VIRY.CZ

Dobrý den.
Prosím o pomoc s vyrešením problemu. Neustále mi vyskakují nová okna v prohlížeči s reklamama. Chytil jsem kdesi nějaký sajrajt.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-02-2020
Ran by Ms.Adinka (administrator) on ADINKA (Hewlett-Packard HP 15 Notebook PC) (03-03-2020 12:54:37)
Running from C:\Users\Ms.Adinka\Downloads
Loaded Profiles: Ms.Adinka (Available Profiles: Ms.Adinka)
Platform: Windows 8.1 Connected (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Users\MSEA01~1.ADI\AppData\Local\Temp\is-TIP95.tmp\jdr0kcy5asr.tmp
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(YAS94E9GW) [File not signed] C:\Windows\Temp\_avast_\unp137196259.tmp

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510896 2014-01-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803440 2013-12-13] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [277664 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2361291474-3598552441-1035334013-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-2361291474-3598552441-1035334013-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [912480 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.122\Installer\chrmstp.exe [2020-02-24] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-03-07] (CyberLink Corp. -> CyberLink)
Startup: C:\Users\Ms.Adinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wdtauvjd.lnk [2020-03-03]
BootExecute: autocheck autochk * aswBoot.exe /M:3393a5404 /dir:"C:\Program Files\AVAST Software\Avast"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FCB2A91-9F2C-4721-A73B-5820D82D2059} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3894664 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
Task: {1D4D4649-9B04-4F88-A3C0-12A1ABE3C808} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {3B71CDAE-684C-4DCA-86D7-65C0F0B49E91} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-03-07] (CyberLink Corp. -> CyberLink Corp.)
Task: {478BF4F1-CC68-45DA-8430-8FFBF16FC5AC} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {74F75324-0AAE-4838-BE01-97B648F4D767} - System32\Tasks\Opera scheduled Autoupdate 1550613354 => C:\Users\Ms.Adinka\AppData\Local\Programs\Opera\launcher.exe
Task: {888D171A-1DC5-403E-8DE5-631B52385B25} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {98050176-A6DE-494B-A0EE-3533045EBA9F} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [1725440 2019-01-14] () [File not signed]
Task: {98DC876D-0EF2-4A85-9A93-3BEE7D6C10A8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E24AA150-35D0-4712-94E7-F360AF6AB5EC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {F95B0663-FFA3-4C53-A801-DF17B3DF29E3} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803440 2013-12-13] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {F9D73DC3-59DF-4275-98D6-C378742E3810} - System32\Tasks\{29EBCCD4-48D6-4D96-BEF9-AD804289F7D3} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lig ... tError=404

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll => No File
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{9D89B7FD-5F02-4E6A-9E58-2B33D2818A37}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{B21E98EB-5059-4BB9-B559-CA35B3F1F46B}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-2361291474-3598552441-1035334013-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=HPNTDFJS
HKU\S-1-5-21-2361291474-3598552441-1035334013-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> {BD4676BA-D295-422C-84C5-E177620B38F4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {BD4676BA-D295-422C-84C5-E177620B38F4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-2361291474-3598552441-1035334013-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2361291474-3598552441-1035334013-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2361291474-3598552441-1035334013-1001 -> {BD4676BA-D295-422C-84C5-E177620B38F4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1235205.dll [2019-03-15] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2321 -> C:\PROGRA~2\fenglei\Mozilla\nppl3260.dll [No File]
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1483 -> C:\PROGRA~2\fenglei\Mozilla\nprpjplug.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-02-04] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default [2020-03-03]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://mail.google.com; hxxps://www.eobuv.cz; hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://seznam.cz/
CHR Extension: (Prezentace) - C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-04]
CHR Extension: (Dokumenty) - C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-04]
CHR Extension: (Disk Google) - C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-04]
CHR Extension: (Adobe Acrobat) - C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-01-26]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-12-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) - C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-08]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"wiwmqxns" => service was unlocked. <==== ATTENTION

