preventívna kontrola

[Slovak]

Dobrý deň,
chcel by som poprosiť o preventívnu kontrolu logu

Logfile of random's system information tool 1.10 (written by random/random)
Run by Trifon at 2019-09-08 10:27:11
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 99 GB (43%) free of 229 GB
Total RAM: 8130 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:27:12, on 8. 9. 2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18838)
Boot mode: Normal

Running processes:
C:\Users\Trifon\AppData\Local\Discord\app-0.0.305\Discord.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Users\Trifon\AppData\Local\Discord\app-0.0.305\Discord.exe
C:\Users\Trifon\AppData\Local\Discord\app-0.0.305\Discord.exe
C:\Users\Trifon\AppData\Local\Discord\app-0.0.305\Discord.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\trend micro\Trifon.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "D:\Deamon tools\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Discord] C:\Users\Trifon\AppData\Local\Discord\app-0.0.305\Discord.exe
O4 - HKCU\..\Run: [AvastBrowserAutoLaunch_8F55D238C5FFCE7564267C2A293D85E0] "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --onboarding-at-startup --auto-launch-at-startup --profile-directory="Default"
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Application\76.0.1632.100\elevation_service.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: BitRaider Mini-Support Service Stub Loader (BRSptStub) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptStub.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - D:\Deamon tools\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11828 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"D:\Deamon tools\DAEMON Tools Lite\DTAgent.exe" -autorun
"C:\Users\Trifon\AppData\Local\Discord\app-0.0.305\Discord.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
C:\Windows\SysWOW64\PnkBstrA.exe
AvastUI.exe /nogui
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
"C:\Program Files\AVAST Software\Avast\aswEngSrv.exe" /pipename="07720BE7-AA41-3B5B-8C0E-D224ABBF9915" /binpath="C:\Program Files\AVAST Software\Avast"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
rundll32.exe "c:\program files\nvidia corporation\nvstreamsrv\rxdiag.dll" RxDiagSetRuntimeMessagePump
"C:\Users\Trifon\AppData\Local\Discord\app-0.0.305\Discord.exe" --type=gpu-process --enable-features=SharedArrayBuffer --no-sandbox --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=13582439178108969830 --mojo-platform-channel-handle=1116 /prefetch:2
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\Users\Trifon\AppData\Local\Discord\app-0.0.305\Discord.exe --reporter-url=https://sentry.io/api/146342/minidump/? ... be03b2b35a --application-name=Discord "--crashes-directory=C:\Users\Trifon\AppData\Local\Temp\Discord Crashes" --v=1
"C:\Users\Trifon\AppData\Local\Discord\app-0.0.305\Discord.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --force-color-profile=srgb --enable-features=SharedArrayBuffer --service-pipe-token=13032340042908265802 --lang=sk --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Trifon\AppData\Local\Discord\app-0.0.305\resources\app.asar" --node-integration=false --webview-tag=false --no-sandbox --native-window-open --preload="C:\Users\Trifon\AppData\Roaming\discord\0.0.305\modules\discord_desktop_core\core.asar\app\mainScreenPreload.js" --background-color=#2f3136 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13032340042908265802 --renderer-client-id=6 --mojo-platform-channel-handle=1868 /prefetch:1
"D:\Deamon tools\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-447862a7-402e-466e-a55a-6bce4634f6bb -SystemEventPortName:HostProcess-005115c3-13a1-485d-8a6e-f15def5e827f -IoCancelEventPortName:HostProcess-869c60ea-78ff-4fb1-b655-41ff0f48a9b8 -NonStateChangingEventPortName:HostProcess-9be97fb9-c664-4496-a30e-5a3ce20c2379 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:896ce19b-e9ae-4dd5-af4a-7613eb796b42 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe"
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=gpu-process --field-trial-handle=1304,8772960781568194532,8480685377106254186,131072 --disable-features=VizDisplayCompositor --no-sandbox --log-file="C:\Users\Trifon\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --lang=en-US --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Users\Trifon\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --service-request-channel-token=10677398895774981896 --mojo-platform-channel-handle=1316 /prefetch:2
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\Windows\system32\conhost.exe "1081971886-15565747625817706-1645865105-474720520-1810533843-1273099065-1479673019
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Users\Trifon\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --field-trial-handle=1304,8772960781568194532,8480685377106254186,131072 --disable-features=VizDisplayCompositor --service-pipe-token=7496562530470527570 --lang=en-US --log-file="C:\Users\Trifon\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7496562530470527570 --renderer-client-id=3 --mojo-platform-channel-handle=1576 /prefetch:1
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Trifon\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Trifon\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Trifon\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=76.0.3809.132 --initial-client-data=0x40,0x44,0x48,0x3c,0x4c,0x7fecf51ef08,0x7fecf51ef18,0x7fecf51ef28
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=8792 --on-initialized-event-handle=224 --parent-handle=232 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1088,406586155353622460,4973654134652084125,131072 --gpu-preferences=IAAAAAAAAADgAAAwAAAAAAAAYAAAAAAACAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAABQAAABAAAAAAAAAAAAAAAAYAAAAQAAAAAAAAAAEAAAAFAAAAEAAAAAAAAAABAAAABgAAAA== --service-request-channel-token=1136131675139796392 --mojo-platform-channel-handle=1144 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1088,406586155353622460,4973654134652084125,131072 --lang=sk --service-sandbox-type=network --service-request-channel-token=769549691547056410 --mojo-platform-channel-handle=1292 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1088,406586155353622460,4973654134652084125,131072 --lang=sk --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16269310925520728815 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2448 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1088,406586155353622460,4973654134652084125,131072 --lang=sk --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2571179581392630543 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2448 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1088,406586155353622460,4973654134652084125,131072 --lang=sk --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3583992842340157897 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2912 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1088,406586155353622460,4973654134652084125,131072 --lang=sk --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7753515150671022147 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2916 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1088,406586155353622460,4973654134652084125,131072 --lang=sk --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7849345018005696302 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2956 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1088,406586155353622460,4973654134652084125,131072 --lang=sk --service-sandbox-type=audio --service-request-channel-token=15426848160604040826 --mojo-platform-channel-handle=1000 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1088,406586155353622460,4973654134652084125,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9400642325663530379 --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4440 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1088,406586155353622460,4973654134652084125,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13263678113470271974 --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1892 /prefetch:1
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1088,406586155353622460,4973654134652084125,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=67479034154854345 --renderer-client-id=128 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7200 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1088,406586155353622460,4973654134652084125,131072 --lang=sk --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8445086610179901881 --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4952 /prefetch:1
"C:\Users\Trifon\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Trifon\AppData\Roaming\Mozilla\Firefox\Profiles\rk8vrt1e.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.malwarebytes.org/restorebrowser/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.238 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_238.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.238 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_238.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
npwachk.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-09-12 229064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27 255088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2014-01-23 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2017-02-23 2351920]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24 163536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27 193136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2014-01-22 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2017-02-23 1743664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27 255088]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27 193136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-10-22 7203032]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-08-02 269192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"=D:\Deamon tools\DAEMON Tools Lite\DTAgent.exe [2017-02-07 4701888]
"Discord"=C:\Users\Trifon\AppData\Local\Discord\app-0.0.305\Discord.exe [2019-03-07 81780056]
"AvastBrowserAutoLaunch_8F55D238C5FFCE7564267C2A293D85E0"=C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2019-08-21 1857288]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-08-25 293872]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux2"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux3"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======


