VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu. Děkuji.

https://forum.viry.cz:443/viewtopic.php?t=156026

Stránka 1 z 1

Prosím o kontrolu logu. Děkuji.

Napsal: 04 čer 2019 18:50
od pan Hankey
Prosím o kontrolu logu. Děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-06-2019
Ran by Tom78 (administrator) on STROJ (ASUS All Series) (04-06-2019 19:43:05)
Running from C:\Users\Tom78\Desktop
Loaded Profiles: Tom78 (Available Profiles: Tom78)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe
(A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Moje\Programy\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Moje\Programy\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Moje\Programy\Avast\AvastUI.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera_crashreporter.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-11-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Moje\Programy\Avast\AvLaunch.exe [262024 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Winlogon: [Shell] c:\windows\system32\explorer.exe [2616320 2017-06-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\Run: [BloodyKeyboard] => C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe [11374080 2017-11-02] () [File not signed]
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [16442096 2018-07-20] (A FOUR TECH CO., LTD. -> )
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-18] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-18] (On2.com) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-23] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07D9C54A-0CA5-4123-BB82-9CD674575459} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {166CD7F0-36D1-42DB-8534-47D1E2CD14C0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3729392 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1CE3C2ED-DD67-4E9F-84A2-42AFFFD6C3AB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {26C93137-B0D7-4ECC-AEC8-D4001B15E6BE} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2EA62DBA-A4B1-45D8-9C35-6F39CB8BCB48} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {35CB327F-6E9E-4873-9EBD-2E148F87CCBA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_pepper.exe [1452600 2019-05-14] (Adobe Inc. -> Adobe)
Task: {373013AE-4B11-4C81-BAE2-3FD64B7E6A25} - System32\Tasks\Opera scheduled Autoupdate 1503746874 => C:\Moje\Prohlizece\Opera\launcher.exe [1493592 2019-05-23] (Opera Software AS -> Opera Software)
Task: {539D94B4-3B7C-4FF9-8A91-CC10C49A9DD5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5AA301E4-AD64-4B3C-AEAA-DEFB1A0498AE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe [1457208 2019-05-14] (Adobe Inc. -> Adobe)
Task: {6BF9A69D-C5CE-4ECA-991F-A5EE7234A1D6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A3FFF407-1877-4DA0-A931-4C391A3CC3C8} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A81FFF11-86E8-4DFE-A437-9A77957E25A6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-11-20] (Piriform Ltd -> Piriform Ltd)
Task: {B0B9D1C2-99DC-48FC-8028-B5E2471F6465} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B36492E1-071D-4E7D-9FF0-2A09CC6778DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-18] (Google Inc -> Google Inc.)
Task: {B6D9C842-F966-40E7-A51A-BC5B935E8EDC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-18] (Google Inc -> Google Inc.)
Task: {BF72989A-D560-48BE-8B21-8E889CEBEA81} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C3B0B22A-67C2-4563-BAD1-7D4B80586525} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-14] (Adobe Inc. -> Adobe)
Task: {C613889D-5089-457F-804F-A351B635A927} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [591344 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CBDB0659-9C6C-43AA-84CC-CCF62AE4FD47} - System32\Tasks\Avast Emergency Update => C:\Moje\Programy\Avast\AvEmUpdate.exe [2934152 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {E36828D2-6E89-4425-9A1F-8588F12D918C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E64DE30D-9FF7-4D22-86A8-2A847B798338} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648688 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E8318FB3-B134-4D49-8ABD-35C547A57BE7} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 185.73.101.1 8.8.4.4
Tcpip\..\Interfaces\{3E23E901-49BD-4232-B46C-DCEB20E89345}: [DhcpNameServer] 82.99.143.180 8.8.4.4
Tcpip\..\Interfaces\{45DF80BB-9782-4E8A-B0F0-BAB1888F7B4E}: [DhcpNameServer] 82.99.143.180 8.8.4.4
Tcpip\..\Interfaces\{54FFDA33-F641-4D2B-8030-41EF90A57627}: [DhcpNameServer] 185.73.101.1 8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

FireFox:
========
FF DefaultProfile: 0xsqg3cl.default
FF ProfilePath: C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\0xsqg3cl.default [2019-06-02]
FF Session Restore: Mozilla\Firefox\Profiles\0xsqg3cl.default -> is enabled.
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\0xsqg3cl.default\Extensions\sp@avast.com.xpi [2019-04-25]
FF Extension: (uBlock Origin) - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\0xsqg3cl.default\Extensions\uBlock0@raymondhill.net.xpi [2019-05-25]
FF Extension: (Avast Online Security) - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\0xsqg3cl.default\Extensions\wrc@avast.com.xpi [2019-05-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll [2019-05-14] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default [2019-06-04]
CHR Extension: (Disk Google) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-18]
CHR Extension: (YouTube) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-18]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-04]
CHR Extension: (Avast Online Security) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-23]
CHR Extension: (uBlock Adblocker Plus) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhflmgomffaphmnbcogleagmloijbkd [2018-08-24]
CHR Profile: C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\System Profile [2017-12-20]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\Tom78\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2019-04-30]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Moje\Programy\Avast\aswidsagent.exe [6844776 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Moje\Programy\Avast\AvastSvc.exe [409224 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-05-29] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [707144 2019-01-24] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2019-01-24] (GOG Sp. z o.o. -> GOG.com)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-10-16] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-10-21] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [207448 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [262496 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [205848 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61472 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279120 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [167872 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477584 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225608 2019-06-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385880 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
R3 AX88179; C:\Windows\System32\DRIVERS\ax88179_178a.sys [84960 2017-06-13] (Microsoft Windows Hardware Compatibility Publisher -> ASIX Electronics Corp.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2016-12-02] (Disc Soft Ltd -> Disc Soft Ltd)
S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Microsoft Windows -> Intel Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2016-11-08] (Martin Malik - REALiX -> REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31712 2016-11-11] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199760 2016-12-20] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-02-26] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] (Intel(R) Code Signing External -> )
S3 Ser2pl; C:\Windows\System32\DRIVERS\ser2pl64.sys [227248 2017-10-30] (WDKTestCert charles-yeh,131345514351795974 -> Prolific Technology Inc.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2017-04-22] (Disc Soft Ltd -> Duplex Secure Ltd.)
U3 a69pr2i8; C:\Windows\System32\Drivers\a69pr2i8.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-04 19:43 - 2019-06-04 19:43 - 000023119 _____ C:\Users\Tom78\Desktop\FRST.txt
2019-06-04 19:40 - 2019-06-04 19:40 - 002433536 _____ (Farbar) C:\Users\Tom78\Desktop\FRST64.exe
2019-06-04 19:24 - 2019-06-04 19:24 - 000000000 ____D C:\Users\Tom78\AppData\Local\mbamtray
2019-05-29 16:16 - 2019-05-29 16:16 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\EasyAntiCheat
2019-05-29 16:14 - 2019-05-29 16:16 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-05-29 01:33 - 2019-05-29 01:33 - 000000234 _____ C:\Users\Tom78\Desktop\Tom Clancy's Ghost Recon® Wildlands.url
2019-05-29 01:33 - 2019-05-29 01:33 - 000000234 _____ C:\Users\Tom78\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tom Clancy's Ghost Recon® Wildlands.url
2019-05-25 11:24 - 2019-05-26 12:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-05-21 13:42 - 2019-05-21 13:42 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-05-17 20:37 - 2019-05-17 21:06 - 000000106 _____ C:\Users\Tom78\Desktop\GTA - čistá session.txt
2019-05-13 21:07 - 2019-05-13 21:07 - 000000000 ____D C:\Users\Tom78\AppData\Local\SquirrelTemp

