Prosím o pomoc, počítač se chová divně

[pan Hankey]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tom78 at 2017-12-20 12:10:52
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 68 GB (52%) free of 130 GB
Total RAM: 8098 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:10:53, on 20.12.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18525)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files\trend micro\Tom78.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKCU\..\Run: [Bloody2] "C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe" Minimum
O4 - HKCU\..\Run: [BloodyKeyboard] "C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe" Minimum
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - D:\Games\GOG Galaxy\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Služba Windows Media Player Network Sharing (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7006 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {476E761D-FE6C-44D5-A20A-3F6F3F8C8355}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
taskeng.exe {494A7CEF-4C64-4578-BB1C-B95DD68CFDFC}
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe" Minimum
"C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe" Minimum
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -c
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
C:\Windows\system32\SearchIndexer.exe /Embedding
AvastUI.exe /nogui
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\Windows\system32\conhost.exe "-18903547-281607952-349648644-1827272413-86884993715159773881961601955-273787274
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --disable-gpu-compositing --no-sandbox --service-pipe-token=1828172C5EFA1CF60DC4A901F608DA1D --lang=en-US --lang=en-US --log-file="C:\Users\Tom78\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=1828172C5EFA1CF60DC4A901F608DA1D --renderer-client-id=2 --mojo-platform-channel-handle=1344 /prefetch:1
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
taskhost.exe $(Arg0)
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Tom78\Desktop\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-11-10 958328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-10 820672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-11-11 8899592]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-11-10 253344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Bloody2"=C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [2017-10-16 17700864]
"BloodyKeyboard"=C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe [2017-11-02 11374080]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux2"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux3"=wdmaud.drv
"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-12-20 12:08:56 ----D---- C:\Program Files\trend micro
2017-12-20 12:08:55 ----D---- C:\rsit
2017-12-06 17:46:07 ----D---- C:\Program Files\Common Files\Avast Software
2017-11-29 00:43:22 ----A---- C:\Windows\system32\drivers\nvvhci.sys
2017-11-29 00:43:22 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2017-11-28 01:51:17 ----D---- C:\Program Files (x86)\BloodyIllumine
2017-11-27 13:26:16 ----D---- C:\Program Files (x86)\KeyDominator2
2017-11-27 13:16:56 ----D---- C:\Program Files (x86)\Bloody6
2017-11-22 16:48:16 ----A---- C:\Windows\SYSWOW64\APCSnmp.dll

======List of files/folders modified in the last 1 month======

2017-12-20 12:09:46 ----D---- C:\Windows\Prefetch
2017-12-20 12:08:56 ----RD---- C:\Program Files
2017-12-20 12:07:49 ----D---- C:\ProgramData\NVIDIA
2017-12-20 12:06:58 ----D---- C:\Windows\Temp
2017-12-20 12:05:49 ----D---- C:\Windows
2017-12-20 11:52:16 ----D---- C:\AdwCleaner
2017-12-20 11:38:03 ----D---- C:\Program Files (x86)\Steam
2017-12-20 01:26:23 ----D---- C:\Windows\system32\drivers
2017-12-19 13:25:39 ----D---- C:\Windows\system32\Tasks
2017-12-18 20:16:20 ----D---- C:\Windows\inf
2017-12-17 16:41:27 ----D---- C:\Users\Tom78\AppData\Roaming\vlc
2017-12-17 16:23:57 ----D---- C:\Users\Tom78\AppData\Roaming\obs-studio
2017-12-16 15:57:51 ----D---- C:\Users\Tom78\AppData\Roaming\audacity
2017-12-15 11:41:43 ----D---- C:\Windows\SoftwareDistribution
2017-12-13 18:28:01 ----D---- C:\Windows\system32\config
2017-12-13 18:16:07 ----SHD---- C:\System Volume Information
2017-12-13 10:34:53 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-12-13 10:34:51 ----D---- C:\Windows\system32\Macromed
2017-12-13 10:34:50 ----D---- C:\Windows\SYSWOW64\Macromed
2017-12-13 10:33:07 ----D---- C:\Windows\SysWOW64
2017-12-10 19:17:23 ----RD---- C:\Program Files (x86)
2017-12-10 19:16:18 ----D---- C:\Moje
2017-12-06 17:46:07 ----D---- C:\Program Files\Common Files
2017-12-06 17:34:14 ----D---- C:\Windows\Logs
2017-12-06 15:25:11 ----SHD---- C:\Windows\Installer
2017-12-06 15:24:31 ----RSD---- C:\Windows\assembly
2017-12-03 03:43:17 ----HD---- C:\ProgramData
2017-11-29 12:10:59 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2017-11-29 00:47:23 ----D---- C:\Windows\System32
2017-11-29 00:47:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-11-29 00:44:12 ----D---- C:\ProgramData\NVIDIA Corporation
2017-11-29 00:43:59 ----D---- C:\Windows\system32\DriverStore
2017-11-29 00:43:49 ----D---- C:\Program Files\NVIDIA Corporation
2017-11-27 15:34:46 ----D---- C:\Program Files (x86)\Common Files
2017-11-22 16:50:10 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2017-11-10 198968]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2017-11-10 343288]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2017-11-10 57728]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-11-10 84416]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-11-10 364464]
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2016-11-07 118560]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2016-11-11 1469952]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2016-11-11 31712]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2013-10-21 213848]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2016-11-07 276256]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2017-04-22 381440]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2017-11-10 183584]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2017-11-10 321032]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-11-10 110376]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-11-10 1026232]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-11-15 455376]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2016-12-02 283064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO64A.SYS [2016-11-08 27552]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-11-10 148288]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-11-10 203976]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2016-11-11 5276168]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2016-11-11 823816]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2016-12-20 199760]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2017-10-27 225208]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2017-11-16 50624]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2017-11-16 57792]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2016-12-20 1037832]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-11-10 47008]
S3 ax41d9ar;ax41d9ar; C:\Windows\system32\drivers\ax41d9ar.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-11-16 30144]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 semav6msr64;semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [2015-06-04 21984]
S3 Ser2pl;Prolific Serial port WDF driver; C:\Windows\system32\DRIVERS\ser2pl64.sys [2017-10-30 227248]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-10-21 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-11-10 281416]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2013-10-21 27136]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-10-16 207648]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-10-16 415520]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2013-10-21 27136]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-16 519104]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-10-27 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-11-16 460736]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2013-10-21 27136]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-11-10 7549928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-18 153168]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-13 272384]
S3 GalaxyClientService;GalaxyClientService; D:\Games\GOG Galaxy\GalaxyClientService.exe [2017-07-06 488000]
S3 GalaxyCommunication;GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [2017-06-14 8077376]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-18 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-10-27 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-16 519104]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-12-15 1644832]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-11-10 1255736]
S4 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2014-05-30 943136]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------

