53 - 000002856 _____ C:\windows\System32\Tasks\HPJumpStartLaunch
2018-10-22 21:39 - 2018-02-08 00:39 - 000003118 _____ C:\windows\System32\Tasks\Intel PTT EK Recertification
2018-10-22 21:39 - 2017-11-13 05:52 - 000002440 _____ C:\windows\System32\Tasks\HPAudioSwitch
2018-10-22 21:39 - 2017-11-13 05:50 - 000002502 _____ C:\windows\System32\Tasks\HPEA3JOBS
2018-10-22 21:39 - 2017-10-06 01:38 - 000002770 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task v2
2018-10-22 17:11 - 2018-09-11 16:12 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-17 16:51 - 2018-09-11 15:05 - 000002398 _____ C:\Users\rocko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-15 21:28 - 2018-09-11 15:01 - 000000000 ____D C:\Users\rocko\AppData\Local\Packages
2018-10-14 22:38 - 2017-09-29 15:37 - 000000000 ____D C:\windows\CbsTemp
2018-10-11 23:12 - 2018-09-13 16:17 - 000000000 ____D C:\windows\system32\MRT
2018-10-11 22:48 - 2018-09-13 16:16 - 136745976 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-10-08 07:44 - 2018-09-11 15:31 - 000004264 _____ C:\windows\System32\Tasks\Avast Emergency Update
2018-10-07 14:32 - 2018-09-13 16:16 - 000000000 ____D C:\Program Files\rempl
2018-10-05 12:09 - 2018-09-16 08:14 - 000000000 ____D C:\Users\rocko\AppData\LocalLow\Adobe
2018-09-27 15:06 - 2018-09-13 16:16 - 000025440 _____ (Microsoft Corporation) C:\windows\SysWOW64\Luadgmgt.dll
2018-09-25 19:40 - 2018-09-11 21:14 - 000000000 ____D C:\KMPlayer
2018-09-23 17:38 - 2017-11-13 05:50 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

Some files in TEMP:
====================
2018-10-23 16:21 - 2018-07-16 15:26 - 000917608 _____ (McAfee, Inc.) C:\Users\rocko\AppData\Local\Temp\0000321540304477mcinst.exe
2018-10-16 13:36 - 2005-09-21 11:45 - 000143360 _____ (SuperAdBlocker.com) C:\Users\rocko\AppData\Local\Temp\SAUPDATE.EXE

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-18 20:21

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by rocko (23-10-2018 17:17:06)
Running from C:\Users\rocko\Desktop
Windows 10 Home Version 1709 16299.665 (X64) (2018-09-11 11:54:42)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1776356175-1583320735-2546202235-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1776356175-1583320735-2546202235-503 - Limited - Disabled)
Guest (S-1-5-21-1776356175-1583320735-2546202235-501 - Limited - Disabled)
rocko (S-1-5-21-1776356175-1583320735-2546202235-1001 - Administrator - Enabled) => C:\Users\rocko
WDAGUtilityAccount (S-1-5-21-1776356175-1583320735-2546202235-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{8c595286-0f9e-42de-a0d4-969aba282637}) (Version: 20.50.0 - Intel Corporation)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
HL-1110 series (HKLM-x32\...\{4F2442B7-A89E-42A4-8F0E-6937499855CA}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.9.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{3FC961DB-BD36-4D8D-B276-0C456A2BB638}) (Version: 1.4.0.441 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{F213102E-FD30-4E22-AF73-4C682D65FFEE}) (Version: 1.4.441.0 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}) (Version: 8.5.37.19 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{4E100CB6-9312-48BC-9DC0-4F4D5C338449}) (Version: 12.8.37.11 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{4B0A7A8A-ECE5-4639-9A0D-C535F354313D}) (Version: 1.4.26 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{2EC9AB64-3ACA-460D-B309-0A7052B0C8C0}) (Version: 1.1.21.1 - HP)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10205.4743 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4815 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.0.1014 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000010-0200-1029-84C8-B8D95FA3C8C3}) (Version: 20.10.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.15 - PandoraTV)
Microsoft OneDrive (HKU\S-1-5-21-1776356175-1583320735-2546202235-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Mozilla Firefox 63.0 (x64 cs) (HKLM\...\Mozilla Firefox 63.0 (x64 cs)) (Version: 63.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0 - Mozilla)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.21.811.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-1776356175-1583320735-2546202235-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{91684B6D-153D-4C12-B6B1-59F7496BE44A}) (Version: 2.50.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-11] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-11] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-11] (AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\System32\DriverStore\FileRepository\ki124757.inf_amd64_b607c305e0c4e0a1\igfxDTCM.dll [2017-10-14] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-11] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1AD78F03-7FB0-4E7B-8EE3-D4C7C6546BC6} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-09-11] (AVAST Software)
Task: {3504D9E5-35FC-4650-88EE-90984D4808BF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-27] (HP Inc.)
Task: {40176358-7D1F-45C0-A2F5-E931C88A317A} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [2017-10-06] (HP Inc.)
Task: {4D002AB0-2EF4-4C4F-AC3C-EEAAB115CE9C} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {56FE0194-9BFA-46D8-B927-93FAD06E2F42} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-09-27] (HP Inc.)
Task: {71EB1B7B-494F-46E9-9C27-5FA01310FB28} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-10-23] (AVAST Software)
Task: {75C5F7FA-7DEC-499D-9016-43D58024554E} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-09-27] (HP Inc.)
Task: {827C1A79-B8E5-47CD-A877-D0773CD7FD95} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [2017-02-02] (HP Inc.)
Task: {8BD7765B-82BB-44E0-8773-C376CEE894AF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {8FFD9CF3-2F5F-4542-80EE-5A586F8DCA29} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {B3C5D88A-A4E0-464D-9113-0F08E8FF3FA6} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot
Task: {DCC0B8B3-5F52-477E-9750-0FD4B1F9E432} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-09-21] (Intel(R) Corporation)
Task: {FEBC39D7-39D3-40E6-81DE-8D7FF60DB362} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\windows\SYSTEM32\inputhost.dll
2018-09-11 16:19 - 2017-11-13 16:46 - 000092368 _____ () C:\Users\rocko\AppData\Roaming\Seznam.cz\bin\11588libfoxloader-x64.dll
2018-09-16 09:10 - 2018-08-09 06:29 - 011044864 _____ () C:\windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-09-16 09:09 - 2018-08-09 06:23 - 001804288 _____ () C:\windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-23 13:52 - 2018-10-23 13:53 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-10-23 13:52 - 2018-10-23 13:53 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-09-11 16:19 - 2017-11-13 16:38 - 000506064 _____ () C:\Users\rocko\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2018-09-11 16:19 - 2017-02-08 13:39 - 000080576 _____ () C:\Users\rocko\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2018-09-11 15:31 - 2018-09-11 15:31 - 000703192 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2018-09-11 15:31 - 2018-09-11 15:31 - 000575704 _____ () c:\program files\avast software\avast\streamback.dll
2018-10-23 13:48 - 2018-10-23 13:48 - 005677712 _____ () c:\program files\avast software\avast\defs\18102300\algo.dll
2018-09-11 15:33 - 2018-09-11 15:33 - 000896216 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-09-11 15:31 - 2018-09-11 15:31 - 000541400 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-09-11 15:31 - 2018-09-11 15:31 - 000151768 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-09-11 15:31 - 2018-09-11 15:31 - 000986840 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-09-11 16:19 - 2017-11-13 16:49 - 000085200 _____ () C:\Users\rocko\AppData\Roaming\Seznam.cz\bin\11588libfoxloader.dll
2018-09-11 16:19 - 2018-02-21 11:36 - 000869584 _____ () C:\Users\rocko\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2018-09-11 15:34 - 2018-09-11 15:34 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-09-23 17:38 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2018-10-18 16:58 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1776356175-1583320735-2546202235-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HP Backgrounds\backgroundDefault.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6E0F08EC-EC12-47B4-BC06-84A684F43CF1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BC7D6235-0255-4A82-B238-1C5B874F3461}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{59190C45-5C85-461D-843F-B26F4FB3A23A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B87603D8-7266-42A1-9C9D-F4EC187625CE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{99053F64-3AD5-4E89-91E9-C7E0DB8BE6A7}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{18C86388-8992-41A2-8481-51B2FCAB5A15}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6EEA94F3-33EB-4D56-9A5F-48EBA28A6F81}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{12735CAD-9AB0-4FDA-8C25-CF158F05D677}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{66A9F502-CB71-4C64-9403-08DCFFE97AB0}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{C07A2CC4-9AF1-4232-ADF9-466B86C8D140}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe
FirewallRules: [{DD2AB6A0-1100-47A6-B9F3-F1A527379CFD}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe