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-04 19:43 - 2017-12-20 14:30 - 000000000 ____D C:\FRST
2019-06-04 19:34 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-06-04 19:33 - 2016-12-13 01:28 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-06-04 19:18 - 2019-03-15 23:36 - 000000000 ____D C:\Users\Tom78\AppData\Local\CrashDumps
2019-06-04 19:18 - 2017-11-16 23:05 - 000000000 ____D C:\Program Files (x86)\Steam
2019-06-04 18:29 - 2009-07-14 06:45 - 000021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-06-04 18:29 - 2009-07-14 06:45 - 000021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-06-04 18:28 - 2016-12-31 13:53 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\vlc
2019-06-04 18:23 - 2018-12-19 23:44 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-04 18:23 - 2018-12-19 23:44 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-04 18:23 - 2018-11-20 18:48 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-06-04 18:23 - 2018-08-23 20:18 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-04 18:23 - 2018-08-23 20:18 - 000003940 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-04 18:23 - 2018-08-23 20:18 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-04 18:23 - 2018-08-23 20:18 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-04 18:23 - 2018-08-23 20:18 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-04 18:23 - 2018-08-23 20:18 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-04 18:23 - 2018-03-01 20:55 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-06-04 18:23 - 2018-02-14 12:32 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-04 18:23 - 2018-02-14 12:32 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-04 18:23 - 2018-02-14 12:32 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-04 18:23 - 2018-02-14 12:32 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-04 18:23 - 2016-11-06 23:54 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-06-04 11:33 - 2017-11-08 14:20 - 000000000 ____D C:\ProgramData\NVIDIA
2019-06-04 11:30 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-03 13:42 - 2019-03-18 18:59 - 000225608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-06-03 12:45 - 2016-11-11 16:09 - 000000000 ____D C:\Users\Tom78\AppData\Local\Ubisoft Game Launcher
2019-06-02 11:49 - 2018-09-10 15:27 - 000000000 ____D C:\Users\Tom78\AppData\LocalLow\Mozilla
2019-05-30 20:55 - 2016-11-17 23:20 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2019-05-30 15:46 - 2019-03-18 18:59 - 000385880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-05-29 16:16 - 2016-12-18 14:12 - 000000000 ____D C:\Users\Tom78\Documents\My Games
2019-05-29 01:31 - 2018-10-18 14:48 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\Transport Fever
2019-05-29 01:31 - 2017-04-20 20:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2019-05-28 12:33 - 2019-03-18 18:59 - 000004138 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-05-28 04:54 - 2017-10-04 17:27 - 000004000 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1503746874
2019-05-26 12:13 - 2019-04-24 21:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-25 00:15 - 2016-11-08 20:00 - 000007651 _____ C:\Users\Tom78\AppData\Local\Resmon.ResmonCfg
2019-05-23 04:03 - 2017-10-18 23:32 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-21 13:42 - 2019-03-18 18:59 - 000477584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-05-21 13:42 - 2019-03-18 18:59 - 000279120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-05-21 13:42 - 2019-03-18 18:59 - 000167872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-05-21 13:42 - 2019-03-18 18:59 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-05-21 13:42 - 2019-03-18 18:59 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-05-21 13:42 - 2019-03-18 18:59 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 001030784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 000262496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 000207448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 000205848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 000061472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-05-16 17:52 - 2017-02-25 13:12 - 000000000 ____D C:\ProgramData\Package Cache
2019-05-14 15:38 - 2018-03-01 20:55 - 000004536 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-05-14 15:38 - 2017-06-30 22:59 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-05-14 15:38 - 2017-06-30 22:59 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-14 15:38 - 2016-11-07 03:54 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-05-14 15:38 - 2016-11-07 03:54 - 000000000 ____D C:\Windows\system32\Macromed
2019-05-14 14:38 - 2018-03-13 15:15 - 000004524 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-05-14 13:47 - 2016-12-02 21:30 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\DAEMON Tools Lite
2019-05-06 13:42 - 2019-03-01 19:12 - 000000000 ____D C:\Users\Tom78\AppData\Local\Adobe

==================== Files in the root of some directories =======

2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\en_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\es_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021880 _____ (Schneider Electric) C:\Users\Tom78\fr_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021880 _____ (Schneider Electric) C:\Users\Tom78\grm_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\it_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000020344 _____ (Schneider Electric) C:\Users\Tom78\jp_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 001079808 _____ (Microsoft Corporation) C:\Users\Tom78\mfc80u.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000626688 _____ (Microsoft Corporation) C:\Users\Tom78\msvcr80.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 013923704 _____ (Schneider Electric) C:\Users\Tom78\PCPE Setup.exe
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\pt_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000018808 _____ () C:\Users\Tom78\ResourceReader.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000020856 _____ (Schneider Electric) C:\Users\Tom78\ru_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000019832 _____ (Schneider Electric) C:\Users\Tom78\zh_res.dll
2019-03-31 23:44 - 2019-04-24 16:17 - 038595778 _____ () C:\Users\Tom78\AppData\Roaming\gta5_patch.bin
2019-03-31 23:44 - 2019-03-31 23:44 - 000332800 _____ () C:\Users\Tom78\AppData\Roaming\patcher.dll
2017-12-20 14:29 - 2017-12-20 16:19 - 000029696 _____ () C:\Users\Tom78\AppData\Local\MSGBOX.EXE
2016-11-08 20:00 - 2019-05-25 00:15 - 000007651 _____ () C:\Users\Tom78\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-06-02 19:49
==================== End of FRST.txt ============================

----------------------------------------------------------------------------------------------------------------------------------------
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-06-2019
Ran by Tom78 (04-06-2019 19:43:55)
Running from C:\Users\Tom78\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-11-06 21:06:28)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4101578857-3757837661-3053645589-500 - Administrator - Disabled)
Guest (S-1-5-21-4101578857-3757837661-3053645589-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4101578857-3757837661-3053645589-1002 - Limited - Enabled)
Tom78 (S-1-5-21-4101578857-3757837661-3053645589-1000 - Administrator - Enabled) => C:\Users\Tom78

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
Acronis Disk Director (HKLM-x32\...\{AE372858-B1BD-49EF-8308-648322846008}) (Version: 12.0.3223 - Acronis)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.192 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.192 - Adobe)
Aktualizace NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 18.07.0009 - Bloody)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Disney Princezna - Kouzelná cesta (HKLM-x32\...\{E375D72E-5343-4F73-986C-1B00C35F1DFC}) (Version: 1.0 - Disney Interactive Studios)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.67 - NVIDIA Corporation) Hidden
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: "1.0.0.10" - Rockstar Games)
HWiNFO64 Version 5.38 (HKLM\...\HWiNFO64_is1) (Version: 5.38 - Martin Malík - REALiX)
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
KeyDominator2 (HKLM-x32\...\BloodyKeyboard) (Version: 17.11.0002 - Bloody)
Kyodai Mahjongg 2006 v1.2 (HKLM-x32\...\Kyodai Mahjongg 2006_is1) (Version: - Rene-Gilles Deberdt)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Mozilla Firefox 67.0 (x64 cs) (HKLM\...\Mozilla Firefox 67.0 (x64 cs)) (Version: 67.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.3 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.18.0.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.94 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 419.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 419.67 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 419.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.67 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenOffice 4.1.3 (HKLM-x32\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
Opera Stable 60.0.3255.109 (HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\Opera 60.0.3255.109) (Version: 60.0.3255.109 - Opera Software)
Organizér (HKLM-x32\...\{4154BF17-EE1F-4F25-9696-2FF191FE0787}) (Version: 5.3.5.1 - Fireluke Software)
Ovládací panel NVIDIA 419.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.67 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.11.16 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.11.16 - General Workings, Inc.)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
Tom Clancy's Ghost Recon Wildlands (HKLM-x32\...\Uplay Install 1771) (Version: - Ubisoft)
Uplay (HKLM-x32\...\Uplay) (Version: 24.0.2 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
XMedia Recode verze 3.3.8.6 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.3.8.6 - XMedia Recode)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Moje\Programy\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Moje\Programy\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Moje\Programy\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2011-03-09] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Moje\Programy\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2011-03-09] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Moje\Programy\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2011-03-09] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Tom78\Desktop\chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disk-cache-size=1000000000
ShortcutWithArgument: C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disk-cache-size=1000000000