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6046624 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [413472 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [428560 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S2 Správce výběru OS; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2010-10-28] (Acronis, Inc -> )
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-05-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12097024 2019-11-06] (TeamViewer GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 wiwmqxns; C:\Windows\SysWOW64\wiwmqxns\wwxideck.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\Windows\system32\DRIVERS\aftap0901.sys [48624 2018-03-06] (AnchorFree Inc -> The OpenVPN Project)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205576 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [271120 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206608 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [64272 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42976 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175400 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [552576 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110560 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84056 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848672 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [458584 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235184 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\Windows\system32\DRIVERS\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316256 2020-03-03] (Avast Software s.r.o. -> AVAST Software)
S3 athr; C:\Windows\system32\DRIVERS\athw8x.sys [3680256 2013-06-18] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
S3 athur; C:\Windows\system32\DRIVERS\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [136040 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-01-23] (Intel(R) Software -> Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [6393856 2016-12-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29936 2013-12-13] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-12-13] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [166288 2017-05-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-23] (Hewlett-Packard Company -> HP)
R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-23] (Hewlett-Packard Company -> HP)
S3 Bulk1528; \SystemRoot\System32\Drivers\Bulk1528.sys [X]
S2 Ca1528av; \SystemRoot\System32\Drivers\Ca1528av.sys [X]
U3 McAPExe; no ImagePath
U3 McMPFSvc; no ImagePath
U3 McNaiAnn; no ImagePath
U3 mcpltsvc; no ImagePath
U3 mfecore; no ImagePath
U3 MSK80Service; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-03 12:54 - 2020-03-03 12:56 - 000022156 _____ C:\Users\Ms.Adinka\Downloads\FRST.txt
2020-03-03 12:53 - 2020-03-03 12:55 - 000000000 ____D C:\FRST
2020-03-03 12:49 - 2020-03-03 12:49 - 002279424 _____ (Farbar) C:\Users\Ms.Adinka\Downloads\FRST64.exe
2020-03-03 12:12 - 2020-03-03 12:12 - 000000000 ___HD C:\$AV_ASW
2020-03-03 12:07 - 2020-03-03 12:12 - 000000000 ____D C:\Users\Ms.Adinka\AppData\Local\8b5b9753-35bf-4364-8b7b-9bd56c60e811
2020-03-03 11:57 - 2020-03-03 12:13 - 000000000 ____D C:\Windows\SysWOW64\wiwmqxns
2020-03-03 11:56 - 2020-03-03 12:40 - 000000000 ____D C:\Users\Ms.Adinka\AppData\Roaming\wwbo5ozwwjd
2020-03-03 11:56 - 2020-03-03 12:13 - 000000000 ____D C:\Program Files\LFIWANULSY
2020-03-03 11:56 - 2020-03-03 12:13 - 000000000 ____D C:\Program Files (x86)\Boy
2020-03-03 11:56 - 2020-03-03 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DreamTrips
2020-03-03 11:56 - 2020-03-03 11:56 - 000000000 ____D C:\Program Files (x86)\Seed Trade
2020-03-03 11:56 - 2020-03-03 11:56 - 000000000 ____D C:\Program Files (x86)\DreamTrips
2020-03-03 11:53 - 2020-03-03 11:53 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2020-03-03 11:50 - 2020-03-03 12:13 - 000000000 ____D C:\Program Files (x86)\MachinerData
2020-03-03 11:50 - 2020-03-03 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BtomPark
2020-03-03 11:50 - 2020-03-03 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AtomPark
2020-03-03 11:50 - 2020-03-03 11:50 - 000000000 ____D C:\Program Files (x86)\BtomPark
2020-03-03 11:50 - 2020-03-03 11:50 - 000000000 ____D C:\Program Files (x86)\AtomPark
2020-03-03 11:00 - 2020-03-03 11:00 - 000368056 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-03-03 11:00 - 2020-03-03 11:00 - 000235184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-03-03 11:00 - 2020-03-03 11:00 - 000175400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-03-01 14:24 - 2020-03-01 14:47 - 425078750 _____ C:\Users\Ms.Adinka\Downloads\PH0103CZ.avi
2020-03-01 12:58 - 2020-03-01 13:20 - 394217036 _____ C:\Users\Ms.Adinka\Downloads\PH0102CZ.avi
2020-03-01 12:21 - 2020-03-01 12:46 - 460463608 _____ C:\Users\Ms.Adinka\Downloads\PH0101CZ.avi
2020-02-29 21:32 - 2020-02-29 22:16 - 799031016 _____ C:\Users\Ms.Adinka\Downloads\PŘÍPADY - 1 - ODDĚLENÍ - 14 - Klubové - barvy - Jurášek - Muflonek.avi
2020-02-27 23:25 - 2020-02-27 23:29 - 832021224 _____ C:\Users\Ms.Adinka\Downloads\PŘÍPADY - 1 - ODDĚLENÍ - 13 - Smrt - novináře - Jurášek - Muflonek.avi
2020-02-26 08:05 - 2020-02-26 09:09 - 1183627064 _____ C:\Users\Ms.Adinka\Downloads\PŘÍPADY - 1 - ODDĚLENÍ - 12 - Důvod - zabití - Jurášek - Muflonek.avi
2020-02-25 09:38 - 2020-02-25 10:24 - 845670678 _____ C:\Users\Ms.Adinka\Downloads\PŘÍPADY - 1 - ODDĚLENÍ - 11 - Hodinka - k - dobru - Jurášek - Muflonek.avi
2020-02-24 21:53 - 2020-02-24 21:57 - 952783712 _____ C:\Users\Ms.Adinka\Downloads\PŘÍPADY - 1 - ODDĚLENÍ - 10 - Sladký - vyděrač - Jurášek - Muflonek.avi
2020-02-24 12:12 - 2020-02-24 18:28 - 4154860177 _____ C:\Users\Ms.Adinka\Downloads\Tenkrat v Hollywoodu (2019) h264 1080p. CZ dabing 5.1.mkv
2020-02-14 12:18 - 2020-02-14 12:18 - 000000000 ___HD C:\$WINDOWS.~BT
2020-02-14 10:20 - 2020-02-05 06:21 - 004168192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-02-14 10:20 - 2020-01-28 09:19 - 007364048 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-02-14 10:20 - 2020-01-28 09:06 - 001737504 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-02-14 10:20 - 2020-01-28 09:06 - 001677024 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-02-14 10:20 - 2020-01-28 09:06 - 001537768 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-02-14 10:20 - 2020-01-28 09:06 - 001500848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-02-14 10:20 - 2020-01-28 09:06 - 001371256 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2020-02-14 10:20 - 2020-01-28 07:59 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2020-02-14 10:20 - 2020-01-28 07:47 - 001501912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-02-14 10:20 - 2020-01-28 06:55 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2020-02-14 10:20 - 2020-01-20 22:48 - 000376568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2020-02-14 10:20 - 2020-01-20 20:32 - 001115136 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2020-02-14 10:20 - 2020-01-20 19:46 - 000365568 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2020-02-14 10:20 - 2020-01-20 19:42 - 007038464 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-02-14 10:20 - 2020-01-20 19:41 - 003826176 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2020-02-14 10:20 - 2020-01-20 19:41 - 003551232 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2020-02-14 10:20 - 2020-01-20 19:38 - 006218752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-02-14 10:20 - 2020-01-20 19:36 - 003278336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2020-02-14 10:20 - 2020-01-16 18:46 - 025754624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-02-14 10:20 - 2020-01-16 17:11 - 002910720 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-02-14 10:20 - 2020-01-16 17:09 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-02-14 10:20 - 2020-01-16 17:08 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2020-02-14 10:20 - 2020-01-16 17:03 - 001113848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2020-02-14 10:20 - 2020-01-16 16:59 - 005500416 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-02-14 10:20 - 2020-01-16 16:58 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-02-14 10:20 - 2020-01-16 16:56 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-02-14 10:20 - 2020-01-16 16:50 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-02-14 10:20 - 2020-01-16 16:40 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-02-14 10:20 - 2020-01-16 16:38 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2020-02-14 10:20 - 2020-01-16 16:37 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2020-02-14 10:20 - 2020-01-16 16:36 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-02-14 10:20 - 2020-01-16 16:36 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2020-02-14 10:20 - 2020-01-16 16:35 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2020-02-14 10:20 - 2020-01-16 16:34 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2020-02-14 10:20 - 2020-01-16 16:30 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2020-02-14 10:20 - 2020-01-16 16:30 - 000660992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-02-14 10:20 - 2020-01-16 16:24 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-02-14 10:20 - 2020-01-16 16:24 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2020-02-14 10:20 - 2020-01-16 16:22 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2020-02-14 10:20 - 2020-01-16 16:22 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2020-02-14 10:20 - 2020-01-16 16:21 - 001441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-02-14 10:20 - 2020-01-16 16:20 - 015468544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-02-14 10:20 - 2020-01-16 16:20 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2020-02-14 10:20 - 2020-01-16 16:15 - 000963072 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-02-14 10:20 - 2020-01-16 16:14 - 000052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2020-02-14 10:20 - 2020-01-16 16:13 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\keyiso.dll