======List of files/folders modified in the last 1 month======

2019-09-08 10:27:11 ----D---- C:\Program Files\trend micro
2019-09-08 10:24:18 ----D---- C:\Windows\Temp
2019-09-08 09:41:45 ----SHD---- C:\Windows\Installer
2019-09-08 09:06:06 ----D---- C:\Windows\System32
2019-09-08 09:06:06 ----D---- C:\Windows\inf
2019-09-08 09:06:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-09-08 09:05:21 ----D---- C:\Windows\SYSWOW64\Macromed
2019-09-08 08:55:59 ----D---- C:\ProgramData\NVIDIA
2019-09-07 18:11:55 ----A---- C:\Windows\NeroDigital.ini
2019-09-07 14:29:55 ----D---- C:\Users\Trifon\AppData\Roaming\discord
2019-09-07 12:43:01 ----D---- C:\Windows\system32\Tasks
2019-09-06 21:18:37 ----D---- C:\Program Files (x86)\Steam
2019-09-05 17:00:22 ----D---- C:\Users\Trifon\AppData\Roaming\uTorrent
2019-09-05 10:35:58 ----D---- C:\ProgramData
2019-09-05 10:35:58 ----D---- C:\Program Files (x86)\Common Files
2019-09-04 21:11:32 ----D---- C:\Users\Trifon\AppData\Roaming\Beaker Browser
2019-08-31 17:20:07 ----SHD---- C:\System Volume Information
2019-08-18 08:55:26 ----D---- C:\Users\Trifon\AppData\Roaming\CDisplayEx
2019-08-14 08:19:04 ----D---- C:\Windows\SysWOW64
2019-08-14 08:19:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2019-08-14 08:19:03 ----D---- C:\Windows\system32\Macromed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2019-08-02 206056]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2019-08-02 61688]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2019-08-02 88160]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2019-08-05 387688]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-08-07 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-08-07 28008]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-08-25 20464]
R0 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2019-01-26 253664]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2017-02-24 394296]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2012-08-22 15232]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2019-08-02 209256]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2019-08-02 263224]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2019-08-02 42504]
R1 aswNetSec;aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [2019-08-02 549416]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2019-08-02 112520]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2019-08-02 1030784]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2019-08-02 477288]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2019-08-02 168896]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2019-08-02 225816]
R3 aswNetNd6;Avast Firewall NDIS6 Helper; C:\Windows\system32\DRIVERS\aswNetNd6.sys [2017-08-07 38152]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2017-02-24 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-02-24 47672]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-10-22 3692632]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-08-25 383984]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-08-25 795120]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2019-05-23 228608]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2019-04-17 69840]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2019-04-17 75600]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-12-28 805088]
S3 BRDriver64_1_3_3_E02B25FC;BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [2016-01-18 78088]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 Denuvo Kuser Data Driver 1.0.0.7;Denuvo Kuser Data Driver 1.0.0.7; \??\D:\Downloads\Total.War.Saga.Thrones.of.Britannia.v1.0.11578\Total.War.Saga.Thrones.of.Britannia.v1.0.11578\Total.War.Saga.Thrones.of.Britannia\Denuvo64.sys []
S3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\DRIVERS\ISCTD.sys [2014-04-29 44744]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2019-05-10 30336]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2017-08-13 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;CMCC USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [2014-06-18 936728]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [2014-06-18 1360016]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-08-02 414976]
R2 avast! Firewall;Avast Firewall Service; C:\Program Files\AVAST Software\Avast\afwServ.exe [2019-08-02 423288]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-05-09 6541008]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-02-27 782136]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2019-05-22 782136]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2019-05-22 782136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-10-14 76888]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-08-02 6797008]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; D:\Deamon tools\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-02-07 1471168]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-08 164984]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-10 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-08-14 335416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-08 164984]
S3 AvastSecureBrowserElevationService;Avast Secure Browser Elevation Service; C:\Program Files (x86)\AVAST Software\Browser\Application\76.0.1632.100\elevation_service.exe [2019-08-21 976608]
S3 BRSptStub;BitRaider Mini-Support Service Stub Loader; C:\ProgramData\BitRaider\BRSptStub.exe [2016-01-18 363208]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\elevation_service.exe [2019-08-24 1096176]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-10 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-12-21 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-10-14 116224]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-01-17 146888]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-02-27 782136]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-12 188632]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2018-09-08 1684256]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-10-16 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

[Conder]

Ahoj

Ak nepouzivas/nepotrebujes, odporucam odinstaovat Google Toolbar.

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

[Slovak]

# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-04-2019
# Database: 2019-09-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-08-2019
# Duration: 00:00:00
# OS: Windows 7 Ultimate
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted acklnhgjphbhhomkneonohbjnbmkclfb

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

[Conder]

Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

[Slovak]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-09-2019
Ran by Trifon (administrator) on TRIFON-PC (ASUS All Series) (08-09-2019 21:21:40)
Running from C:\Users\Trifon\Desktop
Loaded Profiles: Trifon (Available Profiles: Trifon)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Disc Soft Ltd -> Disc Soft Ltd) D:\Deamon tools\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Disc Soft Ltd -> Disc Soft Ltd) D:\Deamon tools\DAEMON Tools Lite\DTAgent.exe
(Discord Inc. -> Discord Inc.) C:\Users\Trifon\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Trifon\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Trifon\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Trifon\AppData\Local\Discord\app-0.0.305\Discord.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(StarWind Software) [File not signed] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-08-02] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [293872 2014-08-25] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1601266965-4254244799-107981220-1000\...\Run: [DAEMON Tools Lite Automount] => D:\Deamon tools\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1601266965-4254244799-107981220-1000\...\Run: [Discord] => C:\Users\Trifon\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1601266965-4254244799-107981220-1000\...\Run: [AvastBrowserAutoLaunch_8F55D238C5FFCE7564267C2A293D85E0] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1857288 2019-08-21] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-1601266965-4254244799-107981220-1000\Sortware\Policies\...\system: [disablecmd] 0
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [79872 2012-05-13] () [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2011-05-13] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2011-05-13] (Electronic Arts -> On2.com)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-08-29] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\76.0.1632.100\Installer\chrmstp.exe [2019-09-07] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01097FD2-7AEB-48CA-9BAC-7AA1961DD515} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {10369A3F-9DD0-41B5-B5BF-416509F219DF} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_Plugin.exe [1457208 2019-08-14] (Adobe Inc. -> Adobe)
Task: {144186C7-569E-46B6-99BB-BED8C38897FE} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {255ABDBB-CF61-46D3-82BB-F472CCC762BA} - System32\Tasks\{DC49EDFF-3518-4D7A-A7AF-A2F40FAF5AB0} => C:\Program Files (x86)\Zoom Player\zplayer.exe [7918080 2015-11-25] (Inmatrix LTD) [File not signed]
Task: {32D50362-12EC-4C94-AAEF-69958577F423} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {37ED267F-CBDC-4F10-8D10-770AA3E26298} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3ECCA776-F9E4-4015-BA34-1AD47A4A4A58} - System32\Tasks\{1872B930-D57D-451D-84EE-650BB0C2D8B9} => C:\Windows\system32\pcalua.exe -a "E:\Důležité-programy-pro-hraní-her\Důležité programy pro hraní her\DirectX aktualizace z webu.exe" -d "E:\Důležité-programy-pro-hraní-her\Důležité programy pro hraní her"
Task: {3F11C961-0302-400E-BFD3-24E80651DD68} - System32\Tasks\{2F8702A7-BDD0-421A-AB32-372C69A8FCCF} => C:\Program Files (x86)\Zoom Player\zplayer.exe [7918080 2015-11-25] (Inmatrix LTD) [File not signed]
Task: {4422E699-4FED-4B6F-88CB-69864A7299B0} - System32\Tasks\{49B0644C-BAE9-42F3-BC44-8018EF452455} => C:\Windows\system32\pcalua.exe -a "E:\Důležité-programy-pro-hraní-her\Důležité programy pro hraní her\Dotnet FX.exe" -d "E:\Důležité-programy-pro-hraní-her\Důležité programy pro hraní her"
Task: {4A334B79-6562-4769-87A7-C24FD35C1639} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {521BB146-4468-4F2D-9C74-16DECA515999} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {5FC30D0F-C007-4C89-83FF-D774E6CB4C1B} - System32\Tasks\{826575A1-CF72-4A88-A523-502A93461B63} => C:\Windows\system32\pcalua.exe -a "E:\winrar 3.71 sk aj crak\winrar 3.71 sk aj crak\crck.exe" -d "E:\winrar 3.71 sk aj crak\winrar 3.71 sk aj crak"
Task: {6345F35F-F8A5-4CF3-B46B-10FBA4BEB36B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {64384F20-17ED-48A4-A9BA-454795FAA455} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6806B2E1-D6F7-42F9-9FBD-57A41041750B} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1857288 2019-08-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {6C3E435B-1DC5-432D-ACE4-DB943899F009} - System32\Tasks\{77B920D9-BFFB-4D22-B478-53ADA2C4B2CC} => C:\Windows\system32\pcalua.exe -a "E:\CyberLink Power DVD (verze ultra s updatem , čestinou)\Power dvd.Activator.exe" -d "E:\CyberLink Power DVD (verze ultra s updatem , čestinou)"
Task: {72129D40-EAAF-4D31-AB58-478B98943C0A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-08-02] (AVAST Software s.r.o. -> AVAST Software)
Task: {7C8D7D62-666A-44FE-837B-392524FBD3C2} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7D6BABAE-087A-4989-AB5B-C74102028CE3} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1857288 2019-08-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {85B59E5A-D9D3-4380-B8F8-6FA029663BCE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-08-14] (Adobe Inc. -> Adobe)
Task: {89E369F8-B7C4-43AD-9C07-11C0FE24D39F} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {8B1FC2D4-8AD2-44EF-BC1D-B2D4CA2DB460} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-10] (Google Inc -> Google Inc.)
Task: {8E04CBF9-C995-4A3F-8316-5B70A9CB1460} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {99F47806-7429-436D-876B-A82898CF6F5E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [899056 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B18B7F98-9723-4ECF-9D71-AD5AC6B62ADD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [899056 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BC175987-D78A-4E1C-AB37-E2171B551923} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2045832 2019-08-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {C9D9E2CF-B0D1-4053-B939-C1819CE5B16C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {CD44F550-1F03-41BF-9488-521779E8FCE0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3787304 2019-05-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D9669C7A-FB11-4295-BD93-3CF6A17C37B0} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DD9C46F5-9D04-42A2-8DEC-3924B5DA4E13} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {EF253B19-A33B-4FD3-938D-153710FF0323} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-10] (Google Inc -> Google Inc.)
Task: {F9953E70-BFCB-46DF-9841-FF5A6AD5AEAC} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{0F4109E8-C368-4BBD-B627-550F3133A50A}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{98AE020D-A730-4922-94BD-8C823B93D3E4}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1601266965-4254244799-107981220-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-09-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: rk8vrt1e.default
FF ProfilePath: C:\Users\Trifon\AppData\Roaming\Mozilla\Firefox\Profiles\rk8vrt1e.default [2019-06-27]
FF Homepage: Mozilla\Firefox\Profiles\rk8vrt1e.default -> hxxps://www.malwarebytes.org/restorebrowser/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_238.dll [2019-08-14] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_238.dll [2019-08-14] (Adobe Inc. -> )
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc -> Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR Profile: C:\Users\Trifon\AppData\Local\Google\Chrome\User Data\Default [2019-09-08]
CHR Extension: (Dokumenty) - C:\Users\Trifon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Trifon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\Trifon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2019-09-01]
CHR Extension: (YouTube) - C:\Users\Trifon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-11]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Trifon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-08-29]
CHR Extension: (Hľadať v Google) - C:\Users\Trifon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-04-03]
CHR Extension: (Avast Passwords) - C:\Users\Trifon\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2019-05-07]
CHR Extension: (Avast SafePrice | Porovnanie, ponuky, kupóny) - C:\Users\Trifon\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-05]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Trifon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-14]
CHR Extension: (AdBlock) - C:\Users\Trifon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-08-29]
CHR Extension: (Avast Online Security) - C:\Users\Trifon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-11]
CHR Extension: (QuickClean) - C:\Users\Trifon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcdeoflfbkpmebldjfkemfhjomgjipgn [2016-05-11]
CHR Extension: (Game of Thrones Ascent) - C:\Users\Trifon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmlmehpiikmcdamekkndkbkcefnfefai [2016-05-11]
CHR Extension: (JoJo's Bizarre Adventure (Theme)) - C:\Users\Trifon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilcjfhgbaghkofnnpndjpejfdklfjfmp [2019-03-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Trifon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\Trifon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Trifon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-09]
CHR Profile: C:\Users\Trifon\AppData\Local\Google\Chrome\User Data\System Profile [2019-06-09]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-06-18] (ASUSTeK Computer Inc. -> )
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-06-18] (ASUSTeK Computer Inc. -> ) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-08-02] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-08] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-08-02] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [423288 2019-08-02] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-08] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\76.0.1632.100\elevation_service.exe [976608 2019-08-21] (AVAST Software s.r.o. -> AVAST Software)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft -> Alcohol Soft Development Team)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-01-18] (BitRaider LLC -> BitRaider, LLC)
R3 Disc Soft Lite Bus Service; D:\Deamon tools\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd -> Disc Soft Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-10-14] (Even Balance, Inc. -> )
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] (ASUSTeK Computer Inc. -> )
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [209256 2019-08-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [263224 2019-08-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206056 2019-08-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61688 2019-08-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42504 2019-08-02] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [168896 2019-08-02] (AVAST Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2017-08-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [549416 2019-08-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-08-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-08-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-08-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477288 2019-08-02] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225816 2019-08-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [387688 2019-08-05] (AVAST Software s.r.o. -> AVAST Software)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2016-01-18] (BitRaider -> BitRaider)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-02-24] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-02-24] (Disc Soft Ltd -> Disc Soft Ltd)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-04-29] (Intel CASE -> )
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2019-01-26] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-05-10] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12464 2017-04-21] (Macrovision Europe Ltd) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [394296 2017-02-24] (Disc Soft Ltd -> Duplex Secure Ltd.)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl [146928 2009-02-28] (CyberLink -> CyberLink Corp.)
U3 ay6dm24g; C:\Windows\System32\Drivers\ay6dm24g.sys [0 0000-00-00] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 Denuvo Kuser Data Driver 1.0.0.7; \??\D:\Downloads\Total.War.Saga.Thrones.of.Britannia.v1.0.11578\Total.War.Saga.Thrones.of.Britannia.v1.0.11578\Total.War.Saga.Thrones.of.Britannia\Denuvo64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-09-08 21:21 - 2019-09-08 21:22 - 000032651 _____ C:\Users\Trifon\Desktop\FRST.txt
2019-09-08 21:21 - 2019-09-08 21:21 - 000000000 ____D C:\FRST
2019-09-08 21:19 - 2019-09-08 21:20 - 001614848 _____ (Farbar) C:\Users\Trifon\Desktop\FRST64.exe
2019-09-08 16:24 - 2019-09-08 16:25 - 007622344 _____ (Malwarebytes) C:\Users\Trifon\Desktop\adwcleaner_7.4.1.exe
2019-09-08 16:24 - 2019-09-08 16:25 - 000000000 ____D C:\AdwCleaner
2019-09-07 14:34 - 2019-09-07 14:35 - 000000000 ____D C:\Users\Trifon\AppData\Local\gitkraken
2019-09-02 18:36 - 2019-09-02 18:36 - 000001200 _____ C:\Users\Trifon\Desktop\The Sims 4 Island Living.lnk
2019-08-31 18:18 - 2019-08-31 18:18 - 000001061 _____ C:\Users\Trifon\Desktop\Europa Universalis IV Golden Century.lnk
2019-08-31 18:03 - 2019-08-31 18:03 - 000000222 _____ C:\Users\Trifon\Desktop\Europa Universalis IV.url
2019-08-12 19:34 - 2019-08-13 11:23 - 000162304 _____ C:\Users\Trifon\Desktop\asoiaf_character_sheet_xlc.xls
2019-08-09 15:51 - 2019-08-09 15:58 - 498664602 _____ C:\Users\Trifon\Desktop\geheimnisnacht 1.2.0.zip