==================== Loaded Modules (Whitelisted) ==============

2018-09-08 16:20 - 2017-04-17 10:43 - 003852800 _____ () [File not signed] C:\Program Files (x86)\Bloody6\Bloody6\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2017-11-27 14:26 - 2014-01-10 11:48 - 004260352 _____ () [File not signed] C:\Program Files (x86)\KeyDominator2\KeyDominator2\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2017-11-27 14:26 - 2017-11-02 10:32 - 011374080 _____ () [File not signed] C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe
2008-12-03 20:05 - 2008-12-03 20:05 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\24teen.com -> 24teen.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\30search.com -> 30search.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\31234.com -> 31234.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\34yo.com -> 34yo.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\356563.net -> 356563.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\36site.com -> 36site.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\4-counter.com -> 4-counter.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\4corn.net -> 4corn.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\4pokertips.com -> 4pokertips.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\600pics.com -> 600pics.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\69teenage.com -> 69teenage.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\75tz.com -> 75tz.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\777search.com -> 777search.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\777top.com -> 777top.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\7adpower.com -> 7adpower.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\888.sooe.cn -> 888.sooe.cn
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\888net.net -> 888net.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\8da.com -> 8da.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\99livecam.com -> 99livecam.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\a2zlinks.com -> a2zlinks.com

There are 1520 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-01-04 15:58 - 000000043 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\program files (x86)\intel\icls client\;c:\program files\intel\icls client\;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\program files (x86)\intel\intel(r) management engine components\dal;c:\program files\intel\intel(r) management engine components\dal;c:\program files (x86)\intel\intel(r) management engine components\ipt;c:\program files\intel\intel(r) management engine components\ipt;c:\program files (x86)\common files\acronis\snapapi\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tom78\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 185.73.101.1 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{32A89603-4C93-4E83-96AB-8DB858A5AB73}] => (Block) %SystemDrive%\Moje\DiskDirector\DiskDirector.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{1D37AC3A-A0A0-46E5-9D31-40F1B00704D9}] => (Block) %SystemDrive%\Moje\DiskDirector\DiskDirector.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{A8428BF2-B651-4BFB-A229-5A159785B944}] => (Allow) C:\Users\Tom78\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{5AB598F2-4265-4261-B9BB-0ACCB703855B}] => (Allow) C:\Users\Tom78\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{324F436C-E05F-4C4C-83F0-8F0858B97736}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{952F2547-AC48-4238-80EF-4F7E71AEA8D6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{01E02B80-E74B-4178-BBE6-BDB8288DC91A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Novus Inceptio\NovusInceptio.exe () [File not signed]
FirewallRules: [{DA6584F7-F8AE-4CDA-AD16-DEE30ED154F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Novus Inceptio\NovusInceptio.exe () [File not signed]
FirewallRules: [{02DC5B5A-75DC-4566-8978-E78C971278CA}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{FAD87EC9-A0A7-4E60-A7A1-A5C7D7E404C6}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{F2BC386C-9C9F-46CB-B1E7-F201AC7F34F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7D330CD6-AE25-43CE-BAAC-321F36A07D7A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4B4A97B0-3FF6-48E2-B8BA-20472EB33043}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8370320D-557F-4A34-8879-38126EB4FD09}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{25E4DCCF-D7D1-4C5D-959A-E387F30F4959}] => (Allow) %SystemDrive%\Moje\Prohlizece\Tor Browser\Browser\firefox.exe (Mozilla Corporation) [File not signed]
FirewallRules: [{703B904C-4930-4666-A855-BF46CECB2A3D}] => (Allow) %SystemDrive%\Moje\Prohlizece\Tor Browser\Browser\firefox.exe (Mozilla Corporation) [File not signed]
FirewallRules: [{E6EC7424-35EF-44F8-ABFE-11D1E6995FAB}] => (Allow) %ProgramFiles% (x86)\GOG Galaxy\GalaxyClient.exe No File
FirewallRules: [{06B1C26B-ED72-467F-888E-D5FBBA1A6373}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7E78973B-823F-45B7-94FB-1213F6BFEE04}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D917749C-54C9-4192-A79A-5E2C92E32DF7}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{80ABEA09-7889-4B17-AE58-6B692C4AAE90}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{5B8D0610-F04B-4FA9-801B-61B82165E655}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C03C3968-3CEB-4031-B0E1-1C08D7073B21}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E541E532-1F87-4DC4-BCB0-C5825F84BCD1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{05499007-526A-42CB-A630-A91D7E489E40}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8FF2607A-A572-4527-9981-94AD72C474BC}] => (Allow) D:\Games\GTA\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{48F593F2-6FBF-4C9B-A06C-C25981C71519}] => (Allow) D:\Games\GTA\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{CA76EC64-5D8A-4DF3-87EB-13738D2ABA76}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7098BFB6-FA54-4D5F-81F5-244CCD05E301}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{663D8CA7-3262-4823-91F6-971B17C95E14}] => (Block) D:\Games\Princezny\play.exe (Disney Interactive Studios) [File not signed]
FirewallRules: [{73F67E4B-1974-4E1B-B77A-53D901915C88}] => (Block) D:\Games\Princezny\play.exe (Disney Interactive Studios) [File not signed]
FirewallRules: [{F0C15B98-2827-4144-8939-CEC6547F7A54}] => (Block) E:\Kyodai Mahjongg 2006\kmj.exe (Rene-Gilles Deberdt) [File not signed]
FirewallRules: [{899926B8-E8E6-4C74-BD9F-5A4900EFD34E}] => (Block) E:\Kyodai Mahjongg 2006\kmj.exe (Rene-Gilles Deberdt) [File not signed]
FirewallRules: [{0AAC3D4E-095D-4571-A029-001B6BF60626}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{DBEA647A-5F1C-4459-95DD-0F8183010E53}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{C05F1F45-1786-407A-89B2-FA61B05B136A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{A2354B08-1F5B-4905-9CAE-63B1A7646F2E}] => (Allow) D:\Games\Ubisoft\Tom Clancy's Ghost Recon Wildlands\GRW.exe (Blue Byte GmbH -> )

==================== Restore Points =========================

29-05-2019 16:13:31 Nainstalováno rozhraní DirectX
29-05-2019 16:14:41 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/04/2019 11:31:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/03/2019 12:46:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AvastUI.exe, verze: 19.5.4444.0, časové razítko: 0x5cdbd76d
Název chybujícího modulu: CommonUI.dll, verze: 19.5.4444.0, časové razítko: 0x5cdbcf48
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001e71b
ID chybujícího procesu: 0x3c8
Čas spuštění chybující aplikace: 0x01d519d575f97f0e
Cesta k chybující aplikaci: C:\Moje\Programy\Avast\AvastUI.exe
Cesta k chybujícímu modulu: C:\Moje\Programy\Avast\CommonUI.dll
ID zprávy: c7ce0d72-85ec-11e9-b5d5-74da38fe0bd6