[Kodlz]

Ahoj,
Jak divne? zkus byt trochu presnejsi.

Poprosim o vlozeni logu z FRST.txt a Addition.txt z aplikace FRSTLauncher.exe (Farbar Recovery Scan Tool). Navod naleznes zde: https://forum.viry.cz/viewtopic.php?f=13&t=152707
Obsah z Additional.txt muzes vlozit rovnou sem do vlakna.

[pan Hankey]

Nejde bohužel stáhnout - naskočí stránka kde je napsáno "Tento web není dostupný". Blbne třeba prohlížeč kde mi vyskakují zničeho nic desítky oken po kliknutí třeba na kontakt na nějaké stránce. Třeba jsem byl na stránce PPL kde jsem hledal svůj balík a když jsem kliknul na kontakt, tak začaly vyskakovat nová a nová okna a nešlo nic dělat, jen jsem ukončil celý prohlížeč a vyčistil historii a cookies, ale stalo se to i jinde na jiných stránkách. Taky posledních pár dní pbčas blbne zapínání a vypínání systému, kdy se pc zasekne a neodpovídá.

[pan Hankey]

Bylo to antivirákem, na chvilku jsem ho vypnul a stažení proběhlo v pohodě.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2017
Ran by Tom78 (administrator) on STROJ (20-12-2017 13:30:27)
Running from C:\Users\Tom78\Desktop
Loaded Profiles: Tom78 (Available Profiles: Tom78)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
() C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(forum.viry.cz) C:\Users\Tom78\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-11-11] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-10] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [17700864 2017-10-16] ()
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\Run: [BloodyKeyboard] => C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe [11374080 2017-11-02] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 185.22.125.225 8.8.4.4
Tcpip\..\Interfaces\{45DF80BB-9782-4E8A-B0F0-BAB1888F7B4E}: [DhcpNameServer] 185.22.125.225 8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-11-10] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-10] (AVAST Software)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-08] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default [2017-12-20]
CHR Extension: (Prezentace) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Dokumenty) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Disk Google) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-18]
CHR Extension: (YouTube) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-18]
CHR Extension: (Avast SafePrice) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-12]
CHR Extension: (Tabulky) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-18]
CHR Extension: (Avast Online Security) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-18]
CHR Extension: (Gmail) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-18]
CHR Extension: (Chrome Media Router) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-15]
CHR Extension: (uBlock Adblocker Plus) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhflmgomffaphmnbcogleagmloijbkd [2017-11-28]
CHR Profile: C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\System Profile [2017-12-20]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Tom78\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-09-29]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928 2017-11-10] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-10] (AVAST Software)
S3 GalaxyClientService; D:\Games\GOG Galaxy\GalaxyClientService.exe [488000 2017-07-06] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8077376 2017-06-14] (GOG.com)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-10-16] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-10-27] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-11-16] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-10-21] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [183584 2017-11-10] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321032 2017-11-10] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [198968 2017-11-10] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343288 2017-11-10] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57728 2017-11-10] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47008 2017-11-10] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [148288 2017-11-10] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110376 2017-11-10] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84416 2017-11-10] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026232 2017-11-10] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [455376 2017-11-15] (AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [203976 2017-11-10] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [364464 2017-11-10] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2016-12-02] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2016-11-08] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31712 2016-11-11] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199760 2016-12-20] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2017-11-16] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-11-16] (NVIDIA Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2017-04-22] (Duplex Secure Ltd.)
U3 ax41d9ar; C:\Windows\System32\Drivers\ax41d9ar.sys [0 ] (Intel Corporation) <==== ATTENTION (zero byte File/Folder)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-20 13:30 - 2017-12-20 13:30 - 000012814 _____ C:\Users\Tom78\Desktop\FRST.txt
2017-12-20 13:30 - 2017-12-20 13:30 - 000000000 ____D C:\FRST
2017-12-20 13:29 - 2017-12-20 13:29 - 000029696 _____ C:\Users\Tom78\AppData\Local\MSGBOX.EXE
2017-12-20 13:29 - 2017-12-20 13:29 - 000015327 _____ C:\Users\Tom78\Desktop\LM.bat
2017-12-20 13:28 - 2017-12-20 13:28 - 000112640 _____ (forum.viry.cz) C:\Users\Tom78\Desktop\FRSTLauncher.exe
2017-12-20 13:24 - 2017-12-20 13:24 - 002392064 _____ (Farbar) C:\Users\Tom78\Desktop\FRST64.exe
2017-12-20 12:08 - 2017-12-20 12:10 - 000000000 ____D C:\Program Files\trend micro
2017-12-20 12:08 - 2017-12-20 12:09 - 000000000 ____D C:\rsit
2017-12-20 12:08 - 2017-10-08 14:02 - 001222144 _____ C:\Users\Tom78\Desktop\RSITx64.exe
2017-12-20 11:51 - 2017-12-20 11:51 - 008187336 _____ (Malwarebytes) C:\Users\Tom78\Desktop\adwcleaner_7.0.5.0.exe
2017-12-17 02:23 - 2017-12-17 02:23 - 000000862 _____ C:\Users\Tom78\Desktop\Frasier.lnk
2017-12-14 13:09 - 2016-09-19 20:57 - 000145920 _____ C:\Users\Tom78\Desktop\mafia2_v1.05_trn.exe
2017-12-10 19:28 - 2017-12-10 19:28 - 000000904 _____ C:\Users\Public\Desktop\XMedia Recode.lnk
2017-12-10 19:28 - 2017-12-10 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2017-12-06 17:46 - 2017-12-06 17:46 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2017-12-01 19:59 - 2017-12-01 19:59 - 000001511 _____ C:\Users\Tom78\Desktop\Mafia.lnk