==================== Restore Points =========================

02-10-2018 17:45:30 Naplánovaný kontrolní bod
07-10-2018 14:26:15 Windows Update
11-10-2018 22:46:58 Windows Update
15-10-2018 20:14:32 Installed Super Ad Blocker
17-10-2018 16:51:45 Removed Super Ad Blocker

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/23/2018 04:24:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 62.0.3.6848 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 8668

Čas spuštění: 01d46ad4b022fad1

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe

ID hlášení: bbf689ef-73c9-458e-92ba-88ff2846547f

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (10/23/2018 01:45:37 PM) (Source: HP Comm Recovery) (EventID: 0) (User: )
Description: Zpracování události PowerEvent se nezdařilo. Chyba, ke které došlo: System.IO.IOException: Proces nemůže přistupovat k souboru C:\Windows\Temp\signtool.exe, protože soubor je využíván jiným procesem.
v System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
v System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
v System.IO.FileStream..ctor(String path, FileMode mode)
v _HPCommRecovery.Tools.Signtool.ExtractSignTool()
v _HPCommRecovery.Tools.Signtool.Verify(String arg)
v _HPCommRecovery.HPAHAgent.CallAgent()
v _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath)
v _HPCommRecovery.HPAHLogger.NewSession()
v _HPCommRecovery.HPCommRecove....

Error: (10/22/2018 09:42:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16875

Error: (10/22/2018 09:42:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16875

Error: (10/22/2018 09:42:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/22/2018 09:29:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.16299.192, časové razítko: 0x7a3355c2
Název chybujícího modulu: ntdll.dll, verze: 10.0.16299.192, časové razítko: 0x6dead514
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000f87cb
ID chybujícího procesu: 0x5d98
Čas spuštění chybující aplikace: 0x01d46a39f7d30b13
Cesta k chybující aplikaci: C:\windows\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: C:\windows\SYSTEM32\ntdll.dll
ID zprávy: 250860c1-aab5-4a0f-915f-0b8976d70cdc
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/22/2018 09:03:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.16299.192, časové razítko: 0x7a3355c2
Název chybujícího modulu: ntdll.dll, verze: 10.0.16299.192, časové razítko: 0x6dead514
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000f87cb
ID chybujícího procesu: 0x7c14
Čas spuštění chybující aplikace: 0x01d46a33ff2b79f4
Cesta k chybující aplikaci: C:\windows\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: C:\windows\SYSTEM32\ntdll.dll
ID zprávy: 6ca203b7-fcd7-4e57-b596-68f8ec7d23da
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/22/2018 07:05:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname LAPTOP-M82ANOOV.local already in use; will try LAPTOP-M82ANOOV-2.local instead