Error: (06/03/2019 08:10:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/03/2019 02:57:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Mashinky.exe, verze: 0.0.0.0, časové razítko: 0x5ce562a8
Název chybujícího modulu: fmodL64.dll, verze: 0.1.8.9, časové razítko: 0x579f6049
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000080bfb
ID chybujícího procesu: 0xec4
Čas spuštění chybující aplikace: 0x01d519981efbc8b7
Cesta k chybující aplikaci: D:\Games\SteamLibrary\steamapps\common\Mashinky\Mashinky.exe
Cesta k chybujícímu modulu: D:\Games\SteamLibrary\steamapps\common\Mashinky\fmodL64.dll
ID zprávy: 917e2d54-859a-11e9-af64-74da38fe0bd6

Error: (06/02/2019 11:24:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/01/2019 09:05:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/31/2019 11:07:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/30/2019 03:43:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (06/04/2019 07:33:59 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (06/04/2019 07:33:59 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (06/04/2019 06:33:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (06/04/2019 06:33:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (06/04/2019 05:33:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (06/04/2019 05:33:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (06/04/2019 04:33:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (06/04/2019 04:33:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.


CodeIntegrity:
===================================

Date: 2017-10-28 14:18:10.956
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-28 14:18:10.925
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-28 14:18:10.379
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-28 14:18:10.348
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-08 12:34:51.423
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-08 12:34:51.392
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-08 12:34:50.519
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-08 12:34:50.487
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2107 08/08/2014
Motherboard: ASUSTeK COMPUTER INC. B85-PLUS
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 63%
Total physical RAM: 8097.73 MB
Available physical RAM: 2954.74 MB
Total Virtual: 24291.38 MB
Available Virtual: 18084.2 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:126.95 GB) (Free:59.32 GB) NTFS
Drive d: (Hry) (Fixed) (Total:226.74 GB) (Free:17.43 GB) NTFS
Drive e: () (Fixed) (Total:134.65 GB) (Free:24.83 GB) NTFS
Drive f: () (Fixed) (Total:931.41 GB) (Free:15.97 GB) NTFS
Drive h: (Záloha) (Fixed) (Total:443.16 GB) (Free:42.01 GB) NTFS

\\?\Volume{954ccc49-a461-11e6-a407-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 82382C7D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 12DF12DE)
Partition 1: (Not Active) - (Size=127 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=804.6 GB) - (Type=0F Extended)

==================== End of Addition.txt ============================

Re: Prosím o kontrolu logu. Děkuji.

Napsal: 04 čer 2019 22:08
od Conder
Ahoj :)

:arrow: Odporucam nepouzivat a odinstalovat vsetky programy od IObit (napr. Driver Booster, Advanced SystemCare, Uninstaller, atd.) - su to cinske smejdy, ktore mozu poskodit system.

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj

Re: Prosím o kontrolu logu. Děkuji.

Napsal: 04 čer 2019 23:52
od pan Hankey
Ahoj, děkuji za pomoc.

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-05-2019
# Duration: 00:01:10
# OS: Windows 7 Home Premium
# Cleaned: 3
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\IOBIT\Driver Booster
Deleted C:\Users\Tom78\AppData\Roaming\IOBIT\Driver Booster

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Wow6432Node\IObit\Driver Booster

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1257 octets] - [14/09/2018 10:50:44]
AdwCleaner[S01].txt - [1318 octets] - [14/09/2018 10:53:08]
AdwCleaner[S02].txt - [1379 octets] - [14/09/2018 10:53:37]
AdwCleaner[S03].txt - [1440 octets] - [14/09/2018 10:54:20]
AdwCleaner[S04].txt - [1497 octets] - [14/09/2018 10:55:13]
AdwCleaner[S05].txt - [1562 octets] - [15/11/2018 14:17:17]
AdwCleaner[C05].txt - [1748 octets] - [15/11/2018 14:30:30]
AdwCleaner[S06].txt - [1851 octets] - [04/06/2019 19:30:59]
AdwCleaner[S07].txt - [1912 octets] - [04/06/2019 19:34:36]
AdwCleaner[S08].txt - [1973 octets] - [05/06/2019 00:40:36]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C08].txt ##########

Re: Prosím o kontrolu logu. Děkuji.

Napsal: 05 čer 2019 14:40
od Conder
:arrow: Poprosim o obidva nove logy z FRST.

Re: Prosím o kontrolu logu. Děkuji.

Napsal: 05 čer 2019 16:13
od pan Hankey
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-06-2019
Ran by Tom78 (administrator) on STROJ (ASUS All Series) (05-06-2019 17:07:10)
Running from C:\Users\Tom78\Desktop
Loaded Profiles: Tom78 (Available Profiles: Tom78)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe
(A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Moje\Programy\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Moje\Programy\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Moje\Programy\Avast\AvastUI.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera_crashreporter.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-11-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Moje\Programy\Avast\AvLaunch.exe [262024 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Winlogon: [Shell] c:\windows\system32\explorer.exe [2616320 2017-06-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\Run: [BloodyKeyboard] => C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe [11374080 2017-11-02] () [File not signed]
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [16442096 2018-07-20] (A FOUR TECH CO., LTD. -> )
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-18] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-18] (On2.com) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.80\Installer\chrmstp.exe [2019-06-05] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07D9C54A-0CA5-4123-BB82-9CD674575459} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {166CD7F0-36D1-42DB-8534-47D1E2CD14C0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3729392 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1CE3C2ED-DD67-4E9F-84A2-42AFFFD6C3AB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {26C93137-B0D7-4ECC-AEC8-D4001B15E6BE} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2EA62DBA-A4B1-45D8-9C35-6F39CB8BCB48} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {35CB327F-6E9E-4873-9EBD-2E148F87CCBA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_pepper.exe [1452600 2019-05-14] (Adobe Inc. -> Adobe)
Task: {373013AE-4B11-4C81-BAE2-3FD64B7E6A25} - System32\Tasks\Opera scheduled Autoupdate 1503746874 => C:\Moje\Prohlizece\Opera\launcher.exe [1493592 2019-05-23] (Opera Software AS -> Opera Software)
Task: {539D94B4-3B7C-4FF9-8A91-CC10C49A9DD5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5AA301E4-AD64-4B3C-AEAA-DEFB1A0498AE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe [1457208 2019-05-14] (Adobe Inc. -> Adobe)
Task: {6BF9A69D-C5CE-4ECA-991F-A5EE7234A1D6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A3FFF407-1877-4DA0-A931-4C391A3CC3C8} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A81FFF11-86E8-4DFE-A437-9A77957E25A6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-11-20] (Piriform Ltd -> Piriform Ltd)
Task: {B0B9D1C2-99DC-48FC-8028-B5E2471F6465} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B36492E1-071D-4E7D-9FF0-2A09CC6778DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-18] (Google Inc -> Google Inc.)
Task: {B6D9C842-F966-40E7-A51A-BC5B935E8EDC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-18] (Google Inc -> Google Inc.)
Task: {BF72989A-D560-48BE-8B21-8E889CEBEA81} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C3B0B22A-67C2-4563-BAD1-7D4B80586525} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-14] (Adobe Inc. -> Adobe)
Task: {C613889D-5089-457F-804F-A351B635A927} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [591344 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CBDB0659-9C6C-43AA-84CC-CCF62AE4FD47} - System32\Tasks\Avast Emergency Update => C:\Moje\Programy\Avast\AvEmUpdate.exe [2934152 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {E36828D2-6E89-4425-9A1F-8588F12D918C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E64DE30D-9FF7-4D22-86A8-2A847B798338} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648688 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E8318FB3-B134-4D49-8ABD-35C547A57BE7} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 185.73.101.1 8.8.4.4
Tcpip\..\Interfaces\{3E23E901-49BD-4232-B46C-DCEB20E89345}: [DhcpNameServer] 82.99.143.180 8.8.4.4
Tcpip\..\Interfaces\{54FFDA33-F641-4D2B-8030-41EF90A57627}: [DhcpNameServer] 185.73.101.1 8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

