VIRY.CZ

Dobrý den, prosím o pomoc s notebookem
Z ničeho nic se nedá ve většině aplikaci vůbec psát, používat backspace a pod... píše to u některých kláves naprosto jiné znaky, a při mazání přes Backspace to naopak přidává nějaký znak který se samostatně nedá ani označit.. Klávesnice jako taková je OK, dělá to i když se přihlásím vzdáleně z jiného PC.

Dekuji Lubos
LOG z combofixu
ComboFix 19-11-04.01 - Alena 22.02.2020 19:58:16.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4044.606 [GMT 1:00]
Spuštěný z: c:\users\Alena\Downloads\ComboFix.exe
AV: ESET Security *Disabled/Updated* {885D845F-AF19-0124-FECE-FFF49D00F440}
SP: ESET Security *Disabled/Updated* {333C65BB-8923-0EAA-C47E-C486E687BEFD}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Alena\AppData\Local\Microsoft\Windows\Temporary Internet Files\{00B1DF56-3F3C-4472-8F47-5ADBBA562864}.xps
c:\users\Alena\AppData\Roaming\Adobe\nircmd.exe
c:\users\Alena\AppData\Roaming\Adobe\rar.exe
c:\users\Alena\AppData\Roaming\Adobe\ssleay32.dll
c:\users\Alena\AppData\Roaming\Adobe\zlib1.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2020-01-22 do 2020-02-22 )))))))))))))))))))))))))))))))
.
.
2020-02-22 19:06 . 2020-02-22 19:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2020-02-22 18:55 . 2020-02-22 18:55 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0D60AA7A-9A6F-4076-AE1C-86F41EB89D07}\offreg.4884.dll
2020-02-22 08:40 . 2020-02-22 08:40 2048 ----a-w- c:\windows\SysWow64\winver.exe
2020-02-22 08:40 . 2020-02-22 08:40 833024 ----a-w- c:\windows\SysWow64\user32.dll
2020-02-22 08:40 . 2020-02-22 08:40 410624 ----a-w- c:\windows\SysWow64\systemcpl.dll
2020-02-22 08:40 . 2020-02-22 08:40 1536 ----a-w- c:\windows\SysWow64\sppcomapi.dll
2020-02-22 08:40 . 2020-02-22 08:40 113543 ----a-w- c:\windows\SysWow64\slmgr.vbs
2020-02-18 18:24 . 2020-02-20 04:39 -------- d-----w- c:\program files\Mozilla Firefox
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2017-07-06 . 34BA256FBF83457F9D5E51A56DB54542 . 1009152 . . [6.1.7601.23403] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.23594_none_2b915fa59d5abee0\user32.dll
[7] 2017-07-06 . A1FCBB7AFAB5CA0ED9E61ED047412941 . 1009152 . . [6.1.7601.23403] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.23403_none_2bf1acc19d12ace9\user32.dll
[7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[-] 2010-11-19 . E573BD9AB55C8E333C202B9E255F972E . 1008640 . . [6.1.7601.23403] .. c:\windows\system32\user32.dll
.
[-] 2020-02-22 . 2C9CC9F492CA596B1B9FC1AE5E916356 . 833024 . . [6.1.7601.23403] .. c:\windows\SysWOW64\user32.dll
[7] 2017-07-06 . 3CB074875AC88A7C1010A2A7F9881A8C . 833024 . . [6.1.7601.23403] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.23594_none_35e609f7d1bb80db\user32.dll
[7] 2017-07-06 . 43A63F0C3F3EE760D10F98EEBAE07CB2 . 833024 . . [6.1.7601.23403] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.23403_none_36465713d1736ee4\user32.dll
[7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-01-21 19:11 1728216 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-01-21 19:11 1728216 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-01-21 19:11 1728216 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Photosmart 5510d series (NET)"="c:\program files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]
"CCleaner Smart Cleaning"="c:\program files\CCleaner\CCleaner64.exe" [2019-03-11 22488952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-04-29 284440]
"Nero BackItUp"="c:\program files (x86)\Nero\Nero 2018\Nero BackItup\BackItUp.exe" [2017-09-12 1164664]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AnyDesk.lnk - c:\program files (x86)\AnyDesk\AnyDesk.exe --control [2018-8-12 2065096]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-6-16 1333024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 amdhub3;AMD USB 3.0 Hub;c:\windows\system32\drivers\amdhub3.sys;c:\windows\SYSNATIVE\drivers\amdhub3.sys [x]
R3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\drivers\amdhub30.sys;c:\windows\SYSNATIVE\drivers\amdhub30.sys [x]
R3 amdhub31;AMD USB3.1 Hub Service;c:\windows\system32\drivers\amdhub31.sys;c:\windows\SYSNATIVE\drivers\amdhub31.sys [x]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys;c:\windows\SYSNATIVE\drivers\amdxhc.sys [x]
R3 amdxhc31;AMD XHCI Service;c:\windows\system32\drivers\amdxhc31.sys;c:\windows\SYSNATIVE\drivers\amdxhc31.sys [x]
R3 amdxhci;AMD USB3 Host Controller Driver;c:\windows\system32\drivers\amdxhci.sys;c:\windows\SYSNATIVE\drivers\amdxhci.sys [x]
R3 asmthub3;ASMedia USB3.1 Hub Service;c:\windows\system32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x]
R3 asmtxhci;ASMedia XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\System32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
R3 EtronSTOR;Etron Enhance USB BOT/UASP Mass Storage Driver;c:\windows\System32\Drivers\EtronSTOR.sys;c:\windows\SYSNATIVE\Drivers\EtronSTOR.sys [x]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\System32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\drivers\FLxHCIc.sys;c:\windows\SYSNATIVE\drivers\FLxHCIc.sys [x]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\drivers\FLxHCIh.sys;c:\windows\SYSNATIVE\drivers\FLxHCIh.sys [x]
R3 GoogleChromeElevationService;Google Chrome Elevation Service;c:\program files (x86)\Google\Chrome\Application\80.0.3987.116\elevation_service.exe;c:\program files (x86)\Google\Chrome\Application\80.0.3987.116\elevation_service.exe [x]
R3 IaNVMe;IaNVMe;c:\windows\system32\drivers\IaNVMe.sys;c:\windows\SYSNATIVE\drivers\IaNVMe.sys [x]
R3 IaRNVMe;IaRNVMe;c:\windows\system32\drivers\IaRNVMe.sys;c:\windows\SYSNATIVE\drivers\IaRNVMe.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 nvme;nvme;c:\windows\system32\drivers\nvme.sys;c:\windows\SYSNATIVE\drivers\nvme.sys [x]
R3 ocznvme;ocznvme;c:\windows\system32\drivers\ocznvme.sys;c:\windows\SYSNATIVE\drivers\ocznvme.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 ptun0901;TAP Adapter V9 for Private Tunnel;c:\windows\system32\DRIVERS\ptun0901.sys;c:\windows\SYSNATIVE\DRIVERS\ptun0901.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);c:\windows\system32\drivers\rusb3hub.sys;c:\windows\SYSNATIVE\drivers\rusb3hub.sys [x]
R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);c:\windows\system32\drivers\rusb3xhc.sys;c:\windows\SYSNATIVE\drivers\rusb3xhc.sys [x]
R3 stornvme;stornvme;c:\windows\system32\drivers\stornvme.sys;c:\windows\SYSNATIVE\drivers\stornvme.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys;c:\windows\SYSNATIVE\drivers\tihub3.sys [x]
R3 tilfilter;TI xHCI Lower Filter Driver Service;c:\windows\system32\drivers\TIxHCIlfilter.sys;c:\windows\SYSNATIVE\drivers\TIxHCIlfilter.sys [x]
R3 tiufilter;TI xHCI Upper Filter Driver Service;c:\windows\system32\drivers\TIxHCIufilter.sys;c:\windows\SYSNATIVE\drivers\TIxHCIufilter.sys [x]
R3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys;c:\windows\SYSNATIVE\drivers\tixhci.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\drivers\ViaHub3.sys;c:\windows\SYSNATIVE\drivers\ViaHub3.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WiaRpc;Události načítání snímků;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\drivers\xhcdrv.sys;c:\windows\SYSNATIVE\drivers\xhcdrv.sys [x]
S0 IaNVMeF;IaNVMeF;c:\windows\system32\drivers\IaNVMeF.sys;c:\windows\SYSNATIVE\drivers\IaNVMeF.sys [x]
S0 IaRNVMeF;IaRNVMeF;c:\windows\system32\drivers\IaRNVMeF.sys;c:\windows\SYSNATIVE\drivers\IaRNVMeF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 nvmeF;nvmeF;c:\windows\system32\drivers\nvmeF.sys;c:\windows\SYSNATIVE\drivers\nvmeF.sys [x]
S0 ocztrimfilter;SSD Device Filter;c:\windows\system32\drivers\ocztrimfilter.sys;c:\windows\SYSNATIVE\drivers\ocztrimfilter.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S2 AnyDesk;AnyDesk Service;c:\program files (x86)\AnyDesk\AnyDesk.exe;c:\program files (x86)\AnyDesk\AnyDesk.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Security\ekrn.exe;c:\program files\ESET\ESET Security\ekrn.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NeroBackItUpBackgroundService2018;Nero BackItUp Background Service 2018;c:\program files (x86)\Nero\Nero 2018\Nero BackItUp\NBService.exe;c:\program files (x86)\Nero\Nero 2018\Nero BackItUp\NBService.exe [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 btwampfl;btwampfl;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys;c:\windows\SYSNATIVE\DRIVERS\btwdpan.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
WiaRpc
.
.
Obsah adresáře 'Naplánované úlohy'
.
2020-02-22 c:\windows\Tasks\HP Photo Creations Messager.job
- c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-01-23 07:05 2333400 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-01-23 07:05 2333400 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-01-23 07:05 2333400 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2015-06-01 183216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2015-06-01 411056]
"Persistence"="c:\windows\system32\igfxpers.exe" [2015-06-01 453552]
"egui"="c:\program files\ESET\ESET Security\ecmdS.exe" [2019-12-13 180736]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
WiaRpc
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do Microsoft Excelu - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Od&eslat do OneNotu - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: eset.com\help
TCP: DhcpNameServer = 89.31.163.3 89.31.160.5 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\wcpr7y58.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2020-02-22 20:08:36
ComboFix-quarantined-files.txt 2020-02-22 19:08
.
Před spuštěním: Volných bajtů: 418 052 194 304
Po spuštění: Volných bajtů: 417 773 301 760
.
- - End Of File - - 3DC9350FCAFABEB3745DB775C150B42C