System errors:
=============
Error: (10/23/2018 05:03:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/23/2018 05:00:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/23/2018 04:55:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
a APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/23/2018 04:55:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/23/2018 04:55:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
a APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/23/2018 04:55:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/23/2018 04:55:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
a APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/23/2018 04:55:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2018-10-23 16:37:46.755
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80004004
Popis chyby :Operace přerušena

Date: 2018-10-23 16:37:14.233
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007051a
Popis chyby: Označuje, že dvě úrovně revize nejsou slučitelné.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

CodeIntegrity:
===================================

Date: 2018-10-23 17:15:56.157
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-23 17:15:56.156
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-23 17:14:45.057
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-23 17:14:45.055
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-23 17:10:04.404
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-23 17:10:04.403
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-23 16:58:53.465
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-23 16:58:53.464
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 51%
Total physical RAM: 4012.91 MB
Available physical RAM: 1941.08 MB
Total Virtual: 6828.91 MB
Available Virtual: 4681.48 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:915.2 GB) (Free:473.23 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:15.08 GB) (Free:1.78 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{9731657f-787f-4ae3-a2c7-da8b91640aee}\ () (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32
\\?\Volume{0f90ae4f-59b2-4421-90e7-dedd02504ee7}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.54 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A71FDC9B)

Partition: GPT.

==================== End of Addition.txt ============================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

tady

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-22.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-23-2018
# Duration: 00:00:12
# OS: Windows 10 Home
# Cleaned: 4
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.slunecnice.cz
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\slunecnice.cz
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.slunecnice.cz
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\slunecnice.cz

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2134 octets] - [23/10/2018 20:27:53]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Ran by rocko (administrator) on LAPTOP-M82ANOOV (23-10-2018 21:09:53)
Running from C:\Users\rocko\Desktop
Loaded Profiles: rocko (Available Profiles: rocko)
Platform: Windows 10 Home Version 1709 16299.665 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124757.inf_amd64_b607c305e0c4e0a1\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124757.inf_amd64_b607c305e0c4e0a1\IntelCpHDCPSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124757.inf_amd64_b607c305e0c4e0a1\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124757.inf_amd64_b607c305e0c4e0a1\igfxEM.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Users\rocko\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
() C:\Users\rocko\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9217024 2017-10-21] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4388440 2017-10-20] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-09-11] (AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [703312 2017-07-21] (HP Inc.)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324600 2017-04-25] (HP)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] ()
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4509184 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsInd00] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.)
HKU\S-1-5-21-1776356175-1583320735-2546202235-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\rocko\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-21-1776356175-1583320735-2546202235-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\rocko\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-1776356175-1583320735-2546202235-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5f0ef9a9-b4e8-4205-bfeb-ddb8b3390ac8}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{5f0ef9a9-b4e8-4205-bfeb-ddb8b3390ac8}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-1776356175-1583320735-2546202235-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-1776356175-1583320735-2546202235-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {A9928CD5-2CC7-4400-93EE-F692AC3C9A94} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {A9928CD5-2CC7-4400-93EE-F692AC3C9A94} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1776356175-1583320735-2546202235-1001 -> {08114F66-3291-4017-83AF-579FB303FC83} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1776356175-1583320735-2546202235-1001 -> {2B3EC6EC-67BB-47B5-AA66-0C429A176243} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-1776356175-1583320735-2546202235-1001 -> {354E7062-000A-4ACE-8BCC-6B8108E85482} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1776356175-1583320735-2546202235-1001 -> {4BA3D330-FE69-46F4-9E0D-A11D06E564C6} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-1776356175-1583320735-2546202235-1001 -> {831794C5-F523-44B5-A53B-E0803082868B} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-1776356175-1583320735-2546202235-1001 -> {A9928CD5-2CC7-4400-93EE-F692AC3C9A94} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1776356175-1583320735-2546202235-1001 -> {CB8AB117-51F5-4C02-BC51-5CD8E83D8541} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1776356175-1583320735-2546202235-1001 -> {EB45AB19-C729-4C7D-B0A8-5A40127FA1D2} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1776356175-1583320735-2546202235-1001 -> {F2006142-306E-4A90-B999-F3364E2C93A8} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1776356175-1583320735-2546202235-1001 -> {F2111E19-B5B5-4A33-9E53-84F955F9A1C1} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-09-27] (HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-09-27] (HP Inc.)