FireFox:
========
FF DefaultProfile: 0xsqg3cl.default
FF ProfilePath: C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\0xsqg3cl.default [2019-06-05]
FF Session Restore: Mozilla\Firefox\Profiles\0xsqg3cl.default -> is enabled.
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\0xsqg3cl.default\Extensions\sp@avast.com.xpi [2019-04-25]
FF Extension: (uBlock Origin) - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\0xsqg3cl.default\Extensions\uBlock0@raymondhill.net.xpi [2019-05-25]
FF Extension: (Avast Online Security) - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\0xsqg3cl.default\Extensions\wrc@avast.com.xpi [2019-05-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll [2019-05-14] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default [2019-06-05]
CHR Extension: (Disk Google) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-18]
CHR Extension: (YouTube) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-18]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-05]
CHR Extension: (Avast Online Security) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-05]
CHR Extension: (uBlock Adblocker Plus) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhflmgomffaphmnbcogleagmloijbkd [2018-08-24]
CHR Profile: C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\System Profile [2017-12-20]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\Tom78\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2019-04-30]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Moje\Programy\Avast\aswidsagent.exe [6844776 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Moje\Programy\Avast\AvastSvc.exe [409224 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-05-29] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [707144 2019-01-24] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2019-01-24] (GOG Sp. z o.o. -> GOG.com)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-10-16] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-10-21] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [207448 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [262496 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [205848 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61472 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279120 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [167872 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477584 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225608 2019-06-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385880 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
R3 AX88179; C:\Windows\System32\DRIVERS\ax88179_178a.sys [84960 2017-06-13] (Microsoft Windows Hardware Compatibility Publisher -> ASIX Electronics Corp.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2016-12-02] (Disc Soft Ltd -> Disc Soft Ltd)
S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Microsoft Windows -> Intel Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2016-11-08] (Martin Malik - REALiX -> REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31712 2016-11-11] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199760 2016-12-20] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-02-26] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] (Intel(R) Code Signing External -> )
S3 Ser2pl; C:\Windows\System32\DRIVERS\ser2pl64.sys [227248 2017-10-30] (WDKTestCert charles-yeh,131345514351795974 -> Prolific Technology Inc.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2017-04-22] (Disc Soft Ltd -> Duplex Secure Ltd.)
U3 aesfpkwp; C:\Windows\System32\Drivers\aesfpkwp.sys [0 0000-00-00] (Intel Corporation) <==== ATTENTION (zero byte File/Folder)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-05 17:07 - 2019-06-05 17:07 - 000022925 _____ C:\Users\Tom78\Desktop\FRST.txt
2019-06-05 17:06 - 2019-06-05 17:06 - 000000000 ____D C:\Users\Tom78\Desktop\FRST-OlderVersion
2019-06-05 13:28 - 2019-06-05 13:28 - 000000000 ____D C:\Users\Tom78\AppData\Local\ElevatedDiagnostics
2019-06-05 00:37 - 2019-06-05 00:37 - 007025360 _____ (Malwarebytes) C:\Users\Tom78\Desktop\adwcleaner_7.3.exe
2019-06-04 19:40 - 2019-06-05 17:06 - 002417664 _____ (Farbar) C:\Users\Tom78\Desktop\FRST64.exe
2019-06-04 19:24 - 2019-06-04 19:24 - 000000000 ____D C:\Users\Tom78\AppData\Local\mbamtray
2019-05-29 16:16 - 2019-05-29 16:16 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\EasyAntiCheat
2019-05-29 16:14 - 2019-05-29 16:16 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-05-29 01:33 - 2019-05-29 01:33 - 000000234 _____ C:\Users\Tom78\Desktop\Tom Clancy's Ghost Recon® Wildlands.url
2019-05-29 01:33 - 2019-05-29 01:33 - 000000234 _____ C:\Users\Tom78\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tom Clancy's Ghost Recon® Wildlands.url
2019-05-25 11:24 - 2019-05-26 12:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-05-21 13:42 - 2019-05-21 13:42 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-05-17 20:37 - 2019-05-17 21:06 - 000000106 _____ C:\Users\Tom78\Desktop\GTA - čistá session.txt
2019-05-13 21:07 - 2019-05-13 21:07 - 000000000 ____D C:\Users\Tom78\AppData\Local\SquirrelTemp

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-05 17:07 - 2017-12-20 14:30 - 000000000 ____D C:\FRST
2019-06-05 16:20 - 2019-03-15 23:36 - 000000000 ____D C:\Users\Tom78\AppData\Local\CrashDumps
2019-06-05 14:03 - 2018-09-10 15:27 - 000000000 ____D C:\Users\Tom78\AppData\LocalLow\Mozilla
2019-06-05 13:32 - 2009-07-14 06:45 - 000021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-06-05 13:32 - 2009-07-14 06:45 - 000021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-06-05 13:27 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-06-05 13:26 - 2018-12-19 23:44 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-05 13:26 - 2018-12-19 23:44 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-05 13:26 - 2018-11-20 18:48 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-06-05 13:26 - 2018-08-23 20:18 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-05 13:26 - 2018-08-23 20:18 - 000003940 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-05 13:26 - 2018-08-23 20:18 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-05 13:26 - 2018-08-23 20:18 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-05 13:26 - 2018-08-23 20:18 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-05 13:26 - 2018-08-23 20:18 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-05 13:26 - 2018-03-01 20:55 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-06-05 13:26 - 2018-02-14 12:32 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-05 13:26 - 2018-02-14 12:32 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-05 13:26 - 2018-02-14 12:32 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-05 13:26 - 2018-02-14 12:32 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-05 13:26 - 2016-11-06 23:54 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-06-05 12:12 - 2017-11-08 14:20 - 000000000 ____D C:\ProgramData\NVIDIA
2019-06-05 12:02 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-05 02:02 - 2017-10-18 23:32 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-05 00:40 - 2016-11-11 03:28 - 000000000 ____D C:\ProgramData\IObit
2019-06-05 00:40 - 2016-11-11 03:27 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\IObit
2019-06-04 22:57 - 2016-11-08 20:00 - 000007651 _____ C:\Users\Tom78\AppData\Local\Resmon.ResmonCfg
2019-06-04 19:33 - 2016-12-13 01:28 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-06-04 19:18 - 2017-11-16 23:05 - 000000000 ____D C:\Program Files (x86)\Steam
2019-06-04 18:28 - 2016-12-31 13:53 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\vlc
2019-06-03 13:42 - 2019-03-18 18:59 - 000225608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-06-03 12:45 - 2016-11-11 16:09 - 000000000 ____D C:\Users\Tom78\AppData\Local\Ubisoft Game Launcher
2019-05-30 20:55 - 2016-11-17 23:20 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2019-05-30 15:46 - 2019-03-18 18:59 - 000385880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-05-29 16:16 - 2016-12-18 14:12 - 000000000 ____D C:\Users\Tom78\Documents\My Games
2019-05-29 01:31 - 2018-10-18 14:48 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\Transport Fever
2019-05-29 01:31 - 2017-04-20 20:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2019-05-28 12:33 - 2019-03-18 18:59 - 000004138 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-05-28 04:54 - 2017-10-04 17:27 - 000004000 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1503746874
2019-05-26 12:13 - 2019-04-24 21:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-21 13:42 - 2019-03-18 18:59 - 000477584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-05-21 13:42 - 2019-03-18 18:59 - 000279120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-05-21 13:42 - 2019-03-18 18:59 - 000167872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-05-21 13:42 - 2019-03-18 18:59 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-05-21 13:42 - 2019-03-18 18:59 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-05-21 13:42 - 2019-03-18 18:59 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 001030784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 000262496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 000207448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 000205848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 000061472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-05-16 17:52 - 2017-02-25 13:12 - 000000000 ____D C:\ProgramData\Package Cache
2019-05-14 15:38 - 2018-03-01 20:55 - 000004536 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-05-14 15:38 - 2017-06-30 22:59 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-05-14 15:38 - 2017-06-30 22:59 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-14 15:38 - 2016-11-07 03:54 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-05-14 15:38 - 2016-11-07 03:54 - 000000000 ____D C:\Windows\system32\Macromed
2019-05-14 14:38 - 2018-03-13 15:15 - 000004524 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-05-14 13:47 - 2016-12-02 21:30 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\DAEMON Tools Lite
2019-05-06 13:42 - 2019-03-01 19:12 - 000000000 ____D C:\Users\Tom78\AppData\Local\Adobe