2020-02-14 10:20 - 2020-01-16 16:12 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2020-02-14 10:20 - 2020-01-16 16:12 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2020-02-14 10:20 - 2020-01-16 16:09 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2020-02-14 10:20 - 2020-01-16 16:08 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-02-14 10:20 - 2020-01-16 16:06 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-02-14 10:20 - 2020-01-16 16:05 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2020-02-14 10:20 - 2020-01-16 16:04 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2020-02-14 10:20 - 2020-01-16 16:03 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2020-02-14 10:20 - 2020-01-16 16:00 - 013854208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-02-14 10:20 - 2020-01-16 15:59 - 000780800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-02-14 10:20 - 2020-01-16 15:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\keyiso.dll
2020-02-14 10:20 - 2020-01-16 15:57 - 001567232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-02-14 10:20 - 2020-01-16 15:46 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-02-14 10:20 - 2020-01-16 15:45 - 004387328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-02-14 10:20 - 2020-01-16 15:42 - 001332224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-02-14 10:20 - 2020-01-16 15:40 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2020-02-14 10:20 - 2020-01-15 23:21 - 001165672 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2020-02-14 10:20 - 2020-01-15 23:18 - 000959248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2020-02-14 10:20 - 2020-01-13 16:29 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\Websocket.dll
2020-02-14 10:20 - 2020-01-13 16:13 - 000035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Websocket.dll
2020-02-14 10:20 - 2020-01-13 16:12 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2020-02-14 10:20 - 2020-01-13 16:02 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWSD.dll
2020-02-14 10:20 - 2020-01-11 20:07 - 001546488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-02-14 10:20 - 2020-01-11 20:05 - 001541896 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-02-14 10:20 - 2020-01-11 17:57 - 000517632 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2020-02-14 10:20 - 2020-01-11 17:49 - 000672768 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2020-02-14 10:20 - 2020-01-11 17:44 - 001377280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-02-14 10:20 - 2020-01-11 17:35 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2020-02-14 10:20 - 2020-01-10 18:28 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2020-02-14 10:20 - 2020-01-10 16:01 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2020-02-14 10:20 - 2020-01-10 00:31 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2020-02-14 10:20 - 2020-01-10 00:20 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2020-02-14 10:20 - 2020-01-10 00:18 - 000468992 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2020-02-14 10:20 - 2020-01-10 00:18 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2020-02-14 10:20 - 2020-01-10 00:11 - 000774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2020-02-14 10:20 - 2020-01-10 00:02 - 003631616 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-02-14 10:20 - 2020-01-10 00:00 - 001217536 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2020-02-14 10:20 - 2020-01-09 23:36 - 000905728 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-02-14 10:20 - 2020-01-09 23:35 - 002551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-02-14 10:20 - 2020-01-09 23:30 - 000254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapisrv.dll
2020-02-14 10:20 - 2020-01-09 23:22 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-02-14 10:20 - 2020-01-09 23:21 - 000391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-02-14 10:20 - 2020-01-09 23:17 - 000699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-02-14 10:20 - 2020-01-09 23:13 - 002750464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-02-14 10:20 - 2020-01-09 22:55 - 001920512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-02-14 10:20 - 2020-01-09 22:54 - 000711168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-02-14 10:20 - 2020-01-08 19:29 - 003326464 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-02-14 10:20 - 2020-01-08 18:40 - 003622912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-02-14 10:20 - 2020-01-08 18:28 - 002779648 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2020-02-14 10:20 - 2020-01-08 17:57 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2020-02-14 10:20 - 2019-12-20 16:03 - 000452608 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2020-02-14 10:20 - 2019-12-20 01:17 - 000139912 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2020-02-14 10:20 - 2019-12-20 01:16 - 000537608 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2020-02-14 10:20 - 2019-12-20 01:16 - 000466816 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2020-02-14 10:20 - 2019-12-20 01:16 - 000415224 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2020-02-14 10:20 - 2019-12-20 01:12 - 000451008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-02-14 10:20 - 2019-12-20 01:12 - 000414296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2020-02-14 10:20 - 2019-12-20 01:12 - 000374072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2020-02-14 10:20 - 2019-12-20 01:12 - 000136944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2020-02-14 10:20 - 2019-12-18 20:52 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2020-02-14 10:20 - 2019-12-17 02:19 - 001191936 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2020-02-14 10:20 - 2019-12-17 02:08 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2020-02-14 10:20 - 2019-12-17 01:39 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2020-02-14 10:20 - 2019-12-17 00:44 - 000949760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2020-02-14 10:20 - 2019-12-12 08:01 - 000750080 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2020-02-14 10:20 - 2019-12-12 07:43 - 000504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2020-02-14 10:20 - 2019-12-07 21:08 - 000990160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2020-02-13 10:05 - 2020-02-13 10:51 - 831477326 _____ C:\Users\Ms.Adinka\Downloads\PŘÍPADY - 1 - ODDĚLENÍ - 9 - Totožnost - Jurášek - Muflonek.avi
2020-02-12 23:49 - 2019-09-25 07:30 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2020-02-11 12:12 - 2020-02-11 20:00 - 023766285 _____ C:\Users\Ms.Adinka\Downloads\Případy 1.oddělení (2.série).rar
2020-02-11 11:21 - 2020-02-11 12:10 - 903957038 _____ C:\Users\Ms.Adinka\Downloads\PŘÍPADY - 1 - ODDĚLENÍ - 8 - Policajt - na - odstřel - barvy - Jurášek - Muflonek.avi
2020-02-11 09:11 - 2020-02-11 09:54 - 804926768 _____ C:\Users\Ms.Adinka\Downloads\PŘÍPADY - 1 - ODDĚLENÍ - 7 - 48 - hodin - Jurášek - Muflonek.avi
2020-02-10 13:04 - 2020-02-10 13:57 - 982268188 _____ C:\Users\Ms.Adinka\Downloads\PŘÍPADY - 1 - ODDĚLENÍ - 5 - Laborant - Jurášek - Muflonek Český - seriál.avi
2020-02-10 10:15 - 2020-02-10 10:15 - 000000000 _____ C:\Windows\system32\last.dump
2020-02-09 21:39 - 2020-02-09 22:14 - 645250274 _____ C:\Users\Ms.Adinka\Downloads\_Případy prvního oddělení 6 díl.avi
2020-02-08 21:40 - 2020-02-08 22:22 - 775203558 _____ C:\Users\Ms.Adinka\Downloads\PŘÍPADY - 1 - ODDĚLENÍ - 4 - Klíčový - důkaz - Jurášek - Muflonek.avi
2020-02-08 20:25 - 2020-02-08 21:20 - 000002026 _____ C:\Users\Public\Desktop\Avast Premium Security.lnk
2020-02-08 20:25 - 2020-02-08 21:20 - 000002026 _____ C:\ProgramData\Desktop\Avast Premium Security.lnk
2020-02-08 13:18 - 2020-02-14 12:56 - 000482256 _____ C:\Windows\system32\FNTCACHE.DAT
2020-02-07 18:37 - 2020-02-07 19:32 - 1017198100 _____ C:\Users\Ms.Adinka\Downloads\Pripady.1.oddeleni.01x01.Rozctvrcena.DVB-T.CZ.avi
2020-02-05 19:56 - 2020-02-05 20:05 - 1576009728 _____ C:\Users\Ms.Adinka\Downloads\Peppermint-10-20191210-i386.iso
2020-02-05 18:36 - 2020-02-05 20:33 - 2161168334 _____ C:\Users\Ms.Adinka\Downloads\Stockholmský syndrom 1 a 2 cast.avi
2020-02-05 16:29 - 2020-02-05 17:41 - 788287360 _____ C:\Users\Ms.Adinka\Downloads\Jak si nepodělat život 1 Až budou krávy lítat-mnl-.avi