Zdravím!
Proč používáte jako laik ComboFix, profesionální utilitu? Můžete si tak snadno poškodit systém.

Log vypdá OK. Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Dobry vecer, omlouvam se, temer ve vsech forech jsem rpave cetl spuste combofix a vlozte log.. tak jsem to udelal taktez. Priste budu postupovat jinak.

Stahl a spustil jsem AdwCleaner 8.0.2 log z nej je zde:

# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-02-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-22-2020
# Duration: 00:00:03
# OS: Windows 7 Home Premium
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1413 octets] - [22/02/2020 21:12:53]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

To sice ano, jenomže je třeba nejdříve PC prověřit utilitou, která sama nemaže. Jinak by mohlo být smazáno něco, co byste mohl potřebovat, případně byste nemusel nastartovat Windows. CF používáme už zřídka, na Win 8.1 a 10 již nefunguje. Teď dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .

prikladam..

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-02-2020
Ran by Alena (22-02-2020 22:16:47)
Running from C:\Users\Alena\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2017-11-05 01:23:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-704579801-1156903197-1247863334-500 - Administrator - Disabled)
Alena (S-1-5-21-704579801-1156903197-1247863334-1000 - Administrator - Enabled) => C:\Users\Alena
Guest (S-1-5-21-704579801-1156903197-1247863334-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-704579801-1156903197-1247863334-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20034 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{70F55D70-7E5F-6291-4924-2F7640F19BFE}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 4.2.2 - philandro Software GmbH)
Bing Bar Platform (HKLM-x32\...\{623B8278-8CAD-45C1-B844-58B687C07805}) (Version: 6.3.2291.0 - Microsoft Corporation) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.86 - Broadcom Corporation)
Broadcom Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.1300 - Broadcom Corporation)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1300 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
ESET Security (HKLM\...\{F6EFF0FC-2E8F-4BA6-93BC-DEFD0AD5D8C6}) (Version: 12.2.31.0 - ESET, spol. s r.o.)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{B18BEB15-A9DA-43D7-BAE1-C6C67484C2C0}) (Version: 5.1.1 - Hewlett-Packard)
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.116 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
HP Photosmart 5510d series Nápověda (HKLM-x32\...\{E59ADA18-03DB-44F5-9EF5-0FA25E4D4384}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024 (HKLM-x32\...\{2ff11a2a-f7ac-4a6c-8cd4-c7bb974f3642}) (Version: 14.16.27024.1 - Microsoft Corporation)
Mozilla Firefox 73.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 73.0.1 (x64 cs)) (Version: 73.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla)
Music Recorder (HKLM-x32\...\{F3949798-3544-433B-B5AB-A61F32F0386F}) (Version: 18.001.2 - Nero AG) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nero 2018 (HKLM-x32\...\{5637174D-25C6-4815-93CD-AD18561D4E7C}) (Version: 19.0.07300 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 19.0.1003 - Nero AG)
Panel nástrojů Bing (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 6.3.2291.0 - Microsoft Corporation)
Prerequisite installer (HKLM-x32\...\{AD240F1A-3102-492E-B657-17969A9D5E9A}) (Version: 19.0.0003 - Nero AG) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
STORMWARE POHODA CZ Lite (HKLM-x32\...\{3974B9CE-28D5-45C5-8689-5B75AF742D99}) (Version: 12400.100 - STORMWARE)
Studie vylepšování produktu HP Photosmart 5510d series (HKLM\...\{08EF2E04-F94C-40C9-8583-CB7A2612E40B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
Základní software zařízení HP Photosmart 5510d series (HKLM\...\{6F2486E1-2778-4AF5-B67B-C1DD85FBA767}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-704579801-1156903197-1247863334-1000_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2017-11-05 03:29 - 2011-04-30 00:28 - 000059904 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2018-07-30 20:29 - 2018-07-30 20:29 - 000172544 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1ff16ac37628198308fb2b7d60c73591\IsdiInterop.ni.dll
2018-07-30 20:29 - 2018-07-30 20:29 - 000014336 _____ (Intel Corp.) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\7c2e7c40c23be46e2a939ecd323251a5\IAStorCommon.ni.dll
2017-11-05 03:29 - 2011-04-30 00:28 - 000007168 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorDataMgr.resources.dll
2017-11-05 03:29 - 2011-04-30 00:28 - 000032768 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorIcon.resources.dll
2017-11-05 03:29 - 2011-04-30 00:28 - 000004608 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IntelVisualDesign.resources.dll
2017-11-05 03:29 - 2011-04-30 00:28 - 000184320 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUIHelper.dll
2017-11-05 03:29 - 2011-04-30 00:28 - 001318912 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IntelVisualDesign.dll
2017-11-05 03:29 - 2011-04-30 00:19 - 000278528 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI.dll
2018-07-30 20:29 - 2018-07-30 20:29 - 000225792 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\a4329089c7860e9a6f39ecbde412f8b3\IAStorDataMgr.ni.dll
2018-07-30 20:29 - 2018-07-30 20:29 - 000492544 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\5cf1ecc4ee21500a416c1ff28a0f3702\IAStorUtil.ni.dll
2010-11-21 04:24 - 2010-11-19 22:27 - 000419840 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\systemcpl.dll
2010-11-21 04:24 - 2010-11-19 22:27 - 001008640 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\USER32.dll
2020-02-22 09:40 - 2020-02-22 09:40 - 000833024 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\USER32.dll
2017-11-05 02:31 - 2017-11-05 02:31 - 001605120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_8f16b0d88731ea9c\MFC80.DLL
2017-11-05 02:31 - 2017-11-05 02:31 - 001602560 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_8f16b0d88731ea9c\MFC80U.DLL