FireFox:
========
FF DefaultProfile: 5vprnhg8.default
FF ProfilePath: C:\Users\rocko\AppData\Roaming\Mozilla\Firefox\Profiles\5vprnhg8.default [2018-10-23]
FF Homepage: Mozilla\Firefox\Profiles\5vprnhg8.default -> hxxps://www.google.com/
FF Extension: (Avast SafePrice) - C:\Users\rocko\AppData\Roaming\Mozilla\Firefox\Profiles\5vprnhg8.default\Extensions\sp@avast.com.xpi [2018-09-11]
FF Extension: (Avast Online Security) - C:\Users\rocko\AppData\Roaming\Mozilla\Firefox\Profiles\5vprnhg8.default\Extensions\wrc@avast.com.xpi [2018-09-11]
FF Extension: (Telemetry coverage) - C:\Users\rocko\AppData\Roaming\Mozilla\Firefox\Profiles\5vprnhg8.default\features\{19e447d9-f63d-4521-b8ec-cc9fa079897f}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-10] [Legacy]
FF Extension: (No Name) - C:\Users\rocko\AppData\Roaming\Mozilla\Firefox\Profiles\5vprnhg8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-09-11] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-09-11] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-09-11] (AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 esifsvc; C:\windows\system32\Intel\DPTF\esif_uf.exe [1701480 2017-09-13] (Intel Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1327400 2017-09-05] (HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [477184 2017-10-06] (HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc.)
R2 ibtsiva; C:\windows\system32\ibtsiva.exe [542392 2017-10-18] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-09-21] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-09-21] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-09-25] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265864 2018-03-19] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-10-21] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269912 2017-10-20] (Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-10-23] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-10-23] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848328 2018-03-19] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [201408 2018-10-23] (AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdrivera.sys [230512 2018-10-23] (AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsha.sys [201928 2018-10-23] (AVAST Software)
R0 aswblog; C:\windows\System32\drivers\aswbloga.sys [346760 2018-10-23] (AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniva.sys [59664 2018-10-23] (AVAST Software)
R0 aswElam; C:\windows\System32\drivers\aswElam.sys [15360 2018-09-11] (AVAST Software)
R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [185240 2018-10-23] (AVAST Software)
S3 aswHwid; C:\windows\System32\drivers\aswHwid.sys [47064 2018-10-23] (AVAST Software)
S1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42456 2018-10-23] (AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [163376 2018-10-23] (AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [111968 2018-10-23] (AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [88112 2018-10-23] (AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [1028840 2018-10-23] (AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [467904 2018-10-23] (AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [208640 2018-10-23] (AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [381144 2018-10-23] (AVAST Software)
R3 dptf_cpu; C:\windows\System32\drivers\dptf_cpu.sys [69560 2017-09-13] (Intel Corporation)
R3 esif_lf; C:\windows\system32\DRIVERS\esif_lf.sys [382392 2017-09-13] (Intel Corporation)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [199192 2018-05-11] (Intel Corporation)
R3 Netwtw04; C:\windows\System32\drivers\Netwtw04.sys [8623128 2018-04-04] (Intel Corporation)
R3 rt640x64; C:\windows\System32\drivers\rt640x64.sys [1009128 2017-08-25] (Realtek )
S3 RTSUER; C:\windows\system32\Drivers\RtsUer.sys [420832 2017-09-21] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\windows\System32\drivers\Smb_driver_AMDASF.sys [45144 2017-10-20] (Synaptics Incorporated)
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [46680 2017-10-20] (Synaptics Incorporated)
S3 WdBoot; C:\windows\system32\drivers\wd\WdBoot.sys [46184 2018-10-23] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\wd\WdFilter.sys [328696 2018-10-23] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [60408 2018-10-23] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\windows\system32\DRIVERS\WirelessButtonDriver64.sys [34960 2018-02-02] (HP)
U1 aswbdisk; no ImagePath
S3 H2OFFT; \SystemRoot\System32\drivers\H2OFFT64.sys [X]