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-03 12:56 - 2018-10-04 17:58 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2361291474-3598552441-1035334013-1001
2020-03-03 12:53 - 2018-11-09 14:16 - 002147840 ___SH C:\Users\Ms.Adinka\Downloads\Thumbs.db
2020-03-03 12:51 - 2019-01-14 17:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2020-03-03 12:51 - 2018-10-04 18:11 - 000000000 ____D C:\ProgramData\AVAST Software
2020-03-03 12:07 - 2018-10-04 18:35 - 000000000 ____D C:\Users\Ms.Adinka\AppData\Local\CrashDumps
2020-03-03 11:15 - 2019-01-11 16:51 - 000000000 ____D C:\Users\Ms.Adinka\Documents\Youcam
2020-03-03 11:15 - 2014-05-21 11:42 - 000762978 _____ C:\Windows\system32\perfh005.dat
2020-03-03 11:15 - 2014-05-21 11:42 - 000163700 _____ C:\Windows\system32\perfc005.dat
2020-03-03 11:15 - 2014-03-18 10:53 - 001876212 _____ C:\Windows\system32\PerfStringBackup.INI
2020-03-03 11:15 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2020-03-03 11:14 - 2019-01-14 23:54 - 000003486 _____ C:\Windows\system32\Tasks\AutoKMS
2020-03-03 11:14 - 2018-11-06 14:27 - 000664064 ___SH C:\Users\Ms.Adinka\Desktop\Thumbs.db
2020-03-03 11:13 - 2019-01-10 19:07 - 000000621 _____ C:\Users\Ms.Adinka\Desktop\KMPlayer.lnk
2020-03-03 11:13 - 2019-01-10 19:07 - 000000000 ____D C:\Users\Ms.Adinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2020-03-03 11:13 - 2019-01-10 19:06 - 000000000 ____D C:\KMPlayer
2020-03-03 11:12 - 2019-01-10 19:09 - 000003980 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{A97E5EE2-5C55-4FAC-912A-6CB2FD9838B2}
2020-03-03 11:12 - 2018-10-04 18:17 - 000000000 ____D C:\Users\Ms.Adinka\AppData\Local\AVAST Software
2020-03-03 11:08 - 2019-04-20 07:47 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-03-03 11:08 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-03 11:03 - 2018-10-04 18:16 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-03-03 11:00 - 2018-10-18 08:39 - 000042976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-03-03 11:00 - 2018-10-04 18:15 - 000458584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-03-03 11:00 - 2018-10-04 18:15 - 000316256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-03-03 11:00 - 2018-10-04 18:15 - 000110560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-03-03 11:00 - 2018-10-04 18:15 - 000084056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-03-03 10:59 - 2019-05-15 10:50 - 000552576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2020-03-03 10:59 - 2019-01-14 17:19 - 000271120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-03-03 10:59 - 2019-01-06 19:16 - 000206608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-03-03 10:59 - 2019-01-06 19:16 - 000064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-03-03 10:59 - 2018-10-04 18:15 - 000848672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-03-03 10:59 - 2018-10-04 18:15 - 000205576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-03-03 10:44 - 2019-02-03 19:19 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-03-03 10:44 - 2019-01-23 18:14 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-03-03 10:44 - 2019-01-06 19:06 - 000002812 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-03-03 10:44 - 2018-10-04 18:16 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2020-03-03 10:44 - 2018-10-04 11:51 - 000003156 _____ C:\Windows\system32\Tasks\YCMServiceAgent
2020-02-24 21:41 - 2018-10-04 18:20 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-02-24 21:41 - 2018-10-04 18:20 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-02-24 21:41 - 2018-10-04 18:20 - 000002210 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-02-23 18:44 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\rescache
2020-02-14 12:18 - 2019-11-14 17:21 - 000001908 _____ C:\Windows\diagwrn.xml
2020-02-14 12:18 - 2019-11-14 17:21 - 000001908 _____ C:\Windows\diagerr.xml
2020-02-14 11:29 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp
2020-02-14 09:56 - 2019-01-23 18:11 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-02-13 00:08 - 2018-10-09 12:14 - 000000000 ____D C:\Windows\system32\MRT
2020-02-12 23:59 - 2018-10-09 12:14 - 120407888 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-02-12 23:57 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2020-02-08 21:14 - 2018-10-04 18:17 - 000000000 ____D C:\Users\Ms.Adinka\AppData\Roaming\AVAST Software
2020-02-08 21:05 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\NDF
2020-02-08 18:07 - 2018-10-04 17:53 - 000000000 ____D C:\Users\Ms.Adinka
2020-02-08 18:04 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-08 17:58 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\registration
2020-02-08 13:17 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-02-04 09:04 - 2019-01-23 18:04 - 000000000 ____D C:\Users\Ms.Adinka\AppData\Local\Adobe
2020-02-04 07:03 - 2019-06-28 11:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPCA1528 PC Driver
2020-02-04 07:03 - 2018-10-04 11:51 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2020-02-04 07:03 - 2014-05-21 02:53 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2020-02-03 20:04 - 2019-05-15 12:48 - 000835688 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-02-03 20:04 - 2019-05-15 12:48 - 000179608 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories ========