2017-11-05 02:35 - 2011-01-27 00:39 - 000160256 _____ (Realsil Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RsCRLib.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-02-22 09:37 - 2020-02-22 09:40 - 000000931 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\Program Files (x86)\AMD APP\bin\x86_64;c:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files\Broadcom\Broadcom 802.11\Driver;;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Broadcom\WHL\;C:\Program Files\Broadcom\WHL\syswow64;C:\Program Files\Broadcom\WHL\SysWow64\;C:\Program Files\Broadcom\WHL\SysWow64\syswow64;
HKU\S-1-5-21-704579801-1156903197-1247863334-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alena\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 89.31.163.3 - 89.31.160.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{68FCA56F-3D8D-407C-A47D-09AABD23241F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{12E68136-E6AE-4CA2-9C2D-6A2DF76F2D03}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E932E907-4389-4BFA-B4DB-DF44A28EE805}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E322E5DE-9742-4104-ACBB-2435561A92FA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1355F1D2-E43E-431A-9001-039F7A9779C5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{06C175B8-4046-415D-9B93-D6BD44DA758D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{25282E10-7D95-466B-AF66-8CB40EA89C90}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero Burning ROM\StartNBR.exe (Nero AG -> Nero AG)
FirewallRules: [{A4B2F798-EF1B-4A33-93DE-0E61AA465436}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero BackItup\BackItUp.exe (Nero AG -> Nero AG)
FirewallRules: [{EC35FDC4-B4A3-4784-AC75-03F0CAD3D357}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero BackItup\NBService.exe (Nero AG -> Nero AG)
FirewallRules: [{F52F0D08-A001-4DFF-89C5-C219B4764C9F}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero MediaHome\NMDllHost.exe (Nero AG -> Nero AG)
FirewallRules: [{6E767BF8-597A-4B2D-A512-B2B2B07C262F}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero MediaHome\MediaHome.exe (Nero AG -> Nero AG)
FirewallRules: [{C00CAEF8-333E-40C8-8D63-6A94F0087613}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero Burning ROM\nero.exe (Nero AG -> Nero AG)
FirewallRules: [TCP Query User{66749770-FC63-4F88-85D7-DA0281AA61E0}C:\program files (x86)\teamviewer\teamviewer.exe] => (Block) C:\program files (x86)\teamviewer\teamviewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [UDP Query User{3274152A-A524-483F-AA7C-0B0E406DE210}C:\program files (x86)\teamviewer\teamviewer.exe] => (Block) C:\program files (x86)\teamviewer\teamviewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{51227995-EA6E-4D45-B092-97B6EB3BC02A}] => (Allow) C:\Program Files\HP\HP Photosmart 5510d series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{D766F9BA-CA8A-47B0-8F89-5AD0AF9AAA31}] => (Allow) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{63D525F0-2A99-4F0C-ACF7-2199D253A20D}] => (Allow) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{2D173102-43C6-4927-8B32-EC5A784E37F3}] => (Allow) C:\Users\Alena\Downloads\AnyDesk.exe No File
FirewallRules: [{2D0FE348-7DF5-42DE-A0F0-98AC0B348B65}] => (Allow) C:\Users\Alena\Downloads\AnyDesk.exe No File
FirewallRules: [{DE1FD960-DF09-42EC-AB00-6D5AB1385724}] => (Allow) C:\Users\Alena\Downloads\AnyDesk.exe No File
FirewallRules: [{F8E26CA5-0900-4C53-A4F3-0390C35ACAB6}] => (Allow) C:\Users\Alena\Downloads\AnyDesk.exe No File
FirewallRules: [{CDFD686C-4D73-449B-8E39-4D41D1709661}] => (Allow) C:\Users\Alena\Desktop\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{ACEAF11A-5BC6-44C1-ADB7-769F8526A649}] => (Allow) C:\Users\Alena\Desktop\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{A48763FF-8929-499C-BC36-42364DF789CE}] => (Allow) C:\Users\Alena\Desktop\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{C1D35A89-1F43-4C88-B716-762B48236D28}] => (Allow) C:\Users\Alena\Desktop\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{C054E588-F0A3-46B3-81B5-CE63B3609F49}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{ECAA6A8E-D229-465E-A04C-022BE22F151A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1D5D3452-F351-4D51-BE69-3711088C97AA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AAF81374-DA71-4C43-B9EB-5788420C019D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BA25FD00-F855-47C2-A86D-FCFEBEC649DE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{65CCEFBA-2C31-42D6-9EFD-F58B590DB36A}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{56E1208B-9C19-4459-830B-259A368F47B6}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{41E42893-1814-4A14-B46B-D149A89391EF}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{1791B47F-6531-416F-B3D2-97B8A2777F6D}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{99C2C26A-2110-476B-B99E-F767DA8E22E1}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{715F7853-0499-43A7-94E9-E4B31E2D1C84}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )

==================== Restore Points =========================

13-12-2019 10:11:30 Naplánovaný kontrolní bod
30-12-2019 10:06:17 Naplánovaný kontrolní bod
01-01-2020 11:36:37 Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024
01-01-2020 11:38:04 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212
01-01-2020 11:42:02 Installed STORMWARE POHODA CZ.
05-02-2020 12:30:05 Naplánovaný kontrolní bod
22-02-2020 10:11:16 Naplánovaný kontrolní bod
22-02-2020 20:57:44 Operace obnovení

==================== Faulty Device Manager Devices ============

Name: Standardní grafický adaptér s rozlišením VGA
Description: Standardní grafický adaptér s rozlišením VGA
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní typy zobrazovacích jednotek)
Service: vga
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (02/22/2020 10:12:44 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\System32\systemcpl.dll se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (02/22/2020 09:16:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/22/2020 09:16:12 PM) (Source: Software Protection Platform Service) (EventID: 8211) (User: )
Description: Aktualizace tokenů licence a kódu Product Key Windows se nezdařila. Chyba: 0xC004F050

Error: (02/22/2020 09:16:12 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Instalace dokladu o zakoupení se nezdařila. 0xC004F050
Částečný klíč Pkey=XM76F
ACID=?
Podrobná chyba[?]