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-09-08 20:46 - 2009-07-14 06:45 - 000013040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-09-08 20:46 - 2009-07-14 06:45 - 000013040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-09-08 20:40 - 2019-06-01 13:33 - 000003704 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-08 20:40 - 2019-06-01 13:33 - 000003704 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-08 20:40 - 2019-06-01 13:33 - 000003704 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-08 20:40 - 2019-06-01 13:33 - 000003704 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-08 20:40 - 2019-03-22 11:04 - 000004466 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-09-08 20:40 - 2018-06-26 18:02 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-08 20:40 - 2018-06-26 18:02 - 000003790 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-08 20:40 - 2018-04-06 13:23 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-09-08 20:40 - 2018-04-06 13:23 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-09-08 20:40 - 2018-03-20 20:27 - 000003940 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-08 20:40 - 2017-08-12 19:35 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-08 20:40 - 2017-08-12 19:35 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-08 20:40 - 2017-08-12 19:35 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-08 20:40 - 2015-12-03 19:47 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-09-08 20:40 - 2015-10-14 13:03 - 000002794 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-09-08 20:40 - 2015-10-10 20:41 - 000000000 ____D C:\ProgramData\NVIDIA
2019-09-08 20:40 - 2015-10-10 20:37 - 000003370 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-09-08 20:40 - 2015-10-10 20:37 - 000003242 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-09-08 19:47 - 2015-10-14 12:56 - 000000000 ____D C:\Program Files (x86)\Steam
2019-09-08 19:11 - 2009-07-26 20:41 - 000664738 _____ C:\Windows\system32\perfh005.dat
2019-09-08 19:11 - 2009-07-26 20:41 - 000142826 _____ C:\Windows\system32\perfc005.dat
2019-09-08 19:11 - 2009-07-14 07:13 - 001596028 _____ C:\Windows\system32\PerfStringBackup.INI
2019-09-08 19:11 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-09-08 19:03 - 2018-06-08 07:36 - 000000000 ____D C:\Users\Trifon\AppData\Local\AVAST Software
2019-09-08 19:03 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-09-08 16:40 - 2018-06-05 09:44 - 000000000 ____D C:\Users\Trifon\AppData\Roaming\discord
2019-09-08 16:26 - 2015-10-10 20:38 - 000000000 ____D C:\Program Files\Google
2019-09-08 16:26 - 2015-10-10 20:37 - 000000000 ____D C:\Program Files (x86)\Google
2019-09-08 16:23 - 2015-10-10 20:37 - 000000000 ____D C:\Users\Trifon\AppData\Local\Google
2019-09-08 10:27 - 2015-12-10 15:36 - 000000000 ____D C:\Program Files\trend micro
2019-09-08 09:05 - 2015-10-10 21:37 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-09-07 18:11 - 2016-01-13 14:41 - 000000069 _____ C:\Windows\NeroDigital.ini
2019-09-07 14:35 - 2019-04-05 19:17 - 000000000 ____D C:\Users\Trifon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Axosoft, LLC
2019-09-07 14:34 - 2018-06-05 09:44 - 000000000 ____D C:\Users\Trifon\AppData\Local\SquirrelTemp
2019-09-07 12:43 - 2019-04-17 18:43 - 000003732 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-09-07 12:43 - 2019-04-17 18:43 - 000003150 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-09-07 12:43 - 2018-06-08 07:36 - 000002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-09-06 10:12 - 2015-10-14 10:24 - 000000000 ____D C:\Users\Trifon\AppData\Local\CrashDumps
2019-09-05 17:00 - 2015-10-10 21:42 - 000000000 ____D C:\Users\Trifon\AppData\Roaming\uTorrent
2019-09-05 10:35 - 2017-06-25 15:35 - 000000132 _____ C:\Users\Trifon\AppData\Roaming\Adobe PNG Format CS5 Prefs
2019-09-04 21:11 - 2018-08-14 19:17 - 000000000 ____D C:\Users\Trifon\AppData\Roaming\Beaker Browser
2019-08-29 15:49 - 2015-10-10 20:37 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-29 15:49 - 2015-10-10 20:37 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-18 08:55 - 2015-10-14 13:00 - 000000000 ____D C:\Users\Trifon\AppData\Roaming\CDisplayEx
2019-08-14 08:19 - 2018-04-06 13:23 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-08-14 08:19 - 2018-04-06 13:23 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-08-14 08:19 - 2018-04-06 13:23 - 000000000 ____D C:\Windows\system32\Macromed

==================== Files in the root of some directories ================

2018-06-02 13:12 - 2018-06-22 19:19 - 000000132 _____ () C:\Users\Trifon\AppData\Roaming\Adobe AIFF Format CS5 Prefs
2017-06-25 15:35 - 2019-09-05 10:35 - 000000132 _____ () C:\Users\Trifon\AppData\Roaming\Adobe PNG Format CS5 Prefs
2018-08-11 09:00 - 2019-06-03 20:49 - 000000132 _____ () C:\Users\Trifon\AppData\Roaming\Adobe Targa Format CS5 Prefs
2016-04-01 07:13 - 2016-04-01 07:13 - 000000316 _____ () C:\Users\Trifon\AppData\Roaming\redirect2.dat
2016-03-30 18:26 - 2016-03-30 18:26 - 000000009 _____ () C:\Users\Trifon\AppData\Roaming\update.dat
2019-05-27 12:16 - 2019-05-27 12:16 - 000000071 _____ () C:\Users\Trifon\AppData\Roaming\~SiMPLEX.ini
2016-03-30 18:27 - 2016-04-02 08:58 - 000000004 _____ () C:\Users\Trifon\AppData\Roaming\Microsoft\notaut.txt
2016-04-01 07:19 - 2016-04-01 07:19 - 000000004 _____ () C:\Users\Trifon\AppData\Roaming\Microsoft\notautfbb.txt
2018-05-31 16:11 - 2018-08-23 21:24 - 000001456 _____ () C:\Users\Trifon\AppData\Local\Adobe Save for Web 12.0 Prefs

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-06-29 21:09
==================== End of FRST.txt ============================

[Slovak]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-09-2019
Ran by Trifon (08-09-2019 21:22:19)
Running from C:\Users\Trifon\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2015-10-10 18:33:33)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1601266965-4254244799-107981220-500 - Administrator - Disabled)
Guest (S-1-5-21-1601266965-4254244799-107981220-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1601266965-4254244799-107981220-1002 - Limited - Enabled)
Trifon (S-1-5-21-1601266965-4254244799-107981220-1000 - Administrator - Enabled) => C:\Users\Trifon