S1 SABKUTIL; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys [X]
S3 SABProcEnum; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-23 20:36 - 2018-10-23 20:36 - 000378584 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2018-10-23 20:36 - 2018-10-23 20:35 - 000042456 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2018-10-23 20:26 - 2018-10-23 20:28 - 000000000 ____D C:\AdwCleaner
2018-10-23 20:15 - 2018-10-23 20:15 - 007592144 _____ (Malwarebytes) C:\Users\rocko\Desktop\adwcleaner_7.2.4.0.exe
2018-10-23 18:32 - 2018-10-23 18:32 - 000000000 ____D C:\ProgramData\Packages
2018-10-23 17:17 - 2018-10-23 17:17 - 000032373 _____ C:\Users\rocko\Desktop\Addition.txt
2018-10-23 17:15 - 2018-10-23 21:12 - 000016756 _____ C:\Users\rocko\Desktop\FRST.txt
2018-10-23 17:15 - 2018-10-23 21:09 - 000000000 ____D C:\FRST
2018-10-23 17:13 - 2018-10-23 17:13 - 002414592 _____ (Farbar) C:\Users\rocko\Desktop\FRST64.exe
2018-10-23 16:51 - 2018-10-23 16:51 - 000000000 ___HD C:\OneDriveTemp
2018-10-23 16:47 - 2018-10-23 16:48 - 000000000 ___HD C:\$WINDOWS.~BT
2018-10-23 16:39 - 2018-10-02 21:57 - 000835152 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2018-10-23 16:39 - 2018-10-02 21:57 - 000179792 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-10-23 16:31 - 2018-10-23 16:41 - 000000000 ____D C:\windows\system32\Drivers\wd
2018-10-23 16:24 - 2018-10-23 16:21 - 000559880 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2018-10-23 16:23 - 2018-10-23 16:23 - 000000000 ____D C:\Users\rocko\AppData\Local\DBG
2018-10-22 16:20 - 2018-10-22 16:20 - 000697970 _____ C:\Users\rocko\Documents\LP-Hradent- Ročková Martina.pdf
2018-10-19 13:59 - 2018-10-19 13:59 - 000471660 _____ C:\Users\rocko\Documents\new-document.pdf
2018-10-18 19:28 - 2018-10-18 19:28 - 000316599 _____ C:\Users\rocko\Documents\kriticke-stavy-v-porodnictvi-08122018-prvni-informace.pdf
2018-10-15 20:17 - 2018-10-15 20:17 - 000000000 ____D C:\Users\rocko\AppData\Roaming\SuperAdBlocker.com
2018-10-15 20:15 - 2018-10-15 20:15 - 000000000 ____D C:\windows\SysWOW64\URTTemp
2018-10-15 20:15 - 2018-10-15 20:15 - 000000000 ____D C:\Program Files (x86)\SuperAdBlocker.com
2018-10-15 20:11 - 2018-10-15 20:11 - 016936128 _____ C:\Users\rocko\Downloads\SuperAdBlocker.exe
2018-10-04 19:29 - 2018-10-04 19:33 - 000000000 ____D C:\Users\rocko\Documents\Knížky
2018-10-01 17:03 - 2018-10-01 17:04 - 059355909 _____ C:\Users\rocko\Documents\Úvod k péči PA o ženu s patologickým a rizikovým těhotenstvím.pdf
2018-09-25 17:53 - 2018-09-25 18:16 - 000000000 ____D C:\Users\rocko\Documents\Doporučené postupy
2018-09-24 15:52 - 2018-10-15 16:59 - 000000000 ____D C:\Users\rocko\Documents\UPCE
2018-09-24 14:57 - 2018-09-24 14:57 - 000001012 _____ C:\Users\rocko\Desktop\Původní znění s titulky – zástupce.lnk
2018-09-24 14:57 - 2018-09-24 14:57 - 000000899 _____ C:\Users\rocko\Desktop\Mentalista – zástupce.lnk
2018-09-24 14:57 - 2018-09-24 14:57 - 000000888 _____ C:\Users\rocko\Desktop\House M.D – zástupce.lnk
2018-09-23 17:39 - 2018-09-23 17:39 - 000002139 _____ C:\Users\Public\Desktop\Brother Utilities.lnk
2018-09-23 17:39 - 2018-09-23 17:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2018-09-23 17:38 - 2018-09-23 17:38 - 000000000 ____D C:\Program Files (x86)\BrownyInd
2018-09-23 17:38 - 2018-09-23 17:38 - 000000000 ____D C:\Program Files (x86)\Browny02
2018-09-23 17:38 - 2018-09-23 17:38 - 000000000 ____D C:\Program Files (x86)\Brother
2018-09-23 17:38 - 2018-09-23 17:38 - 000000000 ____D C:\Brother
2018-09-23 17:38 - 2015-08-28 03:59 - 000180224 _____ (Brother Industries, Ltd.) C:\windows\SysWOW64\BROSNMP.DLL
2018-09-23 17:38 - 2015-08-28 03:59 - 000113744 _____ (Brother Industries Ltd) C:\windows\SysWOW64\BRRBTOOL.EXE
2018-09-23 17:38 - 2015-08-28 03:59 - 000077824 _____ (Brother Industries, Ltd.) C:\windows\SysWOW64\BRLMW03A.DLL
2018-09-23 17:38 - 2015-08-28 03:59 - 000045056 _____ C:\windows\SysWOW64\BRTCPCON.DLL
2018-09-23 17:38 - 2015-08-28 03:59 - 000025299 _____ (Brother Industries, Ltd) C:\windows\SysWOW64\BRLM03A.DLL
2018-09-23 17:38 - 2015-08-28 03:59 - 000000114 _____ C:\windows\SysWOW64\BRLMW03A.INI
2018-09-23 17:38 - 2015-08-28 03:59 - 000000050 _____ C:\windows\system32\BRADM12A.DAT
2018-09-23 17:38 - 2015-08-27 18:01 - 000226816 _____ (Brother Industries, Ltd.) C:\windows\system32\BRCOM12A.DLL
2018-09-23 17:37 - 2018-09-23 17:39 - 000000000 ____D C:\ProgramData\Brother
2018-09-23 17:34 - 2018-09-23 17:36 - 038725032 _____ (A.I.SOFT,INC.) C:\Users\rocko\Desktop\HL-1110-inst-B1-EU.EXE