2017-11-29 00:43 - 2017-11-16 02:41 - 000057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-11-29 00:43 - 2017-11-16 02:41 - 000050624 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-11-28 01:51 - 2017-11-28 01:51 - 000000000 ____D C:\Program Files (x86)\BloodyIllumine
2017-11-27 15:26 - 2017-11-27 15:26 - 000000221 _____ C:\Users\Tom78\Desktop\Mafia II.url
2017-11-27 13:26 - 2017-11-27 13:26 - 000002205 _____ C:\Users\Public\Desktop\KeyDominator2.lnk
2017-11-27 13:26 - 2017-11-27 13:26 - 000000000 ____D C:\Program Files (x86)\KeyDominator2
2017-11-27 13:17 - 2017-11-28 01:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloody
2017-11-27 13:17 - 2017-11-27 13:17 - 000002025 _____ C:\Users\Public\Desktop\Bloody6.lnk
2017-11-27 13:16 - 2017-11-27 13:16 - 000000000 ____D C:\Program Files (x86)\Bloody6
2017-11-22 16:49 - 2017-11-27 15:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\APC PowerChute Business Edition
2017-11-22 16:48 - 2005-01-05 13:13 - 000036864 _____ C:\Windows\SysWOW64\APCSnmp.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 013923704 _____ (Schneider Electric) C:\Users\Tom78\PCPE Setup.exe
2017-11-21 14:17 - 2017-11-21 15:19 - 013338112 _____ C:\Users\Tom78\PCPE_3.0.1.msi
2017-11-21 14:17 - 2017-11-21 15:19 - 001079808 _____ (Microsoft Corporation) C:\Users\Tom78\mfc80u.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 000626688 _____ (Microsoft Corporation) C:\Users\Tom78\msvcr80.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 000021880 _____ (Schneider Electric) C:\Users\Tom78\grm_res.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 000021880 _____ (Schneider Electric) C:\Users\Tom78\fr_res.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\pt_res.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\it_res.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\es_res.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\en_res.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 000020856 _____ (Schneider Electric) C:\Users\Tom78\ru_res.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 000020344 _____ (Schneider Electric) C:\Users\Tom78\jp_res.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 000019832 _____ (Schneider Electric) C:\Users\Tom78\zh_res.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 000018808 _____ C:\Users\Tom78\ResourceReader.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 000000550 _____ C:\Users\Tom78\Microsoft.VC80.MFC.manifest
2017-11-21 14:17 - 2017-11-21 15:19 - 000000522 _____ C:\Users\Tom78\Microsoft.VC80.CRT.manifest
2017-11-21 14:17 - 2017-11-21 15:19 - 000000012 _____ C:\Users\Tom78\dotnetfolder.txt
2017-11-21 09:44 - 2017-11-21 09:44 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ser2pl64_01009.Wdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-20 12:25 - 2017-11-08 13:20 - 000000000 ____D C:\ProgramData\NVIDIA
2017-12-20 12:19 - 2009-07-14 05:45 - 000021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-20 12:19 - 2009-07-14 05:45 - 000021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-20 12:05 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-20 11:54 - 2016-11-08 19:00 - 000007650 _____ C:\Users\Tom78\AppData\Local\Resmon.ResmonCfg
2017-12-20 11:52 - 2017-11-16 00:54 - 000000000 ____D C:\AdwCleaner
2017-12-20 11:38 - 2017-11-16 22:05 - 000000000 ____D C:\Program Files (x86)\Steam
2017-12-19 19:57 - 2017-11-03 22:28 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-19 19:57 - 2017-11-03 22:28 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-19 19:57 - 2017-11-03 22:28 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-19 19:57 - 2017-10-18 22:32 - 000003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-12-19 19:57 - 2017-10-18 22:32 - 000003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-12-19 19:57 - 2017-10-04 16:27 - 000003998 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1503746874
2017-12-19 19:57 - 2016-11-06 22:54 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-12-18 20:16 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-12-17 16:41 - 2016-12-31 12:53 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\vlc
2017-12-17 16:23 - 2017-11-09 21:20 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\obs-studio
2017-12-16 15:57 - 2017-11-07 19:23 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\audacity
2017-12-15 11:41 - 2016-12-28 21:13 - 000000000 ____D C:\Users\Tom78\AppData\Local\CrashDumps
2017-12-14 01:43 - 2017-10-18 22:32 - 000002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-14 01:43 - 2017-10-18 22:32 - 000002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-12-13 10:34 - 2017-06-30 21:59 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-12-13 10:34 - 2017-06-30 21:59 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-13 10:34 - 2017-02-09 21:49 - 000000000 ____D C:\Users\Tom78\AppData\Local\Adobe
2017-12-13 10:34 - 2016-11-07 02:54 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-12-13 10:34 - 2016-11-07 02:54 - 000000000 ____D C:\Windows\system32\Macromed
2017-12-10 19:16 - 2016-11-06 23:25 - 000000000 ____D C:\Moje
2017-12-05 03:37 - 2017-02-07 17:53 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-12-01 01:08 - 2017-11-08 13:27 - 000000000 ____D C:\Users\Tom78\AppData\Local\NVIDIA
2017-11-29 12:10 - 2017-11-08 13:20 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-11-29 00:47 - 2011-04-12 09:34 - 000668542 _____ C:\Windows\system32\perfh005.dat
2017-11-29 00:47 - 2011-04-12 09:34 - 000141202 _____ C:\Windows\system32\perfc005.dat
2017-11-29 00:47 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-29 00:44 - 2017-11-08 13:25 - 000001458 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-11-29 00:44 - 2017-11-08 13:18 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-11-29 00:43 - 2017-11-08 13:17 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-11-27 17:24 - 2016-12-26 20:29 - 000000000 ____D C:\Users\Tom78\AppData\Local\2K Games
2017-11-27 16:34 - 2017-09-29 18:40 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-11-22 21:10 - 2009-07-14 06:08 - 000032550 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-11-22 21:05 - 2017-06-04 21:43 - 000013023 _____ C:\Users\Tom78\Desktop\steam chat.txt
2017-11-22 20:58 - 2016-11-10 20:57 - 000000000 ____D C:\Users\Tom78\AppData\Local\ElevatedDiagnostics
2017-11-22 16:50 - 2016-11-06 22:21 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-11-21 14:17 - 2016-11-06 22:06 - 000000000 ____D C:\Users\Tom78
2017-11-21 10:50 - 2016-11-06 22:06 - 000000000 ____D C:\Users\Tom78\AppData\Local\VirtualStore
2017-11-21 09:54 - 2017-08-30 14:32 - 000000000 _____ C:\Windows\SysWOW64\last.dump