Error: (02/22/2020 09:15:55 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Instalace dokladu o zakoupení se nezdařila. 0xC004F015
Částečný klíč Pkey=Y8QH3
ACID=bfb30674-7c9a-4624-9309-9914cfd5b05c
Podrobná chyba[?]

Error: (02/22/2020 09:15:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AutoKMS.exe, verze: 2.5.2.0, časové razítko: 0x53c9a9a0
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.24387, časové razítko: 0x5c7f3ad8
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000000be0d
ID chybujícího procesu: 0x7b8
Čas spuštění chybující aplikace: 0x01d5e9bccbb11a2a
Cesta k chybující aplikaci: C:\Windows\AutoKMS\AutoKMS.exe
Cesta k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll
ID zprávy: 212787d7-55b0-11ea-97df-3859f9ecacbc

Error: (02/22/2020 09:15:55 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoKMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at Microsoft.Win32.TaskScheduler.V2Interop.IRegisteredTask.()
at Microsoft.Win32.TaskScheduler.Task.GetV2Definition(Microsoft.Win32.TaskScheduler.TaskService, Microsoft.Win32.TaskScheduler.V2Interop.IRegisteredTask, Boolean)
at Microsoft.Win32.TaskScheduler.Task.CreateTask(Microsoft.Win32.TaskScheduler.TaskService, Microsoft.Win32.TaskScheduler.V2Interop.IRegisteredTask, Boolean)
at .+.()
at ..(System.String)
at ..()
at ..()
at ..(.)
at ..(.)
at ..()

Error: (02/22/2020 09:15:27 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x00000000.


System errors:
=============
Error: (02/22/2020 09:16:35 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/22/2020 09:16:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/22/2020 09:15:42 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (02/22/2020 09:15:13 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (02/22/2020 09:15:10 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (02/22/2020 09:15:08 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (02/22/2020 09:14:22 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll

Error: (02/22/2020 09:14:22 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll


CodeIntegrity:
===================================

Date: 2020-02-22 21:15:07.650
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-02-22 21:01:09.040
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-02-22 20:07:51.026
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-02-22 20:05:33.621
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-02-22 20:05:33.565
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-02-22 20:04:07.223
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Alena\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-02-22 20:04:07.168
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Alena\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-02-22 20:04:07.061
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Alena\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Insyde F.66 01/24/2013
Motherboard: Hewlett-Packard 1670
Processor: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz
Percentage of memory in use: 68%
Total physical RAM: 4043.86 MB
Available physical RAM: 1272.42 MB
Total Virtual: 8085.89 MB
Available Virtual: 5057.66 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:465.76 GB) (Free:388.97 GB) NTFS ==>[drive with boot components (obtained from BCD)]


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0BFE946D)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
*****************************************************************************************************************
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-02-2020
Ran by Alena (administrator) on ALENA-PC (Hewlett-Packard HP Pavilion g6 Notebook PC) (22-02-2020 22:14:36)
Running from C:\Users\Alena\Desktop
Loaded Profiles: Alena (Available Profiles: Alena)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero 2018\Nero BackItUp\BackItUp.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero 2018\Nero BackItUp\NBService.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(philandro Software GmbH -> ) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(philandro Software GmbH -> ) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(philandro Software GmbH -> ) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realsil Microelectronics Inc.) [File not signed] C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [180736 2019-12-13] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-09] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [Nero BackItUp] => C:\Program Files (x86)\Nero\Nero 2018\Nero BackItup\BackItUp.exe [1164664 2017-09-12] (Nero AG -> Nero AG)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-704579801-1156903197-1247863334-1000\...\Run: [FlashPlayerManager] => C:\Users\Alena\AppData\Roaming\Adobe\nircmd.exe [43520 2012-10-29] (NirSoft) [File not signed] <==== ATTENTION
HKU\S-1-5-21-704579801-1156903197-1247863334-1000\...\Run: [HP Photosmart 5510d series (NET)] => C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-704579801-1156903197-1247863334-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.116\Installer\chrmstp.exe [2020-02-18] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2011-06-16] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll [2011-06-16] (Broadcom Corporation -> Broadcom Corporation.)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-01-30]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2017-11-05]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0503428F-3A4A-4E47-8C03-8D9C0442E236} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1822211A-CA75-4F19-96E1-C8AC7CE4B885} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16494464 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1E2CB8D1-9040-4D9E-876C-E503B05F11B6} - System32\Tasks\HPCustParticipation HP Photosmart 5510d series => C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {485BFEAB-14C9-4080-A5D8-70BEEB1BF37B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-03-17] (Google Inc -> Google Inc.)
Task: {531BBE60-5BAD-4445-A067-7994247EED7D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-03-17] (Google Inc -> Google Inc.)
Task: {5685FF03-9BF5-4694-B5DD-733AF944BB28} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {877D6486-875A-4C11-9C40-F06E8AA95A7F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {9400305E-BD3B-4E35-9484-15F019F75894} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {9A386727-6DBA-46B6-8BD3-DB58F0E87CBA} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [6885240 2017-08-10] (Nero AG -> Nero AG)
Task: {A526A6E8-2CF1-4D4B-B93B-A0E66C2AE7A9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {AEED35DF-A12B-4067-9E36-EDFB3D8C8C6A} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [153768 2011-02-15] (Visan Industries -> )
Task: {C8AC9204-324C-49B7-822B-7DBDC0C928C4} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [3738624 2019-05-15] () [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 89.31.163.3 89.31.160.5 192.168.1.1
Tcpip\..\Interfaces\{649C2960-9078-47D1-A15B-0ECE8BBE2D73}: [DhcpNameServer] 89.31.163.3 89.31.160.5 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-704579801-1156903197-1247863334-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll [2010-08-24] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll [2010-08-24] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: wcpr7y58.default
FF ProfilePath: C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\wcpr7y58.default [2020-02-22]
FF Homepage: Mozilla\Firefox\Profiles\wcpr7y58.default -> hxxp://seznam.cz/
FF NetworkProxy: Mozilla\Firefox\Profiles\wcpr7y58.default -> type", 0
FF Notifications: Mozilla\Firefox\Profiles\wcpr7y58.default -> hxxps://upcr.cz; hxxps://www.mesec.cz; hxxps://eshop.tescoma.cz; hxxps://www.astratex.cz; hxxps://www.facebook.com; hxxps://moneymag.cz; hxxps://www.fischer.cz; hxxps://businesscenter.podnikatel.cz; hxxps://www.podnikatel.cz
FF Extension: (No Name) - C:\Users\Alena\AppData\Roaming\Mozilla\Firefox\Profiles\wcpr7y58.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-02-12]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: (Search Helper Extension) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2017-11-12] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: (Default Manager) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2017-11-12] [Legacy] [not signed]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-02-04] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-02-22]