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-23 21:09 - 2018-09-11 15:10 - 000000000 ____D C:\Users\rocko\AppData\LocalLow\Mozilla
2018-10-23 20:38 - 2018-09-11 16:18 - 000000000 ____D C:\Users\rocko\AppData\Roaming\Seznam.cz
2018-10-23 20:38 - 2017-11-13 14:34 - 000945740 _____ C:\windows\system32\perfh005.dat
2018-10-23 20:38 - 2017-11-13 14:34 - 000215288 _____ C:\windows\system32\perfc005.dat
2018-10-23 20:38 - 2017-10-06 01:40 - 002249984 _____ C:\windows\system32\PerfStringBackup.INI
2018-10-23 20:37 - 2018-09-11 15:31 - 000003990 _____ C:\windows\System32\Tasks\Avast Emergency Update
2018-10-23 20:36 - 2018-09-11 15:31 - 000467904 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2018-10-23 20:36 - 2018-09-11 15:31 - 000381144 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2018-10-23 20:36 - 2018-09-11 15:31 - 000208640 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2018-10-23 20:36 - 2018-09-11 15:31 - 000201408 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2018-10-23 20:36 - 2018-09-11 15:31 - 000163376 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2018-10-23 20:36 - 2018-09-11 15:31 - 000111968 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2018-10-23 20:36 - 2018-09-11 15:31 - 000088112 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2018-10-23 20:36 - 2018-09-11 15:31 - 000047064 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2018-10-23 20:36 - 2017-09-29 15:46 - 000000000 ___HD C:\windows\ELAMBKUP
2018-10-23 20:35 - 2018-09-11 15:34 - 000000000 ____D C:\Users\rocko\AppData\Local\AVAST Software
2018-10-23 20:35 - 2018-09-11 15:31 - 001028840 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2018-10-23 20:35 - 2018-09-11 15:31 - 000346760 _____ (AVAST Software) C:\windows\system32\Drivers\aswbloga.sys
2018-10-23 20:35 - 2018-09-11 15:31 - 000230512 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdrivera.sys
2018-10-23 20:35 - 2018-09-11 15:31 - 000201928 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsha.sys
2018-10-23 20:35 - 2018-09-11 15:31 - 000185240 _____ (AVAST Software) C:\windows\system32\Drivers\aswHdsKe.sys
2018-10-23 20:35 - 2018-09-11 15:31 - 000059664 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniva.sys
2018-10-23 20:34 - 2018-09-11 15:05 - 000000000 __RDL C:\Users\rocko\OneDrive
2018-10-23 20:32 - 2018-09-11 15:01 - 000000000 __SHD C:\Users\rocko\IntelGraphicsProfiles
2018-10-23 20:30 - 2018-09-11 15:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-10-23 20:30 - 2018-09-11 15:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-23 20:30 - 2017-10-06 01:37 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-10-23 20:30 - 2017-09-29 10:45 - 000524288 _____ C:\windows\system32\config\BBI
2018-10-23 20:14 - 2018-09-11 21:16 - 000004212 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{C61DE033-A69F-4915-9171-08EC58B19D54}
2018-10-23 20:02 - 2017-10-06 01:37 - 000000000 ____D C:\windows\system32\SleepStudy
2018-10-23 17:58 - 2017-09-29 15:46 - 000000000 ____D C:\windows\rescache
2018-10-23 17:17 - 2017-09-29 15:44 - 000000000 ____D C:\windows\INF
2018-10-23 16:59 - 2017-09-29 15:46 - 000000000 ____D C:\windows\DeliveryOptimization
2018-10-23 16:58 - 2017-10-06 02:33 - 000000000 ____D C:\windows\Panther
2018-10-23 16:53 - 2018-09-11 15:10 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-10-23 16:52 - 2017-09-29 15:46 - 000000000 ____D C:\windows\AppReadiness
2018-10-23 16:49 - 2018-09-11 15:01 - 000000000 ___RD C:\Users\rocko\3D Objects
2018-10-23 16:49 - 2017-10-06 01:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-23 16:38 - 2018-02-08 00:54 - 000000000 ____D C:\Program Files (x86)\McAfee
2018-10-23 16:37 - 2017-10-06 01:37 - 000308752 _____ C:\windows\system32\FNTCACHE.DAT
2018-10-23 16:32 - 2017-09-29 16:42 - 000000000 ____D C:\windows\OCR
2018-10-23 16:32 - 2017-09-29 15:46 - 000000000 ___SD C:\windows\SysWOW64\F12
2018-10-23 16:32 - 2017-09-29 15:46 - 000000000 ___SD C:\windows\SysWOW64\DiagSvcs
2018-10-23 16:32 - 2017-09-29 15:46 - 000000000 ___SD C:\windows\system32\F12
2018-10-23 16:32 - 2017-09-29 15:46 - 000000000 ___SD C:\windows\system32\DiagSvcs
2018-10-23 16:32 - 2017-09-29 15:46 - 000000000 ____D C:\windows\TextInput
2018-10-23 16:32 - 2017-09-29 15:46 - 000000000 ____D C:\windows\SysWOW64\Dism
2018-10-23 16:32 - 2017-09-29 15:46 - 000000000 ____D C:\windows\system32\WinBioPlugIns
2018-10-23 16:32 - 2017-09-29 15:46 - 000000000 ____D C:\windows\system32\oobe
2018-10-23 16:32 - 2017-09-29 15:46 - 000000000 ____D C:\windows\system32\appraiser
2018-10-23 16:32 - 2017-09-29 10:45 - 000000000 ____D C:\windows\system32\Dism
2018-10-23 16:31 - 2017-09-29 15:46 - 000000000 ___RD C:\windows\PrintDialog
2018-10-23 16:31 - 2017-09-29 15:46 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2018-10-23 16:31 - 2017-09-29 15:46 - 000000000 ___RD C:\Program Files\Windows Defender
2018-10-23 16:31 - 2017-09-29 15:46 - 000000000 ____D C:\windows\ShellExperiences
2018-10-23 16:31 - 2017-09-29 15:46 - 000000000 ____D C:\windows\bcastdvr
2018-10-23 16:31 - 2017-09-29 10:45 - 000000000 ____D C:\windows\servicing
2018-10-23 16:27 - 2018-02-08 00:54 - 000000000 ____D C:\windows\System32\Tasks\McAfee
2018-10-23 16:27 - 2017-09-29 10:45 - 000032768 _____ C:\windows\system32\config\ELAM
2018-10-23 14:27 - 2018-09-11 17:00 - 000000000 ____D C:\Users\rocko\Documents\UPOL
2018-10-23 13:53 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-22 21:39 - 2018-09-11 21:07 - 000000000 ____D C:\windows\System32\Tasks\AVAST Software
2018-10-22 21:39 - 2018-09-11 16:12 - 000003482 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2018-10-22 21:39 - 2018-09-11 15:07 - 000002860 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1776356175-1583320735-2546202235-1001
2018-10-22 21:39 - 2018-02-08 00:53 - 000002856 _____ C:\windows\System32\Tasks\HPJumpStartLaunch
2018-10-22 21:39 - 2018-02-08 00:39 - 000003118 _____ C:\windows\System32\Tasks\Intel PTT EK Recertification
2018-10-22 21:39 - 2017-11-13 05:52 - 000002440 _____ C:\windows\System32\Tasks\HPAudioSwitch
2018-10-22 21:39 - 2017-11-13 05:50 - 000002502 _____ C:\windows\System32\Tasks\HPEA3JOBS
2018-10-22 21:39 - 2017-10-06 01:38 - 000002770 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task v2
2018-10-22 17:11 - 2018-09-11 16:12 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-17 16:51 - 2018-09-11 15:05 - 000002398 _____ C:\Users\rocko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-15 21:28 - 2018-09-11 15:01 - 000000000 ____D C:\Users\rocko\AppData\Local\Packages
2018-10-14 22:38 - 2017-09-29 15:37 - 000000000 ____D C:\windows\CbsTemp
2018-10-11 23:12 - 2018-09-13 16:17 - 000000000 ____D C:\windows\system32\MRT
2018-10-11 22:48 - 2018-09-13 16:16 - 136745976 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-10-07 14:32 - 2018-09-13 16:16 - 000000000 ____D C:\Program Files\rempl
2018-10-05 12:09 - 2018-09-16 08:14 - 000000000 ____D C:\Users\rocko\AppData\LocalLow\Adobe
2018-09-27 15:06 - 2018-09-13 16:16 - 000025440 _____ (Microsoft Corporation) C:\windows\SysWOW64\Luadgmgt.dll
2018-09-25 19:40 - 2018-09-11 21:14 - 000000000 ____D C:\KMPlayer
2018-09-23 17:38 - 2017-11-13 05:50 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