==================== Files in the root of some directories =======

2017-11-21 14:17 - 2017-11-21 15:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\en_res.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\es_res.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 000021880 _____ (Schneider Electric) C:\Users\Tom78\fr_res.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 000021880 _____ (Schneider Electric) C:\Users\Tom78\grm_res.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\it_res.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 000020344 _____ (Schneider Electric) C:\Users\Tom78\jp_res.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 001079808 _____ (Microsoft Corporation) C:\Users\Tom78\mfc80u.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 000626688 _____ (Microsoft Corporation) C:\Users\Tom78\msvcr80.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 013923704 _____ (Schneider Electric) C:\Users\Tom78\PCPE Setup.exe
2017-11-21 14:17 - 2017-11-21 15:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\pt_res.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 000018808 _____ () C:\Users\Tom78\ResourceReader.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 000020856 _____ (Schneider Electric) C:\Users\Tom78\ru_res.dll
2017-11-21 14:17 - 2017-11-21 15:19 - 000019832 _____ (Schneider Electric) C:\Users\Tom78\zh_res.dll
2017-01-12 21:27 - 2017-09-12 00:56 - 000005120 _____ () C:\Users\Tom78\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-12-20 13:29 - 2017-12-20 13:29 - 000029696 _____ () C:\Users\Tom78\AppData\Local\MSGBOX.EXE
2016-11-08 19:00 - 2017-12-20 11:54 - 000007650 _____ () C:\Users\Tom78\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-12-09 17:46

==================== End of FRST.txt ============================

[Kodlz]

jeste poprosim obsah souboru Addition.txt

[pan Hankey]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2017
Ran by Tom78 (20-12-2017 13:31:02)
Running from C:\Users\Tom78\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-11-06 21:06:28)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4101578857-3757837661-3053645589-500 - Administrator - Disabled)
Guest (S-1-5-21-4101578857-3757837661-3053645589-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4101578857-3757837661-3053645589-1002 - Limited - Enabled)
Tom78 (S-1-5-21-4101578857-3757837661-3053645589-1000 - Administrator - Enabled) => C:\Users\Tom78