2019-04-27 21:03 - 2019-04-27 21:03 - 000000017 _____ () C:\Users\Ms.Adinka\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-03-02 10:28
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-02-2020
Ran by Ms.Adinka (03-03-2020 13:00:07)
Running from C:\Users\Ms.Adinka\Downloads
Windows 8.1 Connected (Update) (X64) (2018-10-04 16:52:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2361291474-3598552441-1035334013-500 - Administrator - Disabled)
Guest (S-1-5-21-2361291474-3598552441-1035334013-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2361291474-3598552441-1035334013-1003 - Limited - Enabled)
Ms.Adinka (S-1-5-21-2361291474-3598552441-1035334013-1001 - Administrator - Enabled) => C:\Users\Ms.Adinka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
FW: Avast Antivirus (Disabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

·çŔ×Ó°Ňô 2.10 (HKLM-x32\...\fenglei) (Version: 2.10 - ·çŔ׹¤×÷ĘŇ)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Acronis Disk Director (HKLM-x32\...\{06E34C00-0446-4176-81C8-A5DAFE53CA36}) (Version: 11.0.2121 - Acronis)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.006.20034 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.5.205 - Adobe, Inc.)
Any Video Converter 6.3.8 (HKLM-x32\...\Any Video Converter) (Version: 6.3.8 - Anvsoft)
Atomic SMS 6.10.0.75 (HKLM-x32\...\AtomicSMS_is1) (Version: 6.10.0.75 - AtomPark Software Inc.)
Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 20.1.2397 - AVAST Software)
Btomic SMS 6.10.0.75 (HKLM-x32\...\BtomicSMS_is1) (Version: 6.10.0.75 - BtomPark Software Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
DreamTrips version 2.12 (HKLM-x32\...\{13E374E4-E610-4F9E-ACC4-E461DA17D869}_is1) (Version: 2.12 - DreamTrips Inc)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Fotogaléria (HKLM-x32\...\{08466673-3905-4437-93E8-34A221B7CA4E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.122 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
HP Utility Center (HKLM\...\{891A1782-8B20-4403-8383-458962525926}) (Version: 2.3.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.37 - PandoraTV)
Main service (HKLM-x32\...\{EF758C50-5FA2-4B0A-86D3-8B65B176BC53}) (Version: - )
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{379A0618-EF50-423C-9637-EEB2D25A4BB4}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{CFBFE244-6269-41DC-85B6-86F99C88ED02}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7156 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.65.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
SPCA1528 PC Driver (HKLM-x32\...\{570C2A84-A145-4DF0-AE9D-012584DF09DC}) (Version: 2.2.2.0 - sunplus)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.4.0 - Synaptics Incorporated)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.0.8397 - TeamViewer)
Ulož.to FileManager 2.71 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.71 - Uloz.to cloud a.s.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Box for Windows 8 -> C:\Program Files\WindowsApps\134D4F5B.Box_2.1.4.4_neutral__2qk4zy5s3qmee [2018-10-05] (Box, Inc.)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2018-10-05] (Hewlett-Packard Company)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2018-10-04] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2018-10-05] (Microsoft Corporation) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2018-10-05] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2018-10-05] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2018-10-05] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2018-10-05] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2018-10-06] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2018-10-05] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2018-10-05] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2018-10-05] (Skype) [MS Ad]
The Weather Channel for HP -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforHP_2.1.20.0_x64__t3yemqpq4kp7p [2018-10-05] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_1.18.3.0_x64__8wekyb3d8bbwe [2018-10-05] (Microsoft Corporation)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2018-10-05] (Microsoft Corporation) [MS Ad]
YouCam for HP -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.YouCamforHP_1.0.2.29632_x86__06qsbagp91rvg [2018-10-05] (CYBERLINKCOM CORP)
Začínáme se systémem Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2018-10-05] (Hewlett-Packard Company)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2361291474-3598552441-1035334013-1001_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2014-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid.dll [102400 2006-11-14] (TechSmith Corporation) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-03-03 11:56 - 2008-07-23 20:37 - 000203264 _____ () [File not signed] C:\Users\MSEA01~1.ADI\AppData\Local\Temp\is-ONT83.tmp\itdownload.dll
2020-03-03 11:56 - 2020-03-03 11:56 - 000889344 _____ () [File not signed] C:\Users\MSEA01~1.ADI\AppData\Local\Temp\is-TIP95.tmp\jdr0kcy5asr.tmp
2020-02-24 21:41 - 2020-03-03 11:50 - 126692848 _____ (Google LLC -> Google LLC) [File not signed] C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.122\chrome.dll
2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-03-03 11:56 - 2016-04-17 19:16 - 000221184 _____ (Mitrich Software) [File not signed] C:\Users\MSEA01~1.ADI\AppData\Local\Temp\is-ONT83.tmp\idp.dll
2018-10-04 11:33 - 2013-04-01 22:19 - 000574464 _____ (Realtek Semiconductor Corp. ) [File not signed] C:\Windows\system32\Rtlihvs.dll
2020-03-03 11:56 - 2017-05-03 11:31 - 000043520 _____ (Vincenzo Giordano) [File not signed] C:\Users\MSEA01~1.ADI\AppData\Local\Temp\is-ONT83.tmp\psvince.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2020-02-05 18:50 - 000001219 _____ C:\Windows\system32\drivers\etc\hosts
111.118.212.124 pagead2.googlesyndication.com
111.118.212.124 tpc.googlesyndication.com
111.118.212.124 s7.addthis.com
111.118.212.124 contextual.media.net
111.118.212.124 connect.facebook.net
111.118.212.124 s3.buysellads.com
111.118.212.124 resources.infolinks.com
111.118.212.124 stats.g.doubleclick.net
111.118.212.124 www.googletagmanager.com
111.118.212.124 google-analytics.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\
HKU\S-1-5-21-2361291474-3598552441-1035334013-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SimplePass"
HKLM\...\StartupApproved\Run: => "OPBHOBroker"
HKLM\...\StartupApproved\Run: => "OPBHOBrokerDesktop"
HKLM\...\StartupApproved\Run32: => "HPMessageService"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{8EE718FD-A596-471D-989F-93690641E49A}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{45F7C212-3A75-4200-9F89-9A2BD10B18D4}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{ACA394BC-2F6A-4206-B91C-DBB2A4AF744A}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{678826FD-902D-4955-97EA-ADED3FE18543}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{06BDA4BD-D1F4-40E9-9609-511635BF3E45}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