Some files in TEMP:
====================
2018-10-16 13:36 - 2005-09-21 11:45 - 000143360 _____ (SuperAdBlocker.com) C:\Users\rocko\AppData\Local\Temp\SAUPDATE.EXE

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-18 20:21

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by rocko (23-10-2018 21:13:49)
Running from C:\Users\rocko\Desktop
Windows 10 Home Version 1709 16299.665 (X64) (2018-09-11 11:54:42)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1776356175-1583320735-2546202235-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1776356175-1583320735-2546202235-503 - Limited - Disabled)
Guest (S-1-5-21-1776356175-1583320735-2546202235-501 - Limited - Disabled)
rocko (S-1-5-21-1776356175-1583320735-2546202235-1001 - Administrator - Enabled) => C:\Users\rocko
WDAGUtilityAccount (S-1-5-21-1776356175-1583320735-2546202235-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{8c595286-0f9e-42de-a0d4-969aba282637}) (Version: 20.50.0 - Intel Corporation)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
HL-1110 series (HKLM-x32\...\{4F2442B7-A89E-42A4-8F0E-6937499855CA}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.9.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{3FC961DB-BD36-4D8D-B276-0C456A2BB638}) (Version: 1.4.0.441 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{F213102E-FD30-4E22-AF73-4C682D65FFEE}) (Version: 1.4.441.0 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}) (Version: 8.5.37.19 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{4E100CB6-9312-48BC-9DC0-4F4D5C338449}) (Version: 12.8.37.11 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{4B0A7A8A-ECE5-4639-9A0D-C535F354313D}) (Version: 1.4.26 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{2EC9AB64-3ACA-460D-B309-0A7052B0C8C0}) (Version: 1.1.21.1 - HP)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10205.4743 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4815 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.0.1014 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000010-0200-1029-84C8-B8D95FA3C8C3}) (Version: 20.10.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.15 - PandoraTV)
Microsoft OneDrive (HKU\S-1-5-21-1776356175-1583320735-2546202235-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Mozilla Firefox 63.0 (x64 cs) (HKLM\...\Mozilla Firefox 63.0 (x64 cs)) (Version: 63.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0 - Mozilla)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.21.811.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-1776356175-1583320735-2546202235-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{91684B6D-153D-4C12-B6B1-59F7496BE44A}) (Version: 2.50.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-11] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-11] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-11] (AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\System32\DriverStore\FileRepository\ki124757.inf_amd64_b607c305e0c4e0a1\igfxDTCM.dll [2017-10-14] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-09-11] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {3504D9E5-35FC-4650-88EE-90984D4808BF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-27] (HP Inc.)
Task: {40176358-7D1F-45C0-A2F5-E931C88A317A} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [2017-10-06] (HP Inc.)
Task: {4D002AB0-2EF4-4C4F-AC3C-EEAAB115CE9C} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {56FE0194-9BFA-46D8-B927-93FAD06E2F42} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-09-27] (HP Inc.)
Task: {5F002245-DD92-4DDD-BBDC-FA00BC8BAA30} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-10-23] (AVAST Software)
Task: {71EB1B7B-494F-46E9-9C27-5FA01310FB28} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-10-23] (AVAST Software)
Task: {75C5F7FA-7DEC-499D-9016-43D58024554E} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-09-27] (HP Inc.)
Task: {827C1A79-B8E5-47CD-A877-D0773CD7FD95} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [2017-02-02] (HP Inc.)
Task: {8BD7765B-82BB-44E0-8773-C376CEE894AF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {8FFD9CF3-2F5F-4542-80EE-5A586F8DCA29} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {B3C5D88A-A4E0-464D-9113-0F08E8FF3FA6} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot
Task: {DCC0B8B3-5F52-477E-9750-0FD4B1F9E432} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-09-21] (Intel(R) Corporation)
Task: {FEBC39D7-39D3-40E6-81DE-8D7FF60DB362} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\windows\SYSTEM32\inputhost.dll
2018-09-11 16:19 - 2017-11-13 16:46 - 000092368 _____ () C:\Users\rocko\AppData\Roaming\Seznam.cz\bin\11588libfoxloader-x64.dll
2018-09-16 09:10 - 2018-08-09 06:29 - 011044864 _____ () C:\windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-09-16 09:09 - 2018-08-09 06:23 - 001804288 _____ () C:\windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-23 13:52 - 2018-10-23 13:53 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-09-11 16:19 - 2017-11-13 16:38 - 000506064 _____ () C:\Users\rocko\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2018-09-11 16:19 - 2017-02-08 13:39 - 000080576 _____ () C:\Users\rocko\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2018-09-16 09:09 - 2018-08-09 07:50 - 003657632 _____ () C:\windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2018-09-16 09:08 - 2018-08-09 07:51 - 002471720 _____ () C:\windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2018-09-11 16:19 - 2017-11-13 16:49 - 000085200 _____ () C:\Users\rocko\AppData\Roaming\Seznam.cz\bin\11588libfoxloader.dll
2018-09-11 16:19 - 2018-02-21 11:36 - 000869584 _____ () C:\Users\rocko\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2018-09-23 17:38 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2018-09-11 15:34 - 2018-09-11 15:34 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-09-11 15:31 - 2018-09-11 15:31 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2018-10-18 16:58 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1776356175-1583320735-2546202235-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HP Backgrounds\backgroundDefault.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6E0F08EC-EC12-47B4-BC06-84A684F43CF1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BC7D6235-0255-4A82-B238-1C5B874F3461}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{59190C45-5C85-461D-843F-B26F4FB3A23A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B87603D8-7266-42A1-9C9D-F4EC187625CE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{99053F64-3AD5-4E89-91E9-C7E0DB8BE6A7}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{18C86388-8992-41A2-8481-51B2FCAB5A15}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6EEA94F3-33EB-4D56-9A5F-48EBA28A6F81}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{12735CAD-9AB0-4FDA-8C25-CF158F05D677}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{66A9F502-CB71-4C64-9403-08DCFFE97AB0}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{C07A2CC4-9AF1-4232-ADF9-466B86C8D140}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe
FirewallRules: [{DD2AB6A0-1100-47A6-B9F3-F1A527379CFD}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe
FirewallRules: [{AE286C28-A581-4AE5-96DA-03AAA08F0034}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{CFD77113-96EF-4CA6-AFB2-5EA47575FAF8}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