Chrome:
=======
CHR Profile: C:\Users\Alena\AppData\Local\Google\Chrome\User Data\Default [2020-02-22]
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Prezentace) - C:\Users\Alena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-17]
CHR Extension: (Dokumenty) - C:\Users\Alena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-17]
CHR Extension: (Disk Google) - C:\Users\Alena\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-17]
CHR Extension: (YouTube) - C:\Users\Alena\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-17]
CHR Extension: (Adobe Acrobat) - C:\Users\Alena\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-02-12]
CHR Extension: (Tabulky) - C:\Users\Alena\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Alena\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Alena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-26]
CHR Extension: (Gmail) - C:\Users\Alena\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-15]
CHR Extension: (Chrome Media Router) - C:\Users\Alena\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [2065096 2018-08-12] (philandro Software GmbH -> )
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2433232 2019-12-13] (ESET, spol. s r.o. -> ESET)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2372096 2011-02-18] (Realsil Microelectronics Inc.) [File not signed]
R2 NeroBackItUpBackgroundService2018; C:\Program Files (x86)\Nero\Nero 2018\Nero BackItUp\NBService.exe [287096 2017-09-12] (Nero AG -> Nero AG)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2017-07-06] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdhub3; C:\Windows\system32\drivers\amdhub3.sys [160936 2017-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc)
S3 amdhub30; C:\Windows\system32\drivers\amdhub30.sys [108768 2016-01-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdhub31; C:\Windows\system32\drivers\amdhub31.sys [141528 2016-02-26] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc.)
S3 amdxhc; C:\Windows\system32\drivers\amdxhc.sys [229088 2016-01-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdxhc31; C:\Windows\system32\drivers\amdxhc31.sys [440536 2016-02-26] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc.)
S3 amdxhci; C:\Windows\system32\drivers\amdxhci.sys [346792 2017-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-05-21] (Broadcom Corporation -> Broadcom Corporation.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149144 2019-08-01] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [189232 2019-08-01] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [113336 2019-08-01] (ESET, spol. s r.o. -> ESET)
S3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [65408 2014-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [39296 2014-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [94208 2014-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [87984 2017-06-13] (Fresco Logic Inc -> Fresco Logic)
S3 IaNVMe; C:\Windows\system32\drivers\IaNVMe.sys [125408 2017-05-23] (Intel(R) NVMe Windows Driver -> Intel Corporation)
R0 IaNVMeF; C:\Windows\System32\drivers\IaNVMeF.sys [35808 2017-05-23] (Intel(R) NVMe Windows Driver -> Intel Corporation)
S3 IaRNVMe; C:\Windows\system32\drivers\IaRNVMe.sys [592408 2016-01-22] (Intel(R) Rapid Storage Technology Enterprise -> Intel Corporation)
R0 IaRNVMeF; C:\Windows\System32\drivers\IaRNVMeF.sys [36888 2016-01-22] (Intel(R) Rapid Storage Technology Enterprise -> Intel Corporation)
S3 nvme; C:\Windows\system32\drivers\nvme.sys [83784 2015-12-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd)
R0 nvmeF; C:\Windows\System32\drivers\nvmeF.sys [30776 2015-12-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd)
S3 ocznvme; C:\Windows\system32\drivers\ocznvme.sys [99592 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
R0 ocztrimfilter; C:\Windows\System32\drivers\ocztrimfilter.sys [29064 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
S3 tilfilter; C:\Windows\system32\drivers\TIxHCIlfilter.sys [17672 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S3 tiufilter; C:\Windows\system32\drivers\TIxHCIufilter.sys [23304 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [221696 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [294912 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-22 22:14 - 2020-02-22 22:15 - 000021880 _____ C:\Users\Alena\Desktop\FRST.txt
2020-02-22 22:14 - 2020-02-22 22:15 - 000000000 ____D C:\FRST
2020-02-22 22:13 - 2020-02-22 22:13 - 002279424 _____ (Farbar) C:\Users\Alena\Desktop\FRST64.exe
2020-02-22 21:12 - 2020-02-22 21:12 - 000000000 ____D C:\AdwCleaner
2020-02-22 21:11 - 2020-02-22 21:11 - 008356016 _____ (Malwarebytes) C:\Users\Alena\Downloads\adwcleaner_8.0.2.exe
2020-02-22 21:08 - 2020-02-22 21:08 - 000165888 _____ C:\Users\Alena\Downloads\T-Cleaner (1).exe
2020-02-22 20:34 - 2020-02-22 20:34 - 000018210 _____ C:\Users\Alena\Desktop\combofix2.txt
2020-02-22 09:40 - 2020-02-22 09:40 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-02-22 09:40 - 2020-02-22 09:40 - 000410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2020-02-22 09:40 - 2020-02-22 09:40 - 000113543 _____ C:\Windows\SysWOW64\slmgr.vbs
2020-02-22 09:40 - 2020-02-22 09:40 - 000002048 _____ C:\Windows\SysWOW64\winver.exe
2020-02-22 09:40 - 2020-02-22 09:40 - 000001536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2020-02-21 11:54 - 2020-02-21 11:54 - 000301940 _____ C:\Users\Alena\Downloads\Výpisy zaúčtovaných transakcí(15).pdf
2020-02-21 11:35 - 2020-02-21 11:35 - 000260836 _____ C:\Users\Alena\Downloads\Aktuální zaúčtované transakce(10).pdf
2020-02-21 11:34 - 2020-02-21 11:34 - 000343703 _____ C:\Users\Alena\Downloads\Výpisy zaúčtovaných transakcí(14).pdf
2020-02-21 11:34 - 2020-02-21 11:34 - 000343703 _____ C:\Users\Alena\Downloads\Výpisy zaúčtovaných transakcí(13).pdf
2020-02-18 19:24 - 2020-02-22 21:00 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-02-14 08:56 - 2020-02-14 08:56 - 000196007 _____ C:\Users\Alena\Downloads\CNFT4C_T5298_20200210.pdf
2020-02-13 16:57 - 2020-02-13 16:57 - 000320130 _____ C:\Users\Alena\Desktop\rok 2019 tatka daně_IF_5405-D_2.pdf
2020-02-13 16:16 - 2020-02-13 16:16 - 000568774 _____ C:\Users\Alena\Downloads\IF_5405_25.pdf
2020-02-13 16:16 - 2020-02-13 16:16 - 000304966 _____ C:\Users\Alena\Downloads\2020_IF_5405-D_2.pdf