12-02-2020 23:56:13 Windows Update
23-02-2020 18:38:17 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/03/2020 12:07:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 16D8.tmp.exe, verze: 0.0.0.0, časové razítko: 0x5d890137
Název chybujícího modulu: MSASN1.dll, verze: 6.3.9600.17415, časové razítko: 0x54503d97
Kód výjimky: 0xc0000005
Posun chyby: 0x000034ff
ID chybujícího procesu: 0x1ab8
Čas spuštění chybující aplikace: 0x01d5f14a788be263
Cesta k chybující aplikaci: C:\Users\MSEA01~1.ADI\AppData\Local\Temp\16D8.tmp.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\MSASN1.dll
ID zprávy: 23350ad2-5d3f-11ea-82b6-3464a97f739e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/03/2020 12:07:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 16D8.tmp.exe, verze: 0.0.0.0, časové razítko: 0x5d890137
Název chybujícího modulu: MSASN1.dll, verze: 6.3.9600.17415, časové razítko: 0x54503d97
Kód výjimky: 0xc0000005
Posun chyby: 0x000034ff
ID chybujícího procesu: 0x1ab8
Čas spuštění chybující aplikace: 0x01d5f14a788be263
Cesta k chybující aplikaci: C:\Users\MSEA01~1.ADI\AppData\Local\Temp\16D8.tmp.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\MSASN1.dll
ID zprávy: 21de486b-5d3f-11ea-82b6-3464a97f739e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/03/2020 12:06:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 16D8.tmp.exe, verze: 0.0.0.0, časové razítko: 0x5d890137
Název chybujícího modulu: MSASN1.dll, verze: 6.3.9600.17415, časové razítko: 0x54503d97
Kód výjimky: 0xc0000005
Posun chyby: 0x000034ff
ID chybujícího procesu: 0x1ab8
Čas spuštění chybující aplikace: 0x01d5f14a788be263
Cesta k chybující aplikaci: C:\Users\MSEA01~1.ADI\AppData\Local\Temp\16D8.tmp.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\MSASN1.dll
ID zprávy: 0fee340b-5d3f-11ea-82b6-3464a97f739e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/03/2020 12:06:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 16D8.tmp.exe, verze: 0.0.0.0, časové razítko: 0x5d890137
Název chybujícího modulu: MSASN1.dll, verze: 6.3.9600.17415, časové razítko: 0x54503d97
Kód výjimky: 0xc0000005
Posun chyby: 0x000034ff
ID chybujícího procesu: 0x1ab8
Čas spuštění chybující aplikace: 0x01d5f14a788be263
Cesta k chybující aplikaci: C:\Users\MSEA01~1.ADI\AppData\Local\Temp\16D8.tmp.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\MSASN1.dll
ID zprávy: 0c6f2da2-5d3f-11ea-82b6-3464a97f739e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/03/2020 12:05:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 16D8.tmp.exe, verze: 0.0.0.0, časové razítko: 0x5d890137
Název chybujícího modulu: MSASN1.dll, verze: 6.3.9600.17415, časové razítko: 0x54503d97
Kód výjimky: 0xc0000005
Posun chyby: 0x000034ff
ID chybujícího procesu: 0x1ab8
Čas spuštění chybující aplikace: 0x01d5f14a788be263
Cesta k chybující aplikaci: C:\Users\MSEA01~1.ADI\AppData\Local\Temp\16D8.tmp.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\MSASN1.dll
ID zprávy: f45b1ab3-5d3e-11ea-82b6-3464a97f739e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/03/2020 12:05:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 16D8.tmp.exe, verze: 0.0.0.0, časové razítko: 0x5d890137
Název chybujícího modulu: MSASN1.dll, verze: 6.3.9600.17415, časové razítko: 0x54503d97
Kód výjimky: 0xc0000005
Posun chyby: 0x000034ff
ID chybujícího procesu: 0x1ab8
Čas spuštění chybující aplikace: 0x01d5f14a788be263
Cesta k chybující aplikaci: C:\Users\MSEA01~1.ADI\AppData\Local\Temp\16D8.tmp.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\MSASN1.dll
ID zprávy: f3230f70-5d3e-11ea-82b6-3464a97f739e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/03/2020 12:02:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 1583232965.exe, verze: 51.9.0.0, časové razítko: 0x5e5df065
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.19629, časové razítko: 0x5e2fc9e7
Kód výjimky: 0xc0000374
Posun chyby: 0x000e6254
ID chybujícího procesu: 0x780
Čas spuštění chybující aplikace: 0x01d5f14aa273052d
Cesta k chybující aplikaci: C:\Users\MSEA01~1.ADI\AppData\Local\Temp\1583232965.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 6a9de60b-5d3e-11ea-82b6-3464a97f739e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/03/2020 12:01:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 16D8.tmp.exe, verze: 0.0.0.0, časové razítko: 0x5d890137
Název chybujícího modulu: MSASN1.dll, verze: 6.3.9600.17415, časové razítko: 0x54503d97
Kód výjimky: 0xc0000005
Posun chyby: 0x000034ff
ID chybujícího procesu: 0x1ab8
Čas spuštění chybující aplikace: 0x01d5f14a788be263
Cesta k chybující aplikaci: C:\Users\MSEA01~1.ADI\AppData\Local\Temp\16D8.tmp.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\MSASN1.dll
ID zprávy: 5e43bdcf-5d3e-11ea-82b6-3464a97f739e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/03/2020 12:20:37 PM) (Source: DCOM) (EventID: 10010) (User: Adinka)
Description: Server {D63B10C5-BB46-4990-A94F-E40B9D520160} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/03/2020 11:51:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Main Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/03/2020 11:51:13 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Main Service bylo dosaženo časového limitu (30000 ms).

Error: (03/03/2020 11:08:41 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Služba Aktivátor Správce výběru OS Acronis závisí na následující službě: ProtectedStorage. Tato služba pravděpodobně není nainstalována.