==================== Files in the root of some directories =======

2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\en_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\es_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021880 _____ (Schneider Electric) C:\Users\Tom78\fr_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021880 _____ (Schneider Electric) C:\Users\Tom78\grm_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\it_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000020344 _____ (Schneider Electric) C:\Users\Tom78\jp_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 001079808 _____ (Microsoft Corporation) C:\Users\Tom78\mfc80u.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000626688 _____ (Microsoft Corporation) C:\Users\Tom78\msvcr80.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 013923704 _____ (Schneider Electric) C:\Users\Tom78\PCPE Setup.exe
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\pt_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000018808 _____ () C:\Users\Tom78\ResourceReader.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000020856 _____ (Schneider Electric) C:\Users\Tom78\ru_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000019832 _____ (Schneider Electric) C:\Users\Tom78\zh_res.dll
2019-03-31 23:44 - 2019-04-24 16:17 - 038595778 _____ () C:\Users\Tom78\AppData\Roaming\gta5_patch.bin
2019-03-31 23:44 - 2019-03-31 23:44 - 000332800 _____ () C:\Users\Tom78\AppData\Roaming\patcher.dll
2017-12-20 14:29 - 2017-12-20 16:19 - 000029696 _____ () C:\Users\Tom78\AppData\Local\MSGBOX.EXE
2016-11-08 20:00 - 2019-06-04 22:57 - 000007651 _____ () C:\Users\Tom78\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-06-02 19:49
==================== End of FRST.txt ============================

---------------------------------------------------------------------------------------------------------------------------------------------------
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-06-2019
Ran by Tom78 (05-06-2019 17:08:04)
Running from C:\Users\Tom78\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-11-06 21:06:28)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4101578857-3757837661-3053645589-500 - Administrator - Disabled)
Guest (S-1-5-21-4101578857-3757837661-3053645589-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4101578857-3757837661-3053645589-1002 - Limited - Enabled)
Tom78 (S-1-5-21-4101578857-3757837661-3053645589-1000 - Administrator - Enabled) => C:\Users\Tom78

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
Acronis Disk Director (HKLM-x32\...\{AE372858-B1BD-49EF-8308-648322846008}) (Version: 12.0.3223 - Acronis)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.192 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.192 - Adobe)
Aktualizace NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 18.07.0009 - Bloody)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Disney Princezna - Kouzelná cesta (HKLM-x32\...\{E375D72E-5343-4F73-986C-1B00C35F1DFC}) (Version: 1.0 - Disney Interactive Studios)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.67 - NVIDIA Corporation) Hidden
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.80 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: "1.0.0.10" - Rockstar Games)
HWiNFO64 Version 5.38 (HKLM\...\HWiNFO64_is1) (Version: 5.38 - Martin Malík - REALiX)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
KeyDominator2 (HKLM-x32\...\BloodyKeyboard) (Version: 17.11.0002 - Bloody)
Kyodai Mahjongg 2006 v1.2 (HKLM-x32\...\Kyodai Mahjongg 2006_is1) (Version: - Rene-Gilles Deberdt)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Mozilla Firefox 67.0 (x64 cs) (HKLM\...\Mozilla Firefox 67.0 (x64 cs)) (Version: 67.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.3 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.18.0.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.94 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 419.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 419.67 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 419.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.67 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenOffice 4.1.3 (HKLM-x32\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
Opera Stable 60.0.3255.109 (HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\Opera 60.0.3255.109) (Version: 60.0.3255.109 - Opera Software)
Organizér (HKLM-x32\...\{4154BF17-EE1F-4F25-9696-2FF191FE0787}) (Version: 5.3.5.1 - Fireluke Software)
Ovládací panel NVIDIA 419.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.67 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.11.16 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.11.16 - General Workings, Inc.)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
Tom Clancy's Ghost Recon Wildlands (HKLM-x32\...\Uplay Install 1771) (Version: - Ubisoft)
Uplay (HKLM-x32\...\Uplay) (Version: 24.0.2 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
XMedia Recode verze 3.3.8.6 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.3.8.6 - XMedia Recode)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Moje\Programy\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Moje\Programy\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Moje\Programy\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2011-03-09] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Moje\Programy\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2011-03-09] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Moje\Programy\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2011-03-09] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Tom78\Desktop\chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --disk-cache-size=1000000000
ShortcutWithArgument: C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --disk-cache-size=1000000000

==================== Loaded Modules (Whitelisted) ==============

2018-09-08 16:20 - 2017-04-17 10:43 - 003852800 _____ () [File not signed] C:\Program Files (x86)\Bloody6\Bloody6\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2017-11-27 14:26 - 2014-01-10 11:48 - 004260352 _____ () [File not signed] C:\Program Files (x86)\KeyDominator2\KeyDominator2\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2017-11-27 14:26 - 2017-11-02 10:32 - 011374080 _____ () [File not signed] C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe
2017-07-09 22:51 - 2009-07-08 12:51 - 000730624 _____ (Hewlett-Packard Co.) [File not signed] C:\Windows\system32\hpotscl1.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\24teen.com -> 24teen.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\30search.com -> 30search.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\31234.com -> 31234.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\34yo.com -> 34yo.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\356563.net -> 356563.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\36site.com -> 36site.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\4-counter.com -> 4-counter.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\4corn.net -> 4corn.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\4pokertips.com -> 4pokertips.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\600pics.com -> 600pics.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\69teenage.com -> 69teenage.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\75tz.com -> 75tz.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\777search.com -> 777search.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\777top.com -> 777top.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\7adpower.com -> 7adpower.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\888.sooe.cn -> 888.sooe.cn
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\888net.net -> 888net.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\8da.com -> 8da.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\99livecam.com -> 99livecam.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\a2zlinks.com -> a2zlinks.com