2020-02-13 15:57 - 2020-02-13 15:57 - 000156096 _____ C:\Users\Alena\Downloads\Opravena FA.pdf
2020-02-13 13:21 - 2020-02-13 13:21 - 000405539 _____ C:\Users\Alena\Downloads\Výsledovka(2).PDF
2020-02-13 13:21 - 2020-02-13 13:21 - 000405539 _____ C:\Users\Alena\Downloads\Výsledovka(1).PDF
2020-02-13 12:44 - 2020-02-13 12:44 - 000411612 _____ C:\Users\Alena\Downloads\Kniha položek podv. včetně textů(2).PDF
2020-02-13 12:39 - 2020-02-13 12:39 - 000403569 _____ C:\Users\Alena\Downloads\Kniha položek podv. včetně textů(1).PDF
2020-02-13 12:39 - 2020-02-13 12:39 - 000085975 _____ C:\Users\Alena\Downloads\Seznam prodejek.PDF
2020-02-13 12:21 - 2020-02-13 12:21 - 000405539 _____ C:\Users\Alena\Downloads\Výsledovka.PDF
2020-02-13 12:15 - 2020-02-13 12:15 - 000526606 _____ C:\Users\Alena\Downloads\Příjemka 035(1).pdf
2020-02-13 11:49 - 2020-02-13 11:49 - 000526606 _____ C:\Users\Alena\Downloads\Příjemka 035.pdf
2020-02-13 11:14 - 2020-02-13 11:14 - 000412114 _____ C:\Users\Alena\Downloads\Hlavní účetní kniha -vertikálně(2).PDF
2020-02-13 11:07 - 2020-02-13 11:07 - 000402213 _____ C:\Users\Alena\Downloads\Kniha položek podv. včetně textů.PDF
2020-02-13 11:01 - 2020-02-13 11:01 - 000412126 _____ C:\Users\Alena\Downloads\Hlavní účetní kniha -vertikálně(1).PDF
2020-02-13 09:56 - 2020-02-13 09:56 - 000412132 _____ C:\Users\Alena\Downloads\Hlavní účetní kniha -vertikálně.PDF
2020-02-13 09:24 - 2020-02-13 09:24 - 000419613 _____ C:\Users\Alena\Downloads\Obj_293.pdf
2020-02-13 09:22 - 2020-02-13 09:22 - 000260522 _____ C:\Users\Alena\Downloads\Aktuální zaúčtované transakce(9).pdf
2020-02-13 09:21 - 2020-02-13 09:21 - 000262073 _____ C:\Users\Alena\Downloads\Výpisy zaúčtovaných transakcí(12).pdf
2020-02-12 12:51 - 2020-02-12 12:51 - 000385088 _____ C:\Users\Alena\Downloads\Výpisy zaúčtovaných transakcí(11).pdf
2020-02-12 11:59 - 2020-02-12 11:59 - 000343747 _____ C:\Users\Alena\Downloads\Výpisy zaúčtovaných transakcí(10).pdf
2020-02-12 11:59 - 2020-02-12 11:59 - 000121654 _____ C:\Users\Alena\Downloads\Faktura_DL_2202572973.pdf
2020-02-12 11:58 - 2020-02-12 11:58 - 000259931 _____ C:\Users\Alena\Downloads\Aktuální zaúčtované transakce(8).pdf
2020-02-12 11:57 - 2020-02-12 11:57 - 000425444 _____ C:\Users\Alena\Downloads\3202_321120101421_001.pdf
2020-02-12 11:54 - 2020-02-12 11:54 - 000262080 _____ C:\Users\Alena\Downloads\Výpisy zaúčtovaných transakcí(9).pdf
2020-02-11 15:36 - 2020-02-11 15:36 - 000186500 _____ C:\Users\Alena\Downloads\Doklad SIPO_202002_6101921592.pdf
2020-02-08 12:10 - 2020-02-08 12:10 - 000137065 _____ C:\Users\Alena\Downloads\5405-25.pdf
2020-02-08 12:10 - 2020-02-08 12:10 - 000137065 _____ C:\Users\Alena\Downloads\5405-25(2).pdf
2020-02-08 12:10 - 2020-02-08 12:10 - 000137065 _____ C:\Users\Alena\Downloads\5405-25(1).pdf
2020-02-07 09:21 - 2020-02-07 09:21 - 000260080 _____ C:\Users\Alena\Downloads\Aktuální zaúčtované transakce(7).pdf
2020-02-07 09:20 - 2020-02-07 09:20 - 000302005 _____ C:\Users\Alena\Downloads\Výpisy zaúčtovaných transakcí(8).pdf
2020-02-06 10:24 - 2020-02-06 10:24 - 000384337 _____ C:\Users\Alena\Downloads\Výpisy zaúčtovaných transakcí(7).pdf
2020-02-06 10:24 - 2020-02-06 10:24 - 000260493 _____ C:\Users\Alena\Downloads\Aktuální zaúčtované transakce(6).pdf
2020-02-06 10:23 - 2020-02-06 10:23 - 000110633 _____ C:\Users\Alena\Downloads\INS_PCZ01QT_221221744513_20191221.pdf
2020-02-05 11:11 - 2020-02-05 11:11 - 000125519 _____ C:\Users\Alena\Downloads\Vypis_z_uctu_276405113_z_20200131.pdf
2020-02-05 08:59 - 2020-02-05 08:59 - 000301305 _____ C:\Users\Alena\Downloads\Aktuální zaúčtované transakce(5).pdf
2020-02-05 08:31 - 2020-02-05 08:31 - 001674428 _____ C:\Users\Alena\Downloads\sken(1).pdf
2020-02-05 08:30 - 2020-02-05 08:30 - 000262201 _____ C:\Users\Alena\Downloads\Výpisy zaúčtovaných transakcí(6).pdf
2020-02-05 08:29 - 2020-02-05 08:29 - 000515233 _____ C:\Users\Alena\Downloads\Vaše Vodafone Vyúčtování číslo 8003087470.pdf
2020-02-04 20:08 - 2020-02-04 20:08 - 000047531 _____ C:\Users\Alena\Downloads\Vypis_z_uctu-2200892663_20171201-20171231_cislo-12.pdf
2020-02-04 20:07 - 2020-02-04 20:07 - 000173191 _____ C:\Users\Alena\Downloads\doc19543.pdf
2020-02-04 20:06 - 2020-02-04 20:06 - 000053340 _____ C:\Users\Alena\Downloads\Vypis_z_uctu-2200892663_20190801-20190831_cislo-8(1).pdf
2020-02-04 09:04 - 2020-02-04 09:04 - 000261039 _____ C:\Users\Alena\Downloads\Aktuální zaúčtované transakce(4).pdf
2020-02-04 09:03 - 2020-02-04 09:03 - 000343410 _____ C:\Users\Alena\Downloads\Výpisy zaúčtovaných transakcí(5).pdf
2020-02-04 09:00 - 2020-02-04 09:00 - 000086755 _____ C:\Users\Alena\Downloads\PN DpnOznam.pdf
2020-02-04 08:50 - 2020-02-04 08:50 - 000053384 _____ C:\Users\Alena\Downloads\Vypis_z_uctu-2200892663_20191101-20191130_cislo-11.pdf
2020-02-04 08:50 - 2020-02-04 08:50 - 000052006 _____ C:\Users\Alena\Downloads\Vypis_z_uctu-2200892663_20191201-20191231_cislo-12.pdf
2020-02-04 08:49 - 2020-02-04 08:49 - 000053557 _____ C:\Users\Alena\Downloads\Vypis_z_uctu-2200892663_20191001-20191031_cislo-10.pdf
2020-02-04 08:49 - 2020-02-04 08:49 - 000052489 _____ C:\Users\Alena\Downloads\Vypis_z_uctu-2200892663_20190901-20190930_cislo-9.pdf
2020-02-04 08:44 - 2020-02-04 08:44 - 000053340 _____ C:\Users\Alena\Downloads\Vypis_z_uctu-2200892663_20190801-20190831_cislo-8.pdf
2020-02-04 08:44 - 2020-02-04 08:44 - 000052570 _____ C:\Users\Alena\Downloads\Vypis_z_uctu-2200892663_20190701-20190731_cislo-7.pdf
2020-02-04 08:43 - 2020-02-04 08:43 - 000079747 _____ C:\Users\Alena\Downloads\Vypis_z_uctu-2200892663_20190601-20190630_cislo-6.pdf
2020-02-04 08:42 - 2020-02-04 08:42 - 000080401 _____ C:\Users\Alena\Downloads\Vypis_z_uctu-2200892663_20190501-20190531_cislo-5.pdf
2020-02-04 08:42 - 2020-02-04 08:42 - 000048030 _____ C:\Users\Alena\Downloads\Vypis_z_uctu-2200892663_20190301-20190331_cislo-3.pdf
2020-02-04 08:42 - 2020-02-04 08:42 - 000047478 _____ C:\Users\Alena\Downloads\Vypis_z_uctu-2200892663_20190401-20190430_cislo-4.pdf
2020-02-04 08:42 - 2020-02-04 08:42 - 000047108 _____ C:\Users\Alena\Downloads\Vypis_z_uctu-2200892663_20190101-20190131_cislo-1(1).pdf
2020-02-04 08:41 - 2020-02-04 08:41 - 000048082 _____ C:\Users\Alena\Downloads\Vypis_z_uctu-2200892663_20190201-20190228_cislo-2.pdf