Error: (03/03/2020 11:08:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SPCA1528 Video Camera Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/02/2020 10:29:25 AM) (Source: DCOM) (EventID: 10010) (User: Adinka)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/02/2020 10:28:47 AM) (Source: DCOM) (EventID: 10010) (User: Adinka)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/02/2020 10:28:31 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a42\SystemRoot\System32\Config\RegBack\SYSTEM


Windows Defender:
===================================
Date: 2014-05-21 04:40:06.606
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

Date: 2014-05-21 03:52:20.024
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

Date: 2014-05-21 03:49:49.707
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

Date: 2014-05-21 03:43:14.853
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

Date: 2014-05-21 03:40:47.974
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

CodeIntegrity:
===================================

Date: 2019-01-09 15:54:40.563
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-01-09 15:54:36.998
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-01-09 15:54:33.628
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-01-09 15:54:30.461
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-01-09 15:54:27.250
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-01-09 15:54:23.699
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-01-09 15:54:20.152
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-01-09 15:54:16.684
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: Insyde F.23 09/19/2014
Motherboard: Hewlett-Packard 2213
Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 65%
Total physical RAM: 3984.27 MB
Available physical RAM: 1385 MB
Total Virtual: 5712.27 MB
Available Virtual: 2840.03 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:448.05 GB) (Free:186.27 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:16.69 GB) (Free:1.61 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{854a0201-af98-49e5-9ae2-c4a20be2d51c}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.35 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 44021D50)

Partition: GPT.

==================== End of Addition.txt =======================

ahoj,
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >> •Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-02-2020
Ran by Ms.Adinka (03-03-2020 13:55:33) Run:1
Running from C:\Users\Ms.Adinka\Downloads
Loaded Profiles: Ms.Adinka (Available Profiles: Ms.Adinka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
() [File not signed] C:\Users\MSEA01~1.ADI\AppData\Local\Temp\is-TIP95.tmp\jdr0kcy5asr.tmp
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {98050176-A6DE-494B-A0EE-3533045EBA9F} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [1725440 2019-01-14] () [File not signed]
FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2321 -> C:\PROGRA~2\fenglei\Mozilla\nppl3260.dll [No File]
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1483 -> C:\PROGRA~2\fenglei\Mozilla\nprpjplug.dll [No File]
S2 wiwmqxns; C:\Windows\SysWOW64\wiwmqxns\wwxideck.exe [X]
S3 Bulk1528; \SystemRoot\System32\Drivers\Bulk1528.sys [X]
S2 Ca1528av; \SystemRoot\System32\Drivers\Ca1528av.sys [X]
U3 McAPExe; no ImagePath
U3 McMPFSvc; no ImagePath
U3 McNaiAnn; no ImagePath
U3 mcpltsvc; no ImagePath
U3 mfecore; no ImagePath
U3 MSK80Service; no ImagePath
C:\Users\MSEA01~1.ADI\AppData\Local\Temp\16D8.tmp.exe
C:\Users\MSEA01~1.ADI\AppData\Local\Temp\1583232965.exe



Hosts:
EmptyTemp:
Reboot:
End

*****************

[6064] C:\Users\MSEA01~1.ADI\AppData\Local\Temp\is-TIP95.tmp\jdr0kcy5asr.tmp => process closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{98050176-A6DE-494B-A0EE-3533045EBA9F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98050176-A6DE-494B-A0EE-3533045EBA9F}" => removed successfully
C:\Windows\System32\Tasks\AutoKMS => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2321 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1483 => removed successfully
HKLM\System\CurrentControlSet\Services\wiwmqxns => removed successfully
wiwmqxns => service removed successfully
HKLM\System\CurrentControlSet\Services\Bulk1528 => removed successfully
Bulk1528 => service removed successfully
HKLM\System\CurrentControlSet\Services\Ca1528av => removed successfully
Ca1528av => service removed successfully
HKLM\System\CurrentControlSet\Services\McAPExe => removed successfully
McAPExe => service removed successfully
HKLM\System\CurrentControlSet\Services\McMPFSvc => removed successfully
McMPFSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\McNaiAnn => removed successfully
McNaiAnn => service removed successfully
HKLM\System\CurrentControlSet\Services\mcpltsvc => removed successfully
mcpltsvc => service removed successfully
HKLM\System\CurrentControlSet\Services\mfecore => removed successfully
mfecore => service removed successfully
HKLM\System\CurrentControlSet\Services\MSK80Service => removed successfully
MSK80Service => service removed successfully
"C:\Users\MSEA01~1.ADI\AppData\Local\Temp\16D8.tmp.exe" => not found
C:\Users\MSEA01~1.ADI\AppData\Local\Temp\1583232965.exe => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25317067 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 25770519 B
Edge => 0 B
Chrome => 417346613 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 200110 B
systemprofile32 => 200238 B
LocalService => 219962 B
NetworkService => 219962 B
Ms.Adinka => 391135197 B

RecycleBin => 69740830 B
EmptyTemp: => 895.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:57:35 ====

OK, po restarte vycisti s ADWCleanerom a napis, ci sa stav zlepsil?

Předtím vyskakovali normální reklamy. Teď porno reklamy


# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-02-2020
# Database: 2020-03-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-03-2020
# Duration: 00:00:06
# OS: Windows 8.1 Connected
# Cleaned: 21
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\DreamTrips
Deleted C:\Program Files (x86)\MachinerData
Deleted C:\Program Files (x86)\Seed Trade
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DreamTrips
Deleted C:\Users\Ms.Adinka\AppData\Local\slimware utilities inc
Deleted C:\Users\Public\Documents\Downloaded Installers

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\DreamTrips
Deleted HKCU\Software\csastats
Deleted HKLM\Software\Wow6432Node\WIFIService
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{13E374E4-E610-4F9E-ACC4-E461DA17D869}_is1
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{EF758C50-5FA2-4B0A-86D3-8B65B176BC53}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.CyberLinkLabelPrint Folder C:\Program Files (x86)\CYBERLINK\LABELPRINT
Deleted Preinstalled.CyberLinkLabelPrint Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
Deleted Preinstalled.CyberLinkLabelPrint Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{C59C179C-668D-49A9-B6EA-0121CCFC1243}
Deleted Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
Deleted Preinstalled.HPRegistrationService Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP REGISTRATION SERVICE
Deleted Preinstalled.HPRegistrationService Folder C:\ProgramData\HEWLETT-PACKARD\HP REGISTRATION SERVICE
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\Ms.Adinka\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\Ms.Adinka\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3471 octets] - [03/03/2020 14:17:07]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########



A ještě mi po restartovaní vyskakuje okno :

tak predsa je to lepsie
pouzi cistenie https://forum.viry.cz/viewtopic.php?f=1 ... e#p1529932 oba kroky

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Ms.Adinka on Łt 03. 03. 2020 at 19:11:01,12.
Microsoft Windows 8.1 s aplikací Bing 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ms.Adinka\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