==================== Restore Points =========================

11-10-2018 22:46:58 Windows Update
15-10-2018 20:14:32 Installed Super Ad Blocker
17-10-2018 16:51:45 Removed Super Ad Blocker
23-10-2018 20:10:43 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/23/2018 08:31:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ZeroConfigService.exe, verze: 20.50.0.0, časové razítko: 0x5ab0a4ca
Název chybujícího modulu: ntdll.dll, verze: 10.0.16299.665, časové razítko: 0x2e74e364
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004a6ab
ID chybujícího procesu: 0xe6c
Čas spuštění chybující aplikace: 0x01d46afe917b1a5c
Cesta k chybující aplikaci: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
Cesta k chybujícímu modulu: C:\windows\SYSTEM32\ntdll.dll
ID zprávy: ddf26715-ea2b-4e62-bd3b-b95826a6c838
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/23/2018 06:06:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16922

Error: (10/23/2018 06:06:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16922

Error: (10/23/2018 06:06:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/23/2018 04:24:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 62.0.3.6848 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 8668

Čas spuštění: 01d46ad4b022fad1

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe

ID hlášení: bbf689ef-73c9-458e-92ba-88ff2846547f

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (10/23/2018 01:45:37 PM) (Source: HP Comm Recovery) (EventID: 0) (User: )
Description: Zpracování události PowerEvent se nezdařilo. Chyba, ke které došlo: System.IO.IOException: Proces nemůže přistupovat k souboru C:\Windows\Temp\signtool.exe, protože soubor je využíván jiným procesem.
v System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
v System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
v System.IO.FileStream..ctor(String path, FileMode mode)
v _HPCommRecovery.Tools.Signtool.ExtractSignTool()
v _HPCommRecovery.Tools.Signtool.Verify(String arg)
v _HPCommRecovery.HPAHAgent.CallAgent()
v _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath)
v _HPCommRecovery.HPAHLogger.NewSession()
v _HPCommRecovery.HPCommRecove....

Error: (10/22/2018 09:42:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16875

Error: (10/22/2018 09:42:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16875


System errors:
=============
Error: (10/23/2018 08:46:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/23/2018 08:41:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/23/2018 08:40:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Zero Configuration Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/23/2018 08:31:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/23/2018 08:31:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/23/2018 08:31:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/23/2018 08:31:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/23/2018 08:31:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2018-10-23 16:37:46.755
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80004004
Popis chyby :Operace přerušena

Date: 2018-10-23 16:37:14.233
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007051a
Popis chyby: Označuje, že dvě úrovně revize nejsou slučitelné.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

CodeIntegrity:
===================================

Date: 2018-10-23 20:39:24.261
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-23 20:39:24.258
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-23 20:39:19.992
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-23 20:39:19.988
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-23 20:39:09.563
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-23 20:39:09.561
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-23 20:37:43.587
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-10-23 20:37:43.580
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 53%
Total physical RAM: 4012.91 MB
Available physical RAM: 1878.54 MB
Total Virtual: 6828.91 MB
Available Virtual: 4444.21 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:915.2 GB) (Free:465.82 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:15.08 GB) (Free:1.78 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{9731657f-787f-4ae3-a2c7-da8b91640aee}\ () (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32
\\?\Volume{0f90ae4f-59b2-4421-90e7-dedd02504ee7}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.54 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A71FDC9B)

Partition: GPT.

==================== End of Addition.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
U1 aswbdisk; no ImagePath
C:\Users\rocko\AppData\Local\Temp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{59190C45-5C85-461D-843F-B26F4FB3A23A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B87603D8-7266-42A1-9C9D-F4EC187625CE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Bonjour

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by rocko (23-10-2018 22:09:49) Run:1
Running from C:\Users\rocko\Desktop
Loaded Profiles: rocko (Available Profiles: rocko)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
U1 aswbdisk; no ImagePath
C:\Users\rocko\AppData\Local\Temp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{59190C45-5C85-461D-843F-B26F4FB3A23A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B87603D8-7266-42A1-9C9D-F4EC187625CE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Bonjour

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
C:\Users\rocko\AppData\Local\Temp => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{59190C45-5C85-461D-843F-B26F4FB3A23A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B87603D8-7266-42A1-9C9D-F4EC187625CE}" => removed successfully
C:\Program Files (x86)\Bonjour => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 38118606 B
Java, Flash, Steam htmlcache => 735 B
Windows/system/drivers => 3620744 B
Edge => 595373 B
Chrome => 0 B
Firefox => 153829014 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 1053815 B
systemprofile32 => 0 B
LocalService => 219655 B
NetworkService => 8222 B
rocko => 7005934 B

RecycleBin => 643 B
EmptyTemp: => 203.8 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 23-10-2018 22:14:09)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected

==== End of Fixlog 22:14:09 ====

Smazáno. Nastala nějaká změna?

Možná trochu. Stále je to ale pomalé. Powepoint se spouští 10sec...

Zkuste defragmentovat disk.