2020-02-04 08:41 - 2020-02-04 08:41 - 000047108 _____ C:\Users\Alena\Downloads\Vypis_z_uctu-2200892663_20190101-20190131_cislo-1.pdf
2020-02-04 08:40 - 2020-02-04 08:40 - 000053750 _____ C:\Users\Alena\Downloads\faktura starnails190646436.pdf
2020-02-03 10:42 - 2020-02-03 10:42 - 000300676 _____ C:\Users\Alena\Downloads\Aktuální zaúčtované transakce(3).pdf
2020-02-02 17:52 - 2020-02-02 17:52 - 000382335 _____ C:\Users\Alena\Downloads\Výpisy zaúčtovaných transakcí(4).pdf
2020-02-02 17:52 - 2020-02-02 17:52 - 000382335 _____ C:\Users\Alena\Downloads\Výpisy zaúčtovaných transakcí(3).pdf
2020-02-02 17:48 - 2020-02-02 17:48 - 000260527 _____ C:\Users\Alena\Downloads\Aktuální zaúčtované transakce(2).pdf
2020-02-02 17:45 - 2020-02-02 17:45 - 000302152 _____ C:\Users\Alena\Downloads\Výpisy zaúčtovaných transakcí(2).pdf
2020-01-30 09:25 - 2020-01-30 09:25 - 000074413 _____ C:\Users\Alena\Downloads\výpis 1ZK.pdf
2020-01-30 09:25 - 2020-01-30 09:25 - 000073858 _____ C:\Users\Alena\Downloads\9_20200129_502_SUDOMA-S.R.O._60893388CZK.pdf
2020-01-30 09:25 - 2020-01-30 09:25 - 000073833 _____ C:\Users\Alena\Downloads\11_20200129_501_SUDOMA-S.R.O._60893388CZK.pdf
2020-01-30 09:09 - 2020-01-30 09:09 - 001038604 _____ C:\Users\Alena\Downloads\Sken.pdf
2020-01-30 09:09 - 2020-01-30 09:09 - 000262369 _____ C:\Users\Alena\Downloads\Výpisy zaúčtovaných transakcí(1).pdf
2020-01-30 09:07 - 2020-01-30 09:07 - 000261367 _____ C:\Users\Alena\Downloads\Aktuální zaúčtované transakce(1).pdf
2020-01-30 09:07 - 2020-01-30 09:07 - 000088916 _____ C:\Users\Alena\Downloads\20200130090009959.pdf
2020-01-30 08:47 - 2020-01-30 08:47 - 000001894 _____ C:\Users\Public\Desktop\AnyDesk.lnk
2020-01-30 08:47 - 2020-01-30 08:47 - 000001894 _____ C:\ProgramData\Desktop\AnyDesk.lnk
2020-01-30 08:47 - 2020-01-30 08:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyDesk
2020-01-28 09:42 - 2020-01-28 09:42 - 000087082 _____ C:\Users\Alena\Downloads\69166313.pdf
2020-01-28 09:20 - 2020-01-28 09:20 - 000027244 _____ C:\Users\Alena\Downloads\86440868.pdf
2020-01-28 09:19 - 2020-01-28 09:19 - 000317945 _____ C:\Users\Alena\Downloads\80141994.pdf
2020-01-28 09:19 - 2020-01-28 09:19 - 000150048 _____ C:\Users\Alena\Downloads\85116836.pdf
2020-01-28 09:18 - 2020-01-28 09:18 - 000243632 _____ C:\Users\Alena\Downloads\75179841.pdf
2020-01-28 09:17 - 2020-01-28 09:17 - 000087550 _____ C:\Users\Alena\Downloads\69219094.pdf
2020-01-28 09:16 - 2020-01-28 09:16 - 000124793 _____ C:\Users\Alena\Downloads\52175127.pdf
2020-01-28 09:16 - 2020-01-28 09:16 - 000086092 _____ C:\Users\Alena\Downloads\62265453.pdf
2020-01-28 09:15 - 2020-01-28 09:15 - 000124809 _____ C:\Users\Alena\Downloads\48592918.pdf
2020-01-28 09:13 - 2020-01-28 09:13 - 000077520 _____ C:\Users\Alena\Downloads\45449910.pdf
2020-01-24 11:14 - 2020-01-24 11:14 - 000076605 _____ C:\Users\Alena\Downloads\vypisosobniucet(2).pdf
2020-01-23 19:53 - 2020-01-23 19:53 - 000138284 _____ C:\Users\Alena\Downloads\_SPS - Da_ové potvrzení - Penzijní p_ipoji_t_ní_0.pdf
2020-01-23 09:34 - 2020-01-23 09:34 - 000033392 _____ C:\Users\Alena\Downloads\Amundi_200120_8000838857.pdf
2020-01-23 09:33 - 2020-01-23 09:33 - 000324336 _____ C:\Users\Alena\Downloads\Burinka_n.pdf
2020-01-23 09:33 - 2020-01-23 09:33 - 000274256 _____ C:\Users\Alena\Downloads\Crypt_vypis_archiv_nqsaaeln(1).pdf
2020-01-23 09:32 - 2020-01-23 09:32 - 000581215 _____ C:\Users\Alena\Downloads\Burinka_m.pdf
2020-01-23 09:30 - 2020-01-23 09:30 - 000274256 _____ C:\Users\Alena\Downloads\Crypt_vypis_archiv_nqsaaeln.pdf
2020-01-23 09:26 - 2020-01-23 09:26 - 000090282 _____ C:\Users\Alena\Downloads\Vypis(2).pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-22 22:01 - 2017-11-12 16:27 - 000000256 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
2020-02-22 21:15 - 2017-11-12 16:10 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-02-22 21:15 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-02-22 21:15 - 2009-07-14 05:45 - 000034288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-02-22 21:15 - 2009-07-14 05:45 - 000034288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-02-22 21:09 - 2017-11-05 02:23 - 000000000 ____D C:\Users\Alena
2020-02-22 21:03 - 2019-05-15 20:16 - 000003758 _____ C:\Windows\system32\Tasks\AutoKMS
2020-02-22 21:00 - 2017-11-05 11:47 - 000000000 ____D C:\Windows\AutoKMS
2020-02-22 21:00 - 2017-11-05 11:39 - 000000000 ____D C:\Windows\system32\Tasks\OfficeSoftwareProtectionPlatform
2020-02-22 21:00 - 2017-11-05 02:52 - 000000000 ____D C:\Users\Alena\AppData\Roaming\GHISLER
2020-02-22 21:00 - 2017-11-05 02:23 - 000000000 ____D C:\Users\Alena\AppData\Roaming\Adobe
2020-02-22 21:00 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2020-02-22 21:00 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-02-22 18:54 - 2017-11-05 03:00 - 000000000 ____D C:\Users\Alena\AppData\LocalLow\Mozilla
2020-02-20 05:39 - 2017-11-05 02:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-02-18 19:19 - 2019-03-17 20:05 - 000002230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-02-18 19:19 - 2019-03-17 20:05 - 000002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-02-18 19:19 - 2019-03-17 20:05 - 000002189 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-02-18 19:08 - 2017-11-05 09:21 - 000000000 ____D C:\Users\Alena\Desktop\ÚČETNICTVÍ
2020-02-14 10:36 - 2017-11-05 09:21 - 000000000 ____D C:\Users\Alena\Desktop\TATKOVA SLOŽKA
2020-02-13 09:59 - 2017-11-05 11:15 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-02-11 16:22 - 2017-11-07 10:31 - 000000000 ____D C:\Users\Alena\AppData\Local\ElevatedDiagnostics
2020-02-11 12:46 - 2017-11-12 16:26 - 000000000 ____D C:\ProgramData\HP
2020-02-11 11:23 - 2019-07-01 11:27 - 000057449 _____ C:\Windows\system32\NOTICE_mod
2020-02-06 09:57 - 2019-03-17 20:03 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-06 09:57 - 2019-03-17 20:03 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-30 08:47 - 2018-08-12 19:29 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2020-01-26 11:09 - 2017-11-12 16:07 - 000000000 ____D C:\Users\Alena\AppData\Roaming\TeamViewer
2020-01-26 11:07 - 2018-07-18 07:04 - 000000000 ____D C:\Windows\Minidump
2020-01-24 11:04 - 2009-07-14 06:08 - 000032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-01-24 11:04 - 2009-07-14 06:08 - 000032592 _____ C:\Windows\Tasks\SCHEDLGU(16).TXT