3. 3. 2020 19:17:52 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\DivX deleted successfully
C:\Program Files\Bonjour deleted successfully
C:\Users\Ms.Adinka\AppData\Roaming\hpqlog deleted successfully
C:\Users\Ms.Adinka\AppData\Roaming\Opera Software deleted successfully
C:\Users\Ms.Adinka\AppData\Roaming\wwbo5ozwwjd deleted successfully
C:\Users\Ms.Adinka\AppData\Local\8b5b9753-35bf-4364-8b7b-9bd56c60e811 deleted successfully
C:\Users\Ms.Adinka\AppData\Local\MediaShow deleted successfully
C:\Users\Ms.Adinka\AppData\Local\Opera Software deleted successfully
C:\Users\Ms.Adinka\AppData\Local\VirtualStore deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2361291474-3598552441-1035334013-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BD4676BA-D295-422C-84C5-E177620B38F4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BD4676BA-D295-422C-84C5-E177620B38F4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BD4676BA-D295-422C-84C5-E177620B38F4} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\DivX not found
C:\PROGRA~3\DivX deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
"C:\Users\Ms.Adinka\AppData\Local\AVAST Software\APM\kv_pam.db" not deleted
"C:\Users\Ms.Adinka\AppData\Local\AVAST Software\APM\kv_pamcore.db" not deleted
"C:\Users\Ms.Adinka\AppData\Local\AVAST Software\APM\kv_pampub.db" not deleted
"C:\Users\Ms.Adinka\AppData\Local\AVAST Software\APM\pam.db" not deleted
"C:\Users\MSEA01~1.ADI\AppData\Local\AVAST Software\APM\kv_pam.db" not deleted
"C:\Users\MSEA01~1.ADI\AppData\Local\AVAST Software\APM\kv_pamcore.db" not deleted
"C:\Users\MSEA01~1.ADI\AppData\Local\AVAST Software\APM\kv_pampub.db" not deleted
"C:\Users\MSEA01~1.ADI\AppData\Local\AVAST Software\APM\pam.db" not deleted
"C:\Users\Ms.Adinka\AppData\Local\AVAST Software" not deleted
"C:\Users\MSEA01~1.ADI\AppData\Local\AVAST Software" not deleted
"C:\Users\Ms.Adinka\AppData\Local\AVAST Software\APM" not deleted
"C:\Users\MSEA01~1.ADI\AppData\Local\AVAST Software\APM" not deleted

==== Orphaned Tasks deleted from Registry ======================

HPCeeScheduleForMs.Adinka deleted

==== Firefox XPI-files found: ======================

- __MSG_avastAppShortName__ - C:\Program Files\AVAST Software\Avast\SafePrice\FF\sp@avast.com.xpi
- Office Launcher - C:\ProgramData\Microsoft\OEMOffice15\Office15\x86\15.0.4569.1506\office\data\officefirefox_cs-cz.xpi
- Office Launcher - C:\ProgramData\Microsoft\OEMOffice15\Office15\x86\15.0.4569.1506\office\data\officefirefox_en-us.xpi
- Office Launcher - C:\ProgramData\Microsoft\OEMOffice15\Office15\x86\15.0.4569.1506\office\data\officefirefox_sk-sk.xpi
- Office Launcher - C:\Users\All Users\Microsoft\OEMOffice15\Office15\x86\15.0.4569.1506\office\data\officefirefox_cs-cz.xpi
- Office Launcher - C:\Users\All Users\Microsoft\OEMOffice15\Office15\x86\15.0.4569.1506\office\data\officefirefox_en-us.xpi
- Office Launcher - C:\Users\All Users\Microsoft\OEMOffice15\Office15\x86\15.0.4569.1506\office\data\officefirefox_sk-sk.xpi

==== Chromium Look ======================

Google Chrome Version: 80.0.3987.122

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]

Chrome Media Router - Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Chrome Media Router - MSEA01~1.ADI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.bing.com/?pc=HPNTDFJS"
"Default_Page_URL"="http://www.bing.com?pc=HPNTDFJS"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.bing.com?pc=HPNTDFJS"
"Start Page"="http://www.bing.com?pc=HPNTDFJS"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.bing.com?pc=HPNTDFJS"
"Start Page"="http://www.bing.com?pc=HPNTDFJS"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.bing.com/?pc=HPNTDFJS"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... c=CPNTDFJS
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... c=CPNTDFJS
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?PC=WCUG&FORM ... earchTerms}

==== Reset Google Chrome ======================

C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\MSEA01~1.ADI\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\MSEA01~1.ADI\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot
C:\Users\MSEA01~1.ADI\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\MSEA01~1.ADI\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ms.Adinka\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\MSEA01~1.ADI\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Ms.Adinka\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\MSEA01~1.ADI\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot
C:\Users\MSEA01~1.ADI\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=31 folders=17 562730 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Ms.Adinka\AppData\Local\Temp will be emptied at reboot
C:\Users\MSEA01~1.ADI\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\MSEA01~1.ADI\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Ms.Adinka\AppData\Local\AVAST Software\APM\kv_pam.db" not found
"C:\Users\Ms.Adinka\AppData\Local\AVAST Software\APM\kv_pamcore.db" not found
"C:\Users\Ms.Adinka\AppData\Local\AVAST Software\APM\kv_pampub.db" not found
"C:\Users\Ms.Adinka\AppData\Local\AVAST Software\APM\pam.db" not found
"C:\Users\MSEA01~1.ADI\AppData\Local\AVAST Software\APM\kv_pam.db" not found
"C:\Users\MSEA01~1.ADI\AppData\Local\AVAST Software\APM\kv_pamcore.db" not found
"C:\Users\MSEA01~1.ADI\AppData\Local\AVAST Software\APM\kv_pampub.db" not found
"C:\Users\MSEA01~1.ADI\AppData\Local\AVAST Software\APM\pam.db" not found
"C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
"C:\Users\MSEA01~1.ADI\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\MSEA01~1.ADI\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
"C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\Ms.Adinka\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted
"C:\Users\MSEA01~1.ADI\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" not found
"C:\Users\MSEA01~1.ADI\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" not found
"C:\Users\MSEA01~1.ADI\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" not found
"C:\Users\MSEA01~1.ADI\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" not found
"C:\Users\MSEA01~1.ADI\AppData\Local\Google\Chrome\User Data\Default\Cache\index" not found
"C:\Users\Ms.Adinka\AppData\Local\AVAST Software" not found
"C:\Users\MSEA01~1.ADI\AppData\Local\AVAST Software" not found

==== EOF on Łt 03. 03. 2020 at 21:07:50,95 ======================

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 8.1 Connected x64
Ran by Ms.Adinka (Administrator) on Łt 03. 03. 2020 at 21:11:17,04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 03. 03. 2020 at 21:20:42,73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Jo a vypadá to že už žádný okna nevyskakují.....

To je fajn