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
7-Zip 19.00 (HKLM-x32\...\{23170F69-40C1-2701-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.238 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.238 - Adobe)
Adobe Reader 9.3 - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-A93000000001}) (Version: 9.3.0 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 37.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 37.0.0.0 - NVIDIA Corporation) Hidden
Aselia The Eternal v1.0 (HKLM-x32\...\{9BC2DC89-8664-4137-8BD3-AF12080EA983}_is1) (Version: - JAST Densetsu)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 76.0.1632.100 - Autori prehliadača Avast Secure Browser)
Bass Audio Decoder (remove only) (HKLM-x32\...\Bass Audio Decoder) (Version: - )
Beaker Browser 0.8.0 (only current user) (HKU\S-1-5-21-1601266965-4254244799-107981220-1000\...\c1ad1bae-6337-51fe-a91b-ad398e15a38d) (Version: 0.8.0 - Paul Frazee)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1501 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
DCoder Image Source (remove only) (HKLM-x32\...\DCoder Image Source) (Version: - )
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
DirectVobSub (remove only) (HKLM-x32\...\DirectVobSub) (Version: - )
Discord (HKU\S-1-5-21-1601266965-4254244799-107981220-1000\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.35 - NVIDIA Corporation) Hidden
Europa Universalis IV Golden Century (HKLM-x32\...\Europa Universalis IV Golden Century_is1) (Version: - )
ffdshow v1.2.4453 [2012-05-21] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4453.0 - )
FFMPEG Core Files (remove only) (HKLM-x32\...\FFMPEG Core Files) (Version: - )
GitKraken (HKU\S-1-5-21-1601266965-4254244799-107981220-1000\...\gitkraken) (Version: 6.1.4 - Axosoft, LLC)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Hearts of Iron IV Man the Guns (HKLM-x32\...\Hearts of Iron IV Man the Guns_is1) (Version: - )
CHAOS CHILD (HKLM-x32\...\CHAOS CHILD_is1) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version: - )
LAV Filters 0.62.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.62.0 - Hendrik Leppkes)
MadVR (remove only) (HKLM-x32\...\MadVR) (Version: - )
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
MerriweatherMG Font (HKLM-x32\...\{3EB01639-A0B0-40C5-9177-7A4C17089638}) (Version: 1.0.0 - MangaGamer)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{2fa65abe-2cfc-4cf3-89b1-99122a47fdd6}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 47.0.2 (x86 sk) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 sk)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Hero Ones Justice (HKLM-x32\...\My Hero Ones Justice_is1) (Version: - )
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nero 8 Lite 8.2.8.0 (HKLM-x32\...\Nero8Lite_is1) (Version: 8.2.8.0 - Updatepack.nl)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.6.6 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.19.0.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.94 - NVIDIA Corporation)
NVIDIA Grafický ovládač 430.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 430.86 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 430.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 430.86 - NVIDIA Corporation) Hidden
PowerDVD (HKLM-x32\...\{8C20787A-7402-4FA7-BF25-6E5750930FDC}) (Version: 9.00.0000 - CyberLink Corp.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tales of Vesperia Definitive Edition (HKLM-x32\...\Tales of Vesperia Definitive Edition_is1) (Version: - )
The Sims 4 Island Living (HKLM-x32\...\The Sims 4 Island Living_is1) (Version: - )
The Sims Medieval (HKLM-x32\...\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}) (Version: 2.0.109 - Electronic Arts)
The Sims Medieval Pirates and Nobles (HKLM-x32\...\{0CC21836-A5D6-4641-B4AE-6FA01D021E41}) (Version: 2.0.109 - Electronic Arts)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UltraISO Premium V9.65 (HKLM-x32\...\UltraISO_is1) (Version: - )
Update for Skype for Business 2015 (KB4011255) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FCBDF81E-8BA7-4705-A8BB-048A3FB755D7}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4011255) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FCBDF81E-8BA7-4705-A8BB-048A3FB755D7}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4011255) 64-Bit Edition (HKLM\...\{90150000-012B-041B-1000-0000000FF1CE}_Office15.PROPLUS_{FCBDF81E-8BA7-4705-A8BB-048A3FB755D7}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
We The Revolution (HKU\S-1-5-21-1601266965-4254244799-107981220-1000\...\We The Revolution) (Version: - HOODLUM)
Winamp (HKLM-x32\...\Winamp) (Version: 5.581 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-1601266965-4254244799-107981220-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinRAR archivátor (HKLM-x32\...\WinRAR archiver) (Version: - )
Zoom Player (remove only) (HKLM-x32\...\ZoomPlayer) (Version: 11.1.0 - Inmatrix LTD)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-02] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => D:\Program Files (x86) instal games\notepad\Notepad++\NppShell_06.dll [2019-01-27] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-20] () [File not signed]
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2013-09-17] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2013-09-17] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => D:\UltraISO\UltraISO\isoshl64.dll [2014-01-02] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => D:\UltraISO\UltraISO\isoshl64.dll [2014-01-02] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-20] () [File not signed]
ContextMenuHandlers4: [ZPShellExt] -> {ABE00001-0123-ABED-1248-0248ADFA1909} => C:\Program Files (x86)\Zoom Player\zpshlext64.dll [2008-08-05] () [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-05-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => D:\UltraISO\UltraISO\isoshl64.dll [2014-01-02] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-11] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-20] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Trifon\AppData\Local\Google\Chrome\User Data\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --show-app-list
ShortcutWithArgument: C:\Users\Trifon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --show-app-list
ShortcutWithArgument: C:\Users\Trifon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --show-app-list