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\User32.dll
[2010-11-21 04:24] - [2010-11-19 22:27] - 001008640 _____ (Microsoft Corporation) E573BD9AB55C8E333C202B9E255F972E

C:\Windows\SysWOW64\User32.dll
[2020-02-22 09:40] - [2020-02-22 09:40] - 000833024 _____ (Microsoft Corporation) 2C9CC9F492CA596B1B9FC1AE5E916356


LastRegBack: 2020-02-20 19:43
==================== End of FRST.txt ========================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [{2D173102-43C6-4927-8B32-EC5A784E37F3}] => (Allow) C:\Users\Alena\Downloads\AnyDesk.exe No File
FirewallRules: [{2D0FE348-7DF5-42DE-A0F0-98AC0B348B65}] => (Allow) C:\Users\Alena\Downloads\AnyDesk.exe No File
FirewallRules: [{DE1FD960-DF09-42EC-AB00-6D5AB1385724}] => (Allow) C:\Users\Alena\Downloads\AnyDesk.exe No File
FirewallRules: [{F8E26CA5-0900-4C53-A4F3-0390C35ACAB6}] => (Allow) C:\Users\Alena\Downloads\AnyDesk.exe No File
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-704579801-1156903197-1247863334-1000\...\Run: [FlashPlayerManager] => C:\Users\Alena\AppData\Roaming\Adobe\nircmd.exe [43520 2012-10-29] (NirSoft) [File not signed] <==== ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\system32\Tasks\AutoKMS
C:\Windows\AutoKMS
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
Hosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 23-02-2020
Ran by Alena (23-02-2020 11:31:39) Run:1
Running from C:\Users\Alena\Desktop
Loaded Profiles: Alena (Available Profiles: Alena)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [{2D173102-43C6-4927-8B32-EC5A784E37F3}] => (Allow) C:\Users\Alena\Downloads\AnyDesk.exe No File
FirewallRules: [{2D0FE348-7DF5-42DE-A0F0-98AC0B348B65}] => (Allow) C:\Users\Alena\Downloads\AnyDesk.exe No File
FirewallRules: [{DE1FD960-DF09-42EC-AB00-6D5AB1385724}] => (Allow) C:\Users\Alena\Downloads\AnyDesk.exe No File
FirewallRules: [{F8E26CA5-0900-4C53-A4F3-0390C35ACAB6}] => (Allow) C:\Users\Alena\Downloads\AnyDesk.exe No File
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-704579801-1156903197-1247863334-1000\...\Run: [FlashPlayerManager] => C:\Users\Alena\AppData\Roaming\Adobe\nircmd.exe [43520 2012-10-29] (NirSoft) [File not signed] <==== ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\system32\Tasks\AutoKMS
C:\Windows\AutoKMS
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D173102-43C6-4927-8B32-EC5A784E37F3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D0FE348-7DF5-42DE-A0F0-98AC0B348B65}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DE1FD960-DF09-42EC-AB00-6D5AB1385724}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F8E26CA5-0900-4C53-A4F3-0390C35ACAB6}" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-704579801-1156903197-1247863334-1000\Software\Microsoft\Windows\CurrentVersion\Run\\FlashPlayerManager" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
C:\Windows\system32\Tasks\AutoKMS => moved successfully
C:\Windows\AutoKMS => moved successfully
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14521389 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1525369 B
Edge => 0 B
Chrome => 75834813 B
Firefox => 1084635876 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
systemprofile32 => 83030 B
LocalService => 83030 B
NetworkService => 82090 B
Alena => 96269863 B

RecycleBin => 0 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:33:54 ====

Smazáno. Nastala nějaká změna?

Děkuji moc za pomoc, aktuálně je vše OK.

Ještě jednou díky.

Vlkákno je možno uzamknout.
P.S. Financni prispevek odeslan.

To jsem rád. Nemáte zač a za příspěvek děkujeme!