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
Acronis Disk Director (HKLM-x32\...\{AE372858-B1BD-49EF-8308-648322846008}) (Version: 12.0.3223 - Acronis)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Aktualizace NVIDIA 31.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.1.0 - NVIDIA Corporation) Hidden
Audacity 2.2.0 (HKLM-x32\...\Audacity_is1) (Version: 2.2.0 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.8.2318 - AVAST Software)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 17.10.0005 - Bloody)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HWiNFO64 Version 5.38 (HKLM\...\HWiNFO64_is1) (Version: 5.38 - Martin Malík - REALiX)
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
KeyDominator2 (HKLM-x32\...\BloodyKeyboard) (Version: 17.11.0002 - Bloody)
Kyodai Mahjongg 2006 v1.2 (HKLM-x32\...\Kyodai Mahjongg 2006_is1) (Version: - Rene-Gilles Deberdt)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenOffice 4.1.3 (HKLM-x32\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
Opera Stable 49.0.2725.64 (HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\Opera 49.0.2725.64) (Version: 49.0.2725.64 - Opera Software)
Organizér (HKLM-x32\...\{4154BF17-EE1F-4F25-9696-2FF191FE0787}) (Version: 5.3.5.1 - Fireluke Software)
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XMedia Recode verze 3.3.8.0 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.3.8.0 - XMedia Recode)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-10] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-10] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-10] (AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-10] (AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-10] (AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {15A39554-8AD9-410B-84C8-A546D649CDE5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-11-16] (NVIDIA Corporation)
Task: {15EB5F80-A92E-453F-B72C-055689D6F7C2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-11-16] (NVIDIA Corporation)
Task: {2EA62DBA-A4B1-45D8-9C35-6F39CB8BCB48} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {2FAE0032-154C-4853-9AC0-15A3B88A9354} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-16] (NVIDIA Corporation)
Task: {46991531-532C-4CDA-93EC-D98724197CB8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-18] (Google Inc.)
Task: {74CA4D94-4449-45FE-BB95-53DD6A2A975B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2017-12-06] (AVAST Software)
Task: {D8410D36-94AB-4AEF-9255-204BCE78F091} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-18] (Google Inc.)
Task: {EC66C797-6072-4580-87F9-7C9116B0863F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-11-10] (AVAST Software)
Task: {F8F8E29E-B85E-434D-B09F-519A6575D96D} - System32\Tasks\Opera scheduled Autoupdate 1503746874 => C:\Moje\Prohlizece\Opera\launcher.exe [2017-12-18] (Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-11-08 13:21 - 2017-11-16 02:41 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-11-27 13:16 - 2017-10-16 04:48 - 017700864 _____ () C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
2017-11-27 13:26 - 2017-11-02 09:32 - 011374080 _____ () C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe
2017-11-10 19:06 - 2017-11-10 19:06 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-11-10 19:06 - 2017-11-10 19:06 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-11-10 19:06 - 2017-11-10 19:06 - 000237808 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-11-10 19:06 - 2017-11-10 19:06 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-11-10 19:06 - 2017-11-10 19:06 - 000151104 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
2017-12-20 11:19 - 2017-12-20 11:19 - 005766800 _____ () C:\Program Files\AVAST Software\Avast\defs\17122000\algo.dll
2017-11-10 19:06 - 2017-11-10 19:06 - 000710056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-11-10 19:06 - 2017-11-10 19:06 - 000245608 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-11-27 13:17 - 2013-10-11 02:43 - 000085504 _____ () C:\Program Files (x86)\Bloody6\Bloody6\DLL\DLL_ZoomControl.dll
2017-11-27 13:16 - 2017-04-17 03:43 - 003852800 _____ () C:\Program Files (x86)\Bloody6\Bloody6\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2017-11-27 13:26 - 2014-01-10 10:48 - 004260352 _____ () C:\Program Files (x86)\KeyDominator2\KeyDominator2\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2017-11-08 13:21 - 2017-11-16 02:41 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-06-26 14:39 - 2017-06-26 14:39 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-11-10 19:06 - 2017-11-10 19:06 - 000235816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-11-08 13:21 - 2017-11-16 02:40 - 066906560 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2015-10-16 06:14 - 2015-10-16 06:14 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\100sexlinks.com -> 100sexlinks.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\101lottery.com -> 101lottery.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\123found.com -> 123found.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\123keno.com -> 123keno.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\143fuck.com -> 143fuck.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\180solutions.com -> 180solutions.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1se.ru -> 1se.ru
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1sexparty.com -> 1sexparty.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1stfind.com -> 1stfind.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1stpagehere.com -> 1stpagehere.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\2020search.com -> 2020search.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\20x2p.com -> 20x2p.com

There are 1540 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2017-07-02 18:11 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tom78\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 185.22.125.225 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{32A89603-4C93-4E83-96AB-8DB858A5AB73}] => (Block) %SystemDrive%\Moje\DiskDirector\DiskDirector.exe
FirewallRules: [{1D37AC3A-A0A0-46E5-9D31-40F1B00704D9}] => (Block) %SystemDrive%\Moje\DiskDirector\DiskDirector.exe
FirewallRules: [{A8428BF2-B651-4BFB-A229-5A159785B944}] => (Allow) C:\Users\Tom78\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{5AB598F2-4265-4261-B9BB-0ACCB703855B}] => (Allow) C:\Users\Tom78\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{25CF3C97-50D5-4C3C-A582-9FF66D350916}] => (Block) D:\Games\The Witcher 3 - Wild Hunt\bin\x64\witcher3.exe
FirewallRules: [{9FECA04D-EE52-4F30-82E7-3BA380EBCD27}] => (Block) D:\Games\The Witcher 3 - Wild Hunt\bin\x64\witcher3.exe
FirewallRules: [{A56472DC-8DEE-4F6A-9F93-4C5EE4CD2BEA}] => (Block) D:\Games\The Witcher 3 - Wild Hunt\bin\x64\witcher3.exe
FirewallRules: [{BAFF0821-98B5-4B38-BFD6-AABB17C7B56D}] => (Block) D:\Games\The Witcher 3 - Wild Hunt\bin\x64\witcher3.exe
FirewallRules: [{E77FBC97-E6ED-4225-80E7-553B424C6ACC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{3E2C1333-0967-458B-86A2-9302E15C9368}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{6A0D794E-0624-4E3D-9D5C-56059D56A47B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A658423E-45B2-4C1E-9020-BB8F3B2624CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{324F436C-E05F-4C4C-83F0-8F0858B97736}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{952F2547-AC48-4238-80EF-4F7E71AEA8D6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C413309E-5016-410F-8A8C-E8D5695E3EAD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{34FE0ED3-763A-4A78-8D72-00C1234B38AD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{01E02B80-E74B-4178-BBE6-BDB8288DC91A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Novus Inceptio\NovusInceptio.exe
FirewallRules: [{DA6584F7-F8AE-4CDA-AD16-DEE30ED154F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Novus Inceptio\NovusInceptio.exe
FirewallRules: [{02DC5B5A-75DC-4566-8978-E78C971278CA}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mashinky\Mashinky.exe
FirewallRules: [{FAD87EC9-A0A7-4E60-A7A1-A5C7D7E404C6}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mashinky\Mashinky.exe
FirewallRules: [{4C19DBD1-163F-4DA8-A4BB-329D1AF1D483}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Hobo Tough Life\HoboRPG.exe
FirewallRules: [{383E368C-139B-47C9-A31C-1BDB498E725F}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Hobo Tough Life\HoboRPG.exe
FirewallRules: [{BC873C68-D30B-40E5-935D-B36A01A076A3}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mafia III\launcher.exe
FirewallRules: [{C3CC8EF6-3435-44CF-929E-0C0F642A64FB}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mafia III\launcher.exe
FirewallRules: [{A246069D-700D-435F-A48C-351BCD3E077D}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{3989BEBB-A62D-4712-A1CD-87BD50B402C7}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{FE75D457-577D-4F00-BBDD-34D6FEA0AA07}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A1D5B2B0-F515-4C3E-9C42-A85DA630270C}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe
FirewallRules: [{417B3A94-8506-4610-B5B9-44CBF7372B85}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe
FirewallRules: [{F50DBC83-B83B-440B-A32C-7A9AFB639E21}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe
FirewallRules: [{C8F124C7-9AE2-4AAF-90D2-EAD89EE53853}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe
FirewallRules: [{9EA77142-E4EB-41D1-A2DE-C594A4ED9255}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{86D84EC0-826C-4603-8E18-2D6C2197157D}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [{F964336F-7824-4D11-8F7B-488903AA8439}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [{830A62BC-5233-4795-AD0B-8AEDA2B02337}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 17\x86\FarmingSimulator2017Game.exe
FirewallRules: [{BAE5A588-8327-4FFE-81F7-B62BB6061521}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 17\x86\FarmingSimulator2017Game.exe
FirewallRules: [{FF475AAE-B35F-45DD-ABA3-A0A87EDEF6CA}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [{9D27A073-1E4B-4F42-ADEE-F06D31F84FFF}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe

==================== Restore Points =========================

06-12-2017 15:23:40 Nainstalováno rozhraní DirectX
13-12-2017 18:15:46 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/20/2017 12:06:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/20/2017 12:06:17 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Moje\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/20/2017 12:06:17 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Moje\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/20/2017 11:19:28 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Moje\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/20/2017 11:19:28 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Moje\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/20/2017 11:18:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/19/2017 05:13:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Moje\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/19/2017 05:13:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Moje\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/19/2017 01:25:39 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Moje\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/19/2017 01:25:39 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Moje\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.


System errors:
=============
Error: (12/20/2017 12:05:47 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (12:01:14, ‎20.‎12.‎2017) bylo neočekávané.

Error: (12/20/2017 12:05:40 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (12/20/2017 12:05:40 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (12/20/2017 12:05:33 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (12/20/2017 12:05:33 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (12/20/2017 12:05:32 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (12/20/2017 11:52:15 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (12/20/2017 11:52:15 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (12/20/2017 11:18:04 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (12/20/2017 11:18:04 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.


CodeIntegrity:
===================================
Date: 2017-10-28 14:18:10.956
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-28 14:18:10.925
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-28 14:18:10.379
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-28 14:18:10.348
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-08 12:34:51.423
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-08 12:34:51.392
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-08 12:34:50.519
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-08 12:34:50.487
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 27%
Total physical RAM: 8097.73 MB
Available physical RAM: 5859.39 MB
Total Virtual: 24291.38 MB
Available Virtual: 22125.9 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:126.95 GB) (Free:65.49 GB) NTFS
Drive d: (Hry) (Fixed) (Total:226.74 GB) (Free:81.71 GB) NTFS
Drive e: () (Fixed) (Total:134.65 GB) (Free:27.68 GB) NTFS
Drive f: () (Fixed) (Total:931.41 GB) (Free:57.25 GB) NTFS
Drive h: (Záloha) (Fixed) (Total:443.16 GB) (Free:10.96 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 82382C7D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 12DF12DE)
Partition 1: (Not Active) - (Size=127 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=804.6 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================

[Kodlz]

Na plose, tam kde mas umisteny FRST vytvor TXT soubor, ktery pojmenujes fixlist.txt a do nej vloz nasledujici text:

( Spusť znovu FRST a klikni na >Fix<. Po skončení akce se objeví log, který sem zkopíruj).

start
CreateRestorePoint:

CloseProcesses:

Hosts:

EmptyTemp:


HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
U3 ax41d9ar; C:\Windows\System32\Drivers\ax41d9ar.sys [0 ] (Intel Corporation) <==== ATTENTION (zero byte File/Folder)
Task: {46991531-532C-4CDA-93EC-D98724197CB8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-18] (Google Inc.)
Task: {D8410D36-94AB-4AEF-9255-204BCE78F091} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-18] (Google Inc.)
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\100sexlinks.com -> 100sexlinks.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\101lottery.com -> 101lottery.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\123found.com -> 123found.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\123keno.com -> 123keno.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\143fuck.com -> 143fuck.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\180solutions.com -> 180solutions.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1se.ru -> 1se.ru
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1sexparty.com -> 1sexparty.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1stfind.com -> 1stfind.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1stpagehere.com -> 1stpagehere.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\2020search.com -> 2020search.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\20x2p.com -> 20x2p.com
end

[pan Hankey]

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-12-2017
Ran by Tom78 (20-12-2017 15:20:07) Run:1
Running from C:\Users\Tom78\Desktop
Loaded Profiles: Tom78 (Available Profiles: Tom78)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:

CloseProcesses:

Hosts:

EmptyTemp:


HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
U3 ax41d9ar; C:\Windows\System32\Drivers\ax41d9ar.sys [0 ] (Intel Corporation) <==== ATTENTION (zero byte File/Folder)
Task: {46991531-532C-4CDA-93EC-D98724197CB8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-18] (Google Inc.)
Task: {D8410D36-94AB-4AEF-9255-204BCE78F091} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-18] (Google Inc.)
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\100sexlinks.com -> 100sexlinks.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\101lottery.com -> 101lottery.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\123found.com -> 123found.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\123keno.com -> 123keno.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\143fuck.com -> 143fuck.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\180solutions.com -> 180solutions.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1se.ru -> 1se.ru
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1sexparty.com -> 1sexparty.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1stfind.com -> 1stfind.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1stpagehere.com -> 1stpagehere.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\2020search.com -> 2020search.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\20x2p.com -> 20x2p.com
end
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\System\CurrentControlSet\Services\ax41d9ar" => removed successfully
ax41d9ar => service removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{46991531-532C-4CDA-93EC-D98724197CB8} => could not remove key. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46991531-532C-4CDA-93EC-D98724197CB8}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D8410D36-94AB-4AEF-9255-204BCE78F091}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8410D36-94AB-4AEF-9255-204BCE78F091}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008i.com" => removed successfully
"HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008k.com" => removed successfully
"HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\00hq.com" => removed successfully
"HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0190-dialers.com" => removed successfully
"HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0calories.net" => removed successfully
"HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-domains-registrations.com" => removed successfully
"HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-se.com" => removed successfully
"HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100gal.net" => removed successfully
"HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100sexlinks.com" => removed successfully
"HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\101lottery.com" => removed successfully
"HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123found.com" => removed successfully
"HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123keno.com" => removed successfully
"HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\143fuck.com" => removed successfully
"HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\180solutions.com" => removed successfully
"HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1se.ru" => removed successfully
"HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1sexparty.com" => removed successfully
"HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1stfind.com" => removed successfully
"HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1stpagehere.com" => removed successfully
"HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2020search.com" => removed successfully
"HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\20x2p.com" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12192567 B
Java, Flash, Steam htmlcache => 349501417 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 6772006 B
Firefox => 0 B
Opera => 306882372 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Tom78 => 547978 B

RecycleBin => 0 B
EmptyTemp: => 644.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:20:32 ====

[Kodlz]

Stáhni AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Ulož na plochu
Ukonči všechny programy
Klikni nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vlož.

nasledne tento tool MBAM: http://forum.viry.cz/viewtopic.php?f=29&t=144868
-Nainstaluj,Vyber "Vlastní sken" a klikni na "Konfigurovat sken"
V okně "Konfigurace vlastního skenu" vyber všechny pevné disky a zatrhni možnost u "Hledat rootkity"
Kliknutím na Skenovat nyní začne MBAM pracovat.

-Log zkopíruj sem.

[pan Hankey]

# AdwCleaner 7.0.5.0 - Logfile created on Wed Dec 20 14:45:10 2017
# Updated on 2017/29/11 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [1608 B] - [2017/11/15 23:55:15]
C:/AdwCleaner/AdwCleaner[C1].txt - [1266 B] - [2017/11/15 23:59:26]
C:/AdwCleaner/AdwCleaner[C2].txt - [1481 B] - [2017/11/16 0:38:7]
C:/AdwCleaner/AdwCleaner[S0].txt - [1546 B] - [2017/11/15 23:55:7]
C:/AdwCleaner/AdwCleaner[S1].txt - [1110 B] - [2017/11/15 23:59:7]
C:/AdwCleaner/AdwCleaner[S2].txt - [1247 B] - [2017/11/16 0:22:55]
C:/AdwCleaner/AdwCleaner[S3].txt - [1294 B] - [2017/11/16 0:37:38]
C:/AdwCleaner/AdwCleaner[S4].txt - [1429 B] - [2017/12/1 12:55:51]
C:/AdwCleaner/AdwCleaner[S5].txt - [1497 B] - [2017/12/20 10:52:16]
C:/AdwCleaner/AdwCleaner[S6].txt - [1566 B] - [2017/12/20 14:44:24]


########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt ##########

[pan Hankey]

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 20.12.17
Čas skenování: 15:52
Logovací soubor: 6c17c656-e595-11e7-8d82-382c4a636c3b.json
Správce: Ano

-Informace o softwaru-
Verze: 3.3.1.2183
Verze komponentů: 1.0.262
Aktualizovat verzi balíku komponent: 1.0.3527
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: Stroj\Tom78