==================== Loaded Modules (Whitelisted) ==============

2015-10-10 21:42 - 2006-12-11 02:14 - 000043008 _____ () [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll
2015-10-10 20:41 - 2019-09-08 19:03 - 000033936 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2018-08-18 13:28 - 2018-05-01 11:10 - 001677824 _____ (Igor Pavlov) [File not signed] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\7z.dll
2015-10-10 19:52 - 2014-08-25 05:49 - 000074240 ____R (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2018-08-18 13:28 - 2018-01-18 16:15 - 000024576 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qgif.dll
2018-08-18 13:28 - 2018-01-18 16:16 - 000031232 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qicns.dll
2018-08-18 13:28 - 2018-01-18 16:15 - 000025088 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2018-08-18 13:28 - 2018-01-18 16:15 - 000242688 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qjpeg.dll
2018-08-18 13:28 - 2018-01-18 16:16 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2018-08-18 13:28 - 2018-01-18 16:16 - 000018944 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qtga.dll
2018-08-18 13:28 - 2018-01-18 16:16 - 000318976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qtiff.dll
2018-08-18 13:28 - 2018-01-18 16:16 - 000017920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qwbmp.dll
2018-08-18 13:28 - 2018-01-18 16:16 - 000328704 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qwebp.dll
2018-08-18 13:28 - 2018-01-18 16:15 - 000993792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2018-08-18 13:28 - 2018-05-09 09:35 - 004809728 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2018-08-18 13:28 - 2018-01-18 16:12 - 005100032 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2018-08-18 13:28 - 2018-01-18 16:10 - 002012672 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2018-08-18 13:28 - 2018-01-18 16:18 - 002522112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2018-08-18 13:28 - 2018-01-18 16:20 - 002570752 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2018-08-18 13:28 - 2018-01-18 16:16 - 000247808 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2018-08-18 13:28 - 2018-01-18 16:14 - 004482048 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2018-08-18 13:28 - 2018-01-18 16:24 - 000206336 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2018-08-18 13:28 - 2018-01-18 16:22 - 000013312 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2018-08-18 13:28 - 2018-01-18 16:22 - 000013824 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2018-08-18 13:28 - 2018-01-18 16:27 - 000698368 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-08-18 13:28 - 2018-01-18 16:27 - 000173056 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2018-08-18 13:28 - 2018-01-18 16:26 - 000069632 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-08-18 13:28 - 2018-01-18 16:27 - 000097280 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2018-08-18 13:28 - 2018-01-18 16:22 - 000013312 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-12-06 19:00 - 2019-01-04 11:55 - 000000025 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1601266965-4254244799-107981220-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Trifon\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D43ED52E-5166-4DBB-BEA0-A0D697B64553}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{ED880DD7-8A66-492F-B7C5-CCF7E01BAA1E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C5A9B363-8667-464F-A45A-FB143980A0E1}] => (Allow) C:\Users\Trifon\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{1A559CFB-608C-4667-B49E-DDC8544437B6}] => (Allow) C:\Users\Trifon\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{37A7D8D9-1FB3-46BC-8011-EF6E3B0FEA53}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{D3475DD7-3593-423A-BE8F-C1B1A7A1B754}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{335E15BD-5DD2-41C1-8E02-4A220A2F3665}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3268138F-9713-4FAC-8E48-28114642ABA7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6604C3D6-D38E-44CF-A387-F0D7DDA05193}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{38FDF4A1-B608-4BB0-BC39-EDD427B52F1B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AB23FEB9-2F12-45EB-B725-BBEDF206EC18}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9D6F8C32-2CE9-403E-A15B-7AF5C83D6DC6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{628B0641-27BF-41DD-B059-3F15939BD6F9}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{F69D36C8-0C0C-474E-96F4-0AB99DBC95B6}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4CA0F572-6B1B-4D94-8E43-723C76826240}] => (Allow) D:\Steam - games\steamapps\common\Tales from the Borderlands\Borderlands.exe (Telltale Games) [File not signed]
FirewallRules: [{B6CA1D62-88CF-4C44-9272-0AAAD9399D4A}] => (Allow) D:\Steam - games\steamapps\common\Tales from the Borderlands\Borderlands.exe (Telltale Games) [File not signed]
FirewallRules: [{4B5085C9-16E5-49EC-ADCC-185CE3C41815}] => (Allow) D:\Steam - games\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{1EAE6B85-6898-436B-B0D0-745928A2A721}] => (Allow) D:\Steam - games\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{2886AA2B-D58D-4AAC-BE96-B5FFDB1F42C2}] => (Allow) D:\Steam - games\steamapps\common\The Walking Dead Season Two\TheWalkingDead2.exe (Telltale Games) [File not signed]
FirewallRules: [{987DC8D2-C96F-4E0E-B40D-62E393A281DF}] => (Allow) D:\Steam - games\steamapps\common\The Walking Dead Season Two\TheWalkingDead2.exe (Telltale Games) [File not signed]
FirewallRules: [{C7227D57-33F8-45BB-B243-9CBEF00F0F0C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6EA6E843-F08E-42D1-828B-1C853CEF3DF0}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A8846615-3F80-4CDF-8BAC-5BF04C086FA3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6A602CA1-767D-4739-98E7-752D64D085EB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4A5F8A5F-8958-4512-88B5-5C4A82307473}] => (Allow) D:\Steam - games\steamapps\common\Everlasting Summer\Everlasting Summer.exe () [File not signed]
FirewallRules: [{86526ACC-20E7-44F7-BD46-908B90BFF34E}] => (Allow) D:\Steam - games\steamapps\common\Everlasting Summer\Everlasting Summer.exe () [File not signed]
FirewallRules: [{824DBDFD-CD2A-44CB-A552-01821416A1BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BFC83964-B7CF-41BE-9BA3-76AF9C177E33}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7516135A-DB1E-44C8-92BE-5AFB26DFED6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3BDE8AAA-0FB5-411E-A1CD-398EB6809C0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D4E66E55-291F-4296-AFF3-32B4894E5FD6}] => (Allow) D:\Steam - games\steamapps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win8.exe (Telltale Games) [File not signed]
FirewallRules: [{F301DF1F-1AF4-4362-8CE1-BF0F1D556CD5}] => (Allow) D:\Steam - games\steamapps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win8.exe (Telltale Games) [File not signed]
FirewallRules: [{D86F7897-4254-4211-88D0-D01C83777FF6}] => (Allow) D:\Steam - games\steamapps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win7.exe (Telltale Games) [File not signed]
FirewallRules: [{AB14D2B6-5D16-4476-B3C6-A902B2ACA109}] => (Allow) D:\Steam - games\steamapps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win7.exe (Telltale Games) [File not signed]
FirewallRules: [{8EF2CFD6-9B1B-4B66-9B2C-B7A5B53860DB}] => (Allow) D:\Steam - games\steamapps\common\The Letter\The Letter.exe () [File not signed]
FirewallRules: [{9B879FC0-57CF-445F-9AF9-90A6E2532B46}] => (Allow) D:\Steam - games\steamapps\common\The Letter\The Letter.exe () [File not signed]
FirewallRules: [{7760973B-E4B2-4E6E-9C9A-82F6188FF00A}] => (Allow) D:\Steam - games\steamapps\common\Knights of the Old Republic II\swkotor2.exe (Obsidian Entertainment, Inc.) [File not signed]
FirewallRules: [{5AD5D4AC-A70C-468A-8077-4382AFDCDDE4}] => (Allow) D:\Steam - games\steamapps\common\Knights of the Old Republic II\swkotor2.exe (Obsidian Entertainment, Inc.) [File not signed]
FirewallRules: [{BFEB6CB3-4167-4A1E-9300-C752D4DC19E3}] => (Allow) D:\Steam - games\steamapps\common\swkotor\swkotor.exe (BioWare Corp.) [File not signed]
FirewallRules: [{AEFEC336-95F4-4538-A1F8-51C2B1D2DBDD}] => (Allow) D:\Steam - games\steamapps\common\swkotor\swkotor.exe (BioWare Corp.) [File not signed]
FirewallRules: [{842A1C45-C319-4779-B2DA-2AA4E5181070}] => (Allow) D:\Steam - games\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [File not signed]
FirewallRules: [{C7F1E6DB-C11B-4B8D-8EBC-19BEA3DAEA46}] => (Allow) D:\Steam - games\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [File not signed]
FirewallRules: [{091149A9-A869-4FF8-B62D-F4A860C631DA}] => (Allow) D:\Steam - games\steamapps\common\Life is Strange - Before the Storm\Life is Strange - Before the Storm.exe () [File not signed]
FirewallRules: [{377BDA00-AD19-4E03-B2AF-8E809DC3C4EB}] => (Allow) D:\Steam - games\steamapps\common\Life is Strange - Before the Storm\Life is Strange - Before the Storm.exe () [File not signed]
FirewallRules: [{DF811F79-BE2D-42AF-A437-A546B40128FF}] => (Allow) D:\Steam - games\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive) [File not signed]
FirewallRules: [{9681A987-FEF2-45F0-8B83-C2D02FD1D8B9}] => (Allow) D:\Steam - games\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive) [File not signed]
FirewallRules: [{06EA897F-4A73-4C45-8BF3-FE5208C5E9DA}] => (Allow) D:\Steam - games\steamapps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3.exe (Telltale Games) [File not signed]
FirewallRules: [{09C3B64B-D75F-4E44-AD13-F952AA94F405}] => (Allow) D:\Steam - games\steamapps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3.exe (Telltale Games) [File not signed]
FirewallRules: [{DE2944B6-9E3C-4C84-B89E-AA5097A44397}] => (Allow) D:\Steam - games\steamapps\common\CaptainSpirit\CaptainSpirit\Binaries\Win64\CaptainSpirit-Win64-Shipping.exe (Square Enix) [File not signed]
FirewallRules: [{65934313-62AE-4C10-BFD1-E614A8F8E154}] => (Allow) D:\Steam - games\steamapps\common\CaptainSpirit\CaptainSpirit\Binaries\Win64\CaptainSpirit-Win64-Shipping.exe (Square Enix) [File not signed]
FirewallRules: [{942E87D7-A2C4-40B3-8F98-405106C90225}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D156BEF9-CC37-4786-9FEA-AE97D25FA926}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D12C202B-E67D-4D6F-960D-3849685B8316}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B3102BA6-8F7A-446C-A821-6794900E567C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{CD716F4B-5935-41D0-8A0F-B7F5F7C12DAB}] => (Allow) D:\Steam - games\steamapps\common\Sins of a Solar Empire Rebellion\StardockLauncher.exe (STARDOCK SYSTEMS, INC. -> Stardock Corporation)
FirewallRules: [{85A8EB67-1B72-4FFC-8606-EE69BFD0CA8C}] => (Allow) D:\Steam - games\steamapps\common\Sins of a Solar Empire Rebellion\StardockLauncher.exe (STARDOCK SYSTEMS, INC. -> Stardock Corporation)
FirewallRules: [{CE479E01-50D6-44C7-962C-5306B1F1D587}] => (Allow) D:\Steam - games\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{E28E3DD0-7008-4884-82A8-08BC8880EAC5}] => (Allow) D:\Steam - games\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{EF4A7AB6-9F18-4B31-A54F-A8757ED151A7}] => (Allow) D:\Steam - games\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Gearbox Software LLC -> Take-Two Interactive Software, Inc.)
FirewallRules: [{6D9656C4-5649-40EB-834C-A06321308DE2}] => (Allow) D:\Steam - games\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Gearbox Software LLC -> Take-Two Interactive Software, Inc.)
FirewallRules: [{5A9A2B09-D94D-4513-91BF-0413464A3B67}] => (Allow) D:\Steam - games\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe (Gearbox Software) [File not signed]
FirewallRules: [{D2BF2983-418F-42AD-8E1A-38C36A7D9C9B}] => (Allow) D:\Steam - games\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe (Gearbox Software) [File not signed]
FirewallRules: [{37474C73-C39C-4DD2-B25A-6938FC1A10FD}] => (Allow) D:\Steam - games\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [File not signed]
FirewallRules: [{7F0E16B1-A2E2-4EE4-BBC9-569A3A55774F}] => (Allow) D:\Steam - games\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [File not signed]
FirewallRules: [{DE3278DD-AFA8-4AC2-BAD4-0986ADEE0949}] => (Allow) D:\Steam - games\steamapps\common\Ostalgie The Berlin Wall\Ostalgie.exe () [File not signed]
FirewallRules: [{19438BE7-6C83-4296-831E-16340AE6DB3F}] => (Allow) D:\Steam - games\steamapps\common\Ostalgie The Berlin Wall\Ostalgie.exe () [File not signed]
FirewallRules: [{E65ABAFF-70B9-45A8-AA20-6D17EFC4C69E}] => (Allow) D:\Steam - games\steamapps\common\Total War SHOGUN 2\Shogun2.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd)
FirewallRules: [{598D74A5-DA78-4451-B589-F34EC5B68BE3}] => (Allow) D:\Steam - games\steamapps\common\Total War SHOGUN 2\Shogun2.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd)
FirewallRules: [{660A5C84-9407-495E-A421-5CB7D1B1F326}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{65488619-2886-4DB5-9DA8-DF30D32EF517}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A6B9C0F6-8FEB-4BA0-88F4-65F76128647A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F72C0DD5-0083-48BD-989E-4C0A7A38DA23}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A1919126-6441-4770-99A7-D7EBACC538C6}] => (Allow) D:\Steam - games\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive) [File not signed]
FirewallRules: [{F40B0357-C0D0-490E-9F08-D247BCCD0013}] => (Allow) D:\Steam - games\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive) [File not signed]
FirewallRules: [{ACDE3E1A-3077-4723-BF09-1EC0940F1439}] => (Allow) D:\Steam - games\steamapps\common\Armello\armello.exe () [File not signed]
FirewallRules: [{B01AC2EE-6310-4C3A-9532-BC61C0FF22D4}] => (Allow) D:\Steam - games\steamapps\common\Armello\armello.exe () [File not signed]
FirewallRules: [{F41F0C4F-AEBF-404A-9292-1F8810E6FE58}] => (Allow) D:\Steam - games\steamapps\common\AoW3\AoW3Launcher.exe () [File not signed]
FirewallRules: [{F4FEDABE-C6FA-4384-B375-712D941BA9EB}] => (Allow) D:\Steam - games\steamapps\common\AoW3\AoW3Launcher.exe () [File not signed]
FirewallRules: [{572E58DA-C78F-4473-BB2F-EFC4E7BA455E}] => (Allow) D:\Steam - games\steamapps\common\AoW3\AoW3.exe () [File not signed]
FirewallRules: [{75268A84-F944-45CA-831B-A44F55A45A81}] => (Allow) D:\Steam - games\steamapps\common\AoW3\AoW3.exe () [File not signed]
FirewallRules: [{3779103E-DC59-4B9F-90A0-82643E40154E}] => (Allow) D:\Steam - games\steamapps\common\AoW3\AoW3_Debug.exe () [File not signed]
FirewallRules: [{256F441D-1B6C-4F7C-8C91-DFBAC414004B}] => (Allow) D:\Steam - games\steamapps\common\AoW3\AoW3_Debug.exe () [File not signed]
FirewallRules: [{8D822870-2D24-449B-928F-8D1AE12C60C3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{90FCD4D5-EEF0-483F-9640-934D8BB07899}] => (Allow) D:\Steam - games\steamapps\common\Europa Universalis IV\eu4.exe (Paradox Interactive) [File not signed]
FirewallRules: [{30A20360-2A99-45B1-BC10-C90A219DAD7D}] => (Allow) D:\Steam - games\steamapps\common\Europa Universalis IV\eu4.exe (Paradox Interactive) [File not signed]
FirewallRules: [{634C352A-BEC0-48C7-AB55-11110C252A6E}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/08/2019 08:51:04 PM) (Source: PerfOS) (EventID: 2011) (User: )
Description: Unable to collect System Pagefile performance data. The first four bytes (DWORD) of the Data section contains the status code.