There are 1520 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-01-04 15:58 - 000000043 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\program files (x86)\intel\icls client\;c:\program files\intel\icls client\;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\program files (x86)\intel\intel(r) management engine components\dal;c:\program files\intel\intel(r) management engine components\dal;c:\program files (x86)\intel\intel(r) management engine components\ipt;c:\program files\intel\intel(r) management engine components\ipt;c:\program files (x86)\common files\acronis\snapapi\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tom78\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 185.73.101.1 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{32A89603-4C93-4E83-96AB-8DB858A5AB73}] => (Block) %SystemDrive%\Moje\DiskDirector\DiskDirector.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{1D37AC3A-A0A0-46E5-9D31-40F1B00704D9}] => (Block) %SystemDrive%\Moje\DiskDirector\DiskDirector.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{A8428BF2-B651-4BFB-A229-5A159785B944}] => (Allow) C:\Users\Tom78\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{5AB598F2-4265-4261-B9BB-0ACCB703855B}] => (Allow) C:\Users\Tom78\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{324F436C-E05F-4C4C-83F0-8F0858B97736}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{952F2547-AC48-4238-80EF-4F7E71AEA8D6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{01E02B80-E74B-4178-BBE6-BDB8288DC91A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Novus Inceptio\NovusInceptio.exe () [File not signed]
FirewallRules: [{DA6584F7-F8AE-4CDA-AD16-DEE30ED154F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Novus Inceptio\NovusInceptio.exe () [File not signed]
FirewallRules: [{02DC5B5A-75DC-4566-8978-E78C971278CA}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{FAD87EC9-A0A7-4E60-A7A1-A5C7D7E404C6}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{F2BC386C-9C9F-46CB-B1E7-F201AC7F34F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7D330CD6-AE25-43CE-BAAC-321F36A07D7A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4B4A97B0-3FF6-48E2-B8BA-20472EB33043}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8370320D-557F-4A34-8879-38126EB4FD09}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{25E4DCCF-D7D1-4C5D-959A-E387F30F4959}] => (Allow) %SystemDrive%\Moje\Prohlizece\Tor Browser\Browser\firefox.exe (Mozilla Corporation) [File not signed]
FirewallRules: [{703B904C-4930-4666-A855-BF46CECB2A3D}] => (Allow) %SystemDrive%\Moje\Prohlizece\Tor Browser\Browser\firefox.exe (Mozilla Corporation) [File not signed]
FirewallRules: [{E6EC7424-35EF-44F8-ABFE-11D1E6995FAB}] => (Allow) %ProgramFiles% (x86)\GOG Galaxy\GalaxyClient.exe No File
FirewallRules: [{06B1C26B-ED72-467F-888E-D5FBBA1A6373}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7E78973B-823F-45B7-94FB-1213F6BFEE04}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D917749C-54C9-4192-A79A-5E2C92E32DF7}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{80ABEA09-7889-4B17-AE58-6B692C4AAE90}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{5B8D0610-F04B-4FA9-801B-61B82165E655}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C03C3968-3CEB-4031-B0E1-1C08D7073B21}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E541E532-1F87-4DC4-BCB0-C5825F84BCD1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{05499007-526A-42CB-A630-A91D7E489E40}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8FF2607A-A572-4527-9981-94AD72C474BC}] => (Allow) D:\Games\GTA\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{48F593F2-6FBF-4C9B-A06C-C25981C71519}] => (Allow) D:\Games\GTA\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{CA76EC64-5D8A-4DF3-87EB-13738D2ABA76}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7098BFB6-FA54-4D5F-81F5-244CCD05E301}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{663D8CA7-3262-4823-91F6-971B17C95E14}] => (Block) D:\Games\Princezny\play.exe (Disney Interactive Studios) [File not signed]
FirewallRules: [{73F67E4B-1974-4E1B-B77A-53D901915C88}] => (Block) D:\Games\Princezny\play.exe (Disney Interactive Studios) [File not signed]
FirewallRules: [{F0C15B98-2827-4144-8939-CEC6547F7A54}] => (Block) E:\Kyodai Mahjongg 2006\kmj.exe (Rene-Gilles Deberdt) [File not signed]
FirewallRules: [{899926B8-E8E6-4C74-BD9F-5A4900EFD34E}] => (Block) E:\Kyodai Mahjongg 2006\kmj.exe (Rene-Gilles Deberdt) [File not signed]
FirewallRules: [{0AAC3D4E-095D-4571-A029-001B6BF60626}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{DBEA647A-5F1C-4459-95DD-0F8183010E53}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{A2354B08-1F5B-4905-9CAE-63B1A7646F2E}] => (Allow) D:\Games\Ubisoft\Tom Clancy's Ghost Recon Wildlands\GRW.exe (Blue Byte GmbH -> )
FirewallRules: [{DAF0CCC4-EF25-423C-AED6-2F8B8967BFB2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

29-05-2019 16:13:31 Nainstalováno rozhraní DirectX
29-05-2019 16:14:41 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/05/2019 04:06:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AvastUI.exe, verze: 19.5.4444.0, časové razítko: 0x5cdbd76d
Název chybujícího modulu: CommonUI.dll, verze: 19.5.4444.0, časové razítko: 0x5cdbcf48
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001e71b
ID chybujícího procesu: 0x1068
Čas spuštění chybující aplikace: 0x01d51b85f52c07d5
Cesta k chybující aplikaci: C:\Moje\Programy\Avast\AvastUI.exe
Cesta k chybujícímu modulu: C:\Moje\Programy\Avast\CommonUI.dll
ID zprávy: 2c8a32a2-879b-11e9-8573-74da38fe0bd6

Error: (06/05/2019 12:04:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/05/2019 12:44:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/04/2019 11:31:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/03/2019 12:46:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AvastUI.exe, verze: 19.5.4444.0, časové razítko: 0x5cdbd76d
Název chybujícího modulu: CommonUI.dll, verze: 19.5.4444.0, časové razítko: 0x5cdbcf48
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001e71b
ID chybujícího procesu: 0x3c8
Čas spuštění chybující aplikace: 0x01d519d575f97f0e
Cesta k chybující aplikaci: C:\Moje\Programy\Avast\AvastUI.exe
Cesta k chybujícímu modulu: C:\Moje\Programy\Avast\CommonUI.dll
ID zprávy: c7ce0d72-85ec-11e9-b5d5-74da38fe0bd6

Error: (06/03/2019 08:10:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/03/2019 02:57:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Mashinky.exe, verze: 0.0.0.0, časové razítko: 0x5ce562a8
Název chybujícího modulu: fmodL64.dll, verze: 0.1.8.9, časové razítko: 0x579f6049
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000080bfb
ID chybujícího procesu: 0xec4
Čas spuštění chybující aplikace: 0x01d519981efbc8b7
Cesta k chybující aplikaci: D:\Games\SteamLibrary\steamapps\common\Mashinky\Mashinky.exe
Cesta k chybujícímu modulu: D:\Games\SteamLibrary\steamapps\common\Mashinky\fmodL64.dll
ID zprávy: 917e2d54-859a-11e9-af64-74da38fe0bd6

Error: (06/02/2019 11:24:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (06/05/2019 05:05:26 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (06/05/2019 05:05:26 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (06/05/2019 04:05:25 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (06/05/2019 04:05:25 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (06/05/2019 03:05:25 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (06/05/2019 03:05:25 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (06/05/2019 02:05:25 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (06/05/2019 02:05:25 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.