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 285035
Zjištěné hrozby: 23
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 1 hod, 15 min, 34 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 23
PUP.Optional.GameHack, C:\PROGRAM FILES (X86)\CHEAT ENGINE 6.7\STANDALONEPHASE1.DAT, Žádná uživatelská akce, [658], [393793],1.0.3527
Generic.Malware/Suspicious, E:\PC\NERO 6 CZ (SERIAL) _MILLOOO_\NERO 7 - MP3PRO PLUG-IN ENCODER\NERO 7 - MP3PRO PLUG-IN ENCODER\NERO7KEYGEN.EXE, Žádná uživatelská akce, [0], [392686],1.0.3527
PUP.Optional.OpenCandy, E:\PC\DEAMON TOOLS\DTLITE-SETUP.EXE, Žádná uživatelská akce, [483], [297667],1.0.3527
PUP.Optional.ASK, E:\PC\ZONE ALARM 8 FREE\ZAZA_SETUP_EN.EXE, Žádná uživatelská akce, [485], [383618],1.0.3527
PUP.Optional.OpenCandy, E:\PC\CHEATENGINE64.EXE, Žádná uživatelská akce, [483], [70383],1.0.3527
PUP.Optional.ASK, E:\VYPÁLIT\ZONE ALARM 8 FREE\ZAZA_SETUP_EN.EXE, Žádná uživatelská akce, [485], [383618],1.0.3527
PUP.Optional.DLLSuite, D:\DLL SUITE 9.0.0.14\DLLSUITE_SETUP.EXE, Žádná uživatelská akce, [918], [396352],1.0.3527
Generic.Malware/Suspicious, F:\HRY - INSTAL+++\HEROES OF MIGHT AND MAGIC 5 +++\+\HOMM-5-V1.0-TRAINER-PLUS7.ZIP, Žádná uživatelská akce, [0], [392686],1.0.3527
HackTool.GamesCheat.Gen, F:\HRY - INSTAL+++\HEROES OF MIGHT AND MAGIC 5 +++\HOMAM_5_V1.6_EU_4_TRAINER.RAR, Žádná uživatelská akce, [14448], [296086],1.0.3527
CrackTool.Agent, F:\HRY - INSTAL+++\FABLE III CZ\FABLE III CZ\FABLE III CRACK & UPDATE ONLY-SKIDROW.RAR, Žádná uživatelská akce, [69], [84096],1.0.3527
RiskWare.GameHack.Generic, F:\HRY - INSTAL+++\GTA V\POSLEDNí\GRANDTHEFTAUTOV+24TR-LNG_V1.0.1103.2-2\GRAND THEFT AUTO V V1.0.323-V1.0.1103 PLUS 19 TRAINER.EXE, Žádná uživatelská akce, [1663], [339459],1.0.3527
CheatTool.CETTrainer, F:\HRY - INSTAL+++\GTA V\POSLEDNí\GTA_SRPEN_17\GRAND THEFT AUTO 5 V1.0.1103.2 TRAINER +12.RAR, Žádná uživatelská akce, [7747], [116813],1.0.3527
CheatTool.CETTrainer, F:\HRY - INSTAL+++\GTA V\POSLEDNí\GTA_SRPEN_17\GRAND THEFT AUTO 5 V1.0.1103.2 TRAINER +12 MRANTIFUN.EXE, Žádná uživatelská akce, [7747], [116813],1.0.3527
HackTool.GamesCheat.Gen, F:\HRY - INSTAL+++\THE SETTLERS 2 (10. VýROčí) CZ\TRAINER_4714_SETTLERS_2_TNG_V1.0_+1_TRAINER.ZIP, Žádná uživatelská akce, [14448], [296086],1.0.3527
Generic.Malware/Suspicious, F:\HRY - INSTAL+++\THE SIMS™ 2 KOMPLETNí EDICE + BONUSY\[ČTI MĚ!]\TRAINERY\THE.SIMS.2.MANSION.AND.GARDEN.STUFF.V1.0.PLUS.5.TRAINER.BY.BREWERS.RAR, Žádná uživatelská akce, [0], [392686],1.0.3527
RiskWare.Tool.CK, F:\HRY - INSTAL+++\THE SIMS™ 2 KOMPLETNí EDICE + BONUSY\[ČTI MĚ!]\SERIALS KEYS\KEY GENERATOR FOR 180 EA GAMES\KEY GENERATOR FOR 180 EA GAMES.EXE, Žádná uživatelská akce, [235], [294249],1.0.3527
Generic.Malware/Suspicious, F:\HRY - INSTAL+++\THE SIMS™ 2 KOMPLETNí EDICE + BONUSY\[ČTI MĚ!]\TRAINERY\BREWERS.EXE, Žádná uživatelská akce, [0], [392686],1.0.3527
CrackTool.Agent.Keygen, F:\HRY - INSTAL+++\TIGER WOODS PGA TOUR 08\HATRED\KEYGEN.EXE, Žádná uživatelská akce, [310], [386077],1.0.3527
CheatTool.CETTrainer, F:\HRY - INSTAL+++\ZAKLÍNAČ 3\WWW.ZAKLINAC\THE WITCHER 3 (+26) [VER 1.31] - GWENT\THE WITCHER 3 WILD HUNT TRAINER (+26) [VER 1.31] [UPDATE 12.03.2017] [64 BIT] {BARACUDA}.EXE, Žádná uživatelská akce, [7747], [116813],1.0.3527
HackTool.CheatEngine, F:\HRY - INSTAL+++\ZAKLÍNAČ 3\WWW.ZAKLINAC\THE WITCHER 3 - 1.31 GOTY +24\THE WITCHER 3 WILD HUNT V1.31 GOTY TRAINER +24 MRANTIFUN.EXE, Žádná uživatelská akce, [1061], [7940],1.0.3527
CheatTool.CETTrainer, F:\HRY - INSTAL+++\ZAKLÍNAČ 3\WWW.ZAKLINAC\THE WITCHER 3 (+26) [VER 1.31] - GWENT\THE WITCHER 3 WILD HUNT TRAINER (+26) [VER 1.31] [UPDATE 12.03.2017] [64 BIT] {BARACUDA}.RAR, Žádná uživatelská akce, [7747], [116813],1.0.3527
HackTool.CheatEngine, F:\HRY - INSTAL+++\ZAKLÍNAČ 3\WWW.ZAKLINAC\THE WITCHER 3 - 1.31 GOTY +24\THE WITCHER 3 WILD HUNT V1.31 GOTY TRAINER +24.RAR, Žádná uživatelská akce, [1061], [7940],1.0.3527
PUP.Optional.DLLSuite, H:\TORRENTY Z UBUNTU\DLL SUITE 9.0.0.14 (CZ).RAR, Žádná uživatelská akce, [918], [396352],1.0.3527

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

[Kodlz]

muzes znovu pustit mbam a dat odstranit vse co nalezne

[pan Hankey]

Hotovo, ale ono už pomohlo to s tím FRST a TXT souborem (fixlist.txt). Smazaly se nějaké odkazy na stránky s loteriema a pornem i když mi není jasný jak se mi to sem dostalo, když já nesázím a na takovéto porno stránky jsem v životě nelezl? A navíc nikdo jiný mi u pc nikdy nesedí, takže to není ani na koho hodit. Každopádně děkuju moc za pomoc.

[Kodlz]

ok, muzes odinstalovat MBAM.
Ocividne se ti to tam dostalo jednou z tech nelegalnich veci.

[pan Hankey]

Jen nevím co udělat s těma aplikacema co jsem instaloval kvůli čištění pc, jestli je mam odstranit nebo nechat?