Error: (09/08/2019 08:48:09 PM) (Source: PerfOS) (EventID: 2011) (User: )
Description: Unable to collect System Pagefile performance data. The first four bytes (DWORD) of the Data section contains the status code.

Error: (09/08/2019 08:45:31 PM) (Source: PerfOS) (EventID: 2011) (User: )
Description: Unable to collect System Pagefile performance data. The first four bytes (DWORD) of the Data section contains the status code.

Error: (09/08/2019 08:45:05 PM) (Source: PerfOS) (EventID: 2011) (User: )
Description: Unable to collect System Pagefile performance data. The first four bytes (DWORD) of the Data section contains the status code.

Error: (09/08/2019 08:45:04 PM) (Source: PerfOS) (EventID: 2011) (User: )
Description: Unable to collect System Pagefile performance data. The first four bytes (DWORD) of the Data section contains the status code.

Error: (09/08/2019 08:43:03 PM) (Source: PerfOS) (EventID: 2011) (User: )
Description: Unable to collect System Pagefile performance data. The first four bytes (DWORD) of the Data section contains the status code.

Error: (09/08/2019 08:43:02 PM) (Source: PerfOS) (EventID: 2011) (User: )
Description: Unable to collect System Pagefile performance data. The first four bytes (DWORD) of the Data section contains the status code.

Error: (09/08/2019 08:41:46 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadané konto už existuje.


System errors:
=============
Error: (09/08/2019 09:21:26 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (09/08/2019 07:03:02 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (09/08/2019 04:26:55 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (09/08/2019 04:26:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Media Player - služba zdieľania v sieti sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (09/08/2019 04:26:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASUS System Control Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/08/2019 04:26:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 6000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (09/08/2019 04:26:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/08/2019 04:26:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Inštalátor systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.


Windows Defender:
===================================
Date: 2015-10-10 21:55:33.418
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{14D6597F-4D0F-4927-9089-DD95669C496A}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

CodeIntegrity:
===================================

Date: 2017-03-21 16:59:09.854
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-03-21 16:59:09.791
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-07-30 18:47:11.888
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-30 18:47:01.935
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-30 18:47:01.904
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-18 08:10:12.958
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-18 08:10:03.138
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-18 08:10:03.122
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2202 12/08/2014
Motherboard: ASUSTeK COMPUTER INC. B85M-G
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 56%
Total physical RAM: 8129.96 MB
Available physical RAM: 3556.94 MB
Total Virtual: 8128.14 MB
Available Virtual: 2908.54 MB

==================== Drives ================================

Drive c: (Kingston SDD 240GB) (Fixed) (Total:223.47 GB) (Free:95.79 GB) NTFS
Drive d: (Westel digital 1TB) (Fixed) (Total:931.51 GB) (Free:551.98 GB) NTFS
Drive g: (Westel digital 150GB) (Fixed) (Total:149.05 GB) (Free:118.34 GB) NTFS
Drive h: (TARDIS 1TB) (Fixed) (Total:931.28 GB) (Free:241.13 GB) FAT32

\\?\Volume{6ba8e36a-6f74-11e5-9acc-806e6f6e6963}\ (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{718e0da0-fab1-11e6-8e7d-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{1dba0cf3-01d2-11e9-b14e-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{c68d3540-2ab8-11e9-a982-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{c68d35c3-2ab8-11e9-a982-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{bd19cecb-600b-11e9-b3ba-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{bd19cf67-600b-11e9-b3ba-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{bd19d000-600b-11e9-b3ba-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{bd19d017-600b-11e9-b3ba-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{7c732ce3-910e-11e9-a089-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{7c732d3c-910e-11e9-a089-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{7c732d40-910e-11e9-a089-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{7c732d77-910e-11e9-a089-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{7c732d7d-910e-11e9-a089-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{7c732d83-910e-11e9-a089-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{7c732db3-910e-11e9-a089-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{7c732dbc-910e-11e9-a089-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{9a40c8a4-a859-11e9-9540-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{9a40c8cd-a859-11e9-9540-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{9a40c8ed-a859-11e9-9540-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{9a40c8fe-a859-11e9-9540-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{9a40c902-a859-11e9-9540-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{9a40c90b-a859-11e9-9540-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{9a40c915-a859-11e9-9540-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{9a40c934-a859-11e9-9540-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{9a40c938-a859-11e9-9540-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{9a40c946-a859-11e9-9540-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{9a40c94a-a859-11e9-9540-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{9a40c94e-a859-11e9-9540-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{9a40c958-a859-11e9-9540-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{9a40c964-a859-11e9-9540-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)
\\?\Volume{9a40c968-a859-11e9-9540-0862669e4011}\ () (CDROM) (Total:0 GB) (Free:0 GB)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: C7E0A5A3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 149.1 GB) (Disk ID: 6E697373)
No partition Table on disk 1.