CodeIntegrity:
===================================

Date: 2017-10-28 14:18:10.956
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-28 14:18:10.925
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-28 14:18:10.379
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-28 14:18:10.348
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-08 12:34:51.423
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-08 12:34:51.392
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-08 12:34:50.519
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-08 12:34:50.487
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2107 08/08/2014
Motherboard: ASUSTeK COMPUTER INC. B85-PLUS
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 52%
Total physical RAM: 8097.73 MB
Available physical RAM: 3828.52 MB
Total Virtual: 24291.38 MB
Available Virtual: 18980.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:126.95 GB) (Free:59.22 GB) NTFS
Drive d: (Hry) (Fixed) (Total:226.74 GB) (Free:17.43 GB) NTFS
Drive e: () (Fixed) (Total:134.65 GB) (Free:24.83 GB) NTFS
Drive f: () (Fixed) (Total:931.41 GB) (Free:15.97 GB) NTFS
Drive h: (Záloha) (Fixed) (Total:443.16 GB) (Free:42.01 GB) NTFS

\\?\Volume{954ccc49-a461-11e6-a407-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 82382C7D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 12DF12DE)
Partition 1: (Not Active) - (Size=127 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=804.6 GB) - (Type=0F Extended)

==================== End of Addition.txt ============================

Re: Prosím o kontrolu logu. Děkuji.

Napsal: 06 čer 2019 21:25
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Windows\System32\Drivers\aesfpkwp.sys
ExportKey: HKLM\SOFTWARE\Policies\Mozilla\Firefox

HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
U3 aesfpkwp; C:\Windows\System32\Drivers\aesfpkwp.sys [0 0000-00-00] (Intel Corporation) <==== ATTENTION (zero byte File/Folder)
2019-06-05 17:06 - 2019-06-05 17:06 - 000000000 ____D C:\Users\Tom78\Desktop\FRST-OlderVersion
2019-05-13 21:07 - 2019-05-13 21:07 - 000000000 ____D C:\Users\Tom78\AppData\Local\SquirrelTemp
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\en_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\es_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021880 _____ (Schneider Electric) C:\Users\Tom78\fr_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021880 _____ (Schneider Electric) C:\Users\Tom78\grm_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\it_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000020344 _____ (Schneider Electric) C:\Users\Tom78\jp_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 001079808 _____ (Microsoft Corporation) C:\Users\Tom78\mfc80u.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000626688 _____ (Microsoft Corporation) C:\Users\Tom78\msvcr80.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 013923704 _____ (Schneider Electric) C:\Users\Tom78\PCPE Setup.exe
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\pt_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000018808 _____ () C:\Users\Tom78\ResourceReader.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000020856 _____ (Schneider Electric) C:\Users\Tom78\ru_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000019832 _____ (Schneider Electric) C:\Users\Tom78\zh_res.dll
2019-03-31 23:44 - 2019-04-24 16:17 - 038595778 _____ () C:\Users\Tom78\AppData\Roaming\gta5_patch.bin
2019-03-31 23:44 - 2019-03-31 23:44 - 000332800 _____ () C:\Users\Tom78\AppData\Roaming\patcher.dll
2017-12-20 14:29 - 2017-12-20 16:19 - 000029696 _____ () C:\Users\Tom78\AppData\Local\MSGBOX.EXE

C:\Program Files\IObit
C:\Program Files (x86)\IObit
C:\Program Files\Common Files\IObit
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\Tom78\AppData\Local\IObit
C:\Users\Tom78\AppData\LocalLow\IObit
C:\Users\Tom78\AppData\Roaming\IObit
C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Default\AppData\Local\IObit
C:\Users\Default\AppData\LocalLow\IObit
C:\Users\Default\AppData\Roaming\IObit
C:\Users\Public\Desktop\*Driver Booster*
C:\Users\Public\Desktop\*Advanced SystemCare*
C:\Windows\IObit
C:\Windows\Tasks\ImCleanDisabled
C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: Prosím o kontrolu logu. Děkuji.

Napsal: 07 čer 2019 00:12
od pan Hankey
Fix result of Farbar Recovery Scan Tool (x64) Version: 06-06-2019
Ran by Tom78 (07-06-2019 01:00:32) Run:2
Running from C:\Users\Tom78\Desktop
Loaded Profiles: Tom78 (Available Profiles: Tom78)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Windows\System32\Drivers\aesfpkwp.sys
ExportKey: HKLM\SOFTWARE\Policies\Mozilla\Firefox

HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
U3 aesfpkwp; C:\Windows\System32\Drivers\aesfpkwp.sys [0 0000-00-00] (Intel Corporation) <==== ATTENTION (zero byte File/Folder)
2019-06-05 17:06 - 2019-06-05 17:06 - 000000000 ____D C:\Users\Tom78\Desktop\FRST-OlderVersion
2019-05-13 21:07 - 2019-05-13 21:07 - 000000000 ____D C:\Users\Tom78\AppData\Local\SquirrelTemp
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\en_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\es_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021880 _____ (Schneider Electric) C:\Users\Tom78\fr_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021880 _____ (Schneider Electric) C:\Users\Tom78\grm_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\it_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000020344 _____ (Schneider Electric) C:\Users\Tom78\jp_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 001079808 _____ (Microsoft Corporation) C:\Users\Tom78\mfc80u.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000626688 _____ (Microsoft Corporation) C:\Users\Tom78\msvcr80.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 013923704 _____ (Schneider Electric) C:\Users\Tom78\PCPE Setup.exe
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\pt_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000018808 _____ () C:\Users\Tom78\ResourceReader.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000020856 _____ (Schneider Electric) C:\Users\Tom78\ru_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000019832 _____ (Schneider Electric) C:\Users\Tom78\zh_res.dll
2019-03-31 23:44 - 2019-04-24 16:17 - 038595778 _____ () C:\Users\Tom78\AppData\Roaming\gta5_patch.bin
2019-03-31 23:44 - 2019-03-31 23:44 - 000332800 _____ () C:\Users\Tom78\AppData\Roaming\patcher.dll
2017-12-20 14:29 - 2017-12-20 16:19 - 000029696 _____ () C:\Users\Tom78\AppData\Local\MSGBOX.EXE

C:\Program Files\IObit
C:\Program Files (x86)\IObit
C:\Program Files\Common Files\IObit
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\Tom78\AppData\Local\IObit
C:\Users\Tom78\AppData\LocalLow\IObit
C:\Users\Tom78\AppData\Roaming\IObit
C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Default\AppData\Local\IObit
C:\Users\Default\AppData\LocalLow\IObit
C:\Users\Default\AppData\Roaming\IObit
C:\Users\Public\Desktop\*Driver Booster*
C:\Users\Public\Desktop\*Advanced SystemCare*
C:\Windows\IObit
C:\Windows\Tasks\ImCleanDisabled
C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 74
Average :
Sum : 12151500
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========


========================= File: C:\Windows\System32\Drivers\aesfpkwp.sys ========================

"C:\Windows\System32\Drivers\aesfpkwp.sys" => not found
====== End of File: ======

================== ExportKey: ===================

[HKLM\SOFTWARE\Policies\Mozilla\Firefox]
[HKLM\SOFTWARE\Policies\Mozilla\Firefox\Certificates]
"ImportEnterpriseRoots"="1"

=== End of ExportKey ===
"HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => removed successfully
aesfpkwp => service not found.
C:\Users\Tom78\Desktop\FRST-OlderVersion => moved successfully
C:\Users\Tom