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 862031D9)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: CD108301)
Partition 1: (Active) - (Size=931.5 GB) - (Type=0C)

==================== End of Addition.txt ============================

[Conder]

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  File: C:\Windows\System32\Drivers\ay6dm24g.sys
  
  Task: {3ECCA776-F9E4-4015-BA34-1AD47A4A4A58} - System32\Tasks\{1872B930-D57D-451D-84EE-650BB0C2D8B9} => C:\Windows\system32\pcalua.exe -a "E:\Důležité-programy-pro-hraní-her\Důležité programy pro hraní her\DirectX aktualizace z webu.exe" -d "E:\Důležité-programy-pro-hraní-her\Důležité programy pro hraní her"
  Task: {4422E699-4FED-4B6F-88CB-69864A7299B0} - System32\Tasks\{49B0644C-BAE9-42F3-BC44-8018EF452455} => C:\Windows\system32\pcalua.exe -a "E:\Důležité-programy-pro-hraní-her\Důležité programy pro hraní her\Dotnet FX.exe" -d "E:\Důležité-programy-pro-hraní-her\Důležité programy pro hraní her"
  Task: {5FC30D0F-C007-4C89-83FF-D774E6CB4C1B} - System32\Tasks\{826575A1-CF72-4A88-A523-502A93461B63} => C:\Windows\system32\pcalua.exe -a "E:\winrar 3.71 sk aj crak\winrar 3.71 sk aj crak\crck.exe" -d "E:\winrar 3.71 sk aj crak\winrar 3.71 sk aj crak"
  Task: {6C3E435B-1DC5-432D-ACE4-DB943899F009} - System32\Tasks\{77B920D9-BFFB-4D22-B478-53ADA2C4B2CC} => C:\Windows\system32\pcalua.exe -a "E:\CyberLink Power DVD (verze ultra s updatem , čestinou)\Power dvd.Activator.exe" -d "E:\CyberLink Power DVD (verze ultra s updatem , čestinou)"
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
  HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
  HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
  HKU\S-1-5-21-1601266965-4254244799-107981220-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
  SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
  S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
  S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
  S3 VGPU; System32\drivers\rdvgkmd.sys [X]
  2019-09-07 14:34 - 2018-06-05 09:44 - 000000000 ____D C:\Users\Trifon\AppData\Local\SquirrelTemp
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[Slovak]

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-09-2019
Ran by Trifon (09-09-2019 20:37:00) Run:1
Running from C:\Users\Trifon\Desktop
Loaded Profiles: Trifon (Available Profiles: Trifon)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Windows\System32\Drivers\ay6dm24g.sys

Task: {3ECCA776-F9E4-4015-BA34-1AD47A4A4A58} - System32\Tasks\{1872B930-D57D-451D-84EE-650BB0C2D8B9} => C:\Windows\system32\pcalua.exe -a "E:\D�le�it�-programy-pro-hran�-her\D�le�it� programy pro hran� her\DirectX aktualizace z webu.exe" -d "E:\D�le�it�-programy-pro-hran�-her\D�le�it� programy pro hran� her"
Task: {4422E699-4FED-4B6F-88CB-69864A7299B0} - System32\Tasks\{49B0644C-BAE9-42F3-BC44-8018EF452455} => C:\Windows\system32\pcalua.exe -a "E:\D�le�it�-programy-pro-hran�-her\D�le�it� programy pro hran� her\Dotnet FX.exe" -d "E:\D�le�it�-programy-pro-hran�-her\D�le�it� programy pro hran� her"
Task: {5FC30D0F-C007-4C89-83FF-D774E6CB4C1B} - System32\Tasks\{826575A1-CF72-4A88-A523-502A93461B63} => C:\Windows\system32\pcalua.exe -a "E:\winrar 3.71 sk aj crak\winrar 3.71 sk aj crak\crck.exe" -d "E:\winrar 3.71 sk aj crak\winrar 3.71 sk aj crak"
Task: {6C3E435B-1DC5-432D-ACE4-DB943899F009} - System32\Tasks\{77B920D9-BFFB-4D22-B478-53ADA2C4B2CC} => C:\Windows\system32\pcalua.exe -a "E:\CyberLink Power DVD (verze ultra s updatem , �estinou)\Power dvd.Activator.exe" -d "E:\CyberLink Power DVD (verze ultra s updatem , �estinou)"
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1601266965-4254244799-107981220-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2019-09-07 14:34 - 2018-06-05 09:44 - 000000000 ____D C:\Users\Trifon\AppData\Local\SquirrelTemp

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 195
Average :
Sum : 1105254041
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========


========================= File: C:\Windows\System32\Drivers\ay6dm24g.sys ========================

"C:\Windows\System32\Drivers\ay6dm24g.sys" => not found
====== End of File: ======

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3ECCA776-F9E4-4015-BA34-1AD47A4A4A58}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3ECCA776-F9E4-4015-BA34-1AD47A4A4A58}" => removed successfully
C:\Windows\System32\Tasks\{1872B930-D57D-451D-84EE-650BB0C2D8B9} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1872B930-D57D-451D-84EE-650BB0C2D8B9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4422E699-4FED-4B6F-88CB-69864A7299B0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4422E699-4FED-4B6F-88CB-69864A7299B0}" => removed successfully
C:\Windows\System32\Tasks\{49B0644C-BAE9-42F3-BC44-8018EF452455} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{49B0644C-BAE9-42F3-BC44-8018EF452455}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FC30D0F-C007-4C89-83FF-D774E6CB4C1B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FC30D0F-C007-4C89-83FF-D774E6CB4C1B}" => removed successfully
C:\Windows\System32\Tasks\{826575A1-CF72-4A88-A523-502A93461B63} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{826575A1-CF72-4A88-A523-502A93461B63}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C3E435B-1DC5-432D-ACE4-DB943899F009}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C3E435B-1DC5-432D-ACE4-DB943899F009}" => removed successfully
C:\Windows\System32\Tasks\{77B920D9-BFFB-4D22-B478-53ADA2C4B2CC} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{77B920D9-BFFB-4D22-B478-53ADA2C4B2CC}" => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page" => removed successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully
HKU\S-1-5-21-1601266965-4254244799-107981220-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\System\CurrentControlSet\Services\Synth3dVsc => removed successfully
Synth3dVsc => service removed successfully
HKLM\System\CurrentControlSet\Services\tsusbhub => removed successfully
tsusbhub => service removed successfully
HKLM\System\CurrentControlSet\Services\VGPU => removed successfully
VGPU => service removed successfully
C:\Users\Trifon\AppData\Local\SquirrelTemp => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 32071047 B
Java, Flash, Steam htmlcache => 846695715 B
Windows/system/drivers => 63572944 B
Edge => 0 B
Chrome => 403199476 B
Firefox => 17248903 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 33058 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33058 B
systemprofile32 => 68168 B
LocalService => 66228 B
NetworkService => 0 B
Trifon => 31333921 B

RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:37:23 ====

[Conder]

Vyzera to OK. Ak nie su ziadne problemy, tak este upraceme po pouzitych nastrojoch:

• Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
• Uloz na plochu a spusti
• Nechaj oznacenu moznost "Remove disinfection tools"
• Klikni na "Run"

[Slovak]

ok dakujem za pomoc

[Conder]

Nie je zaco, rad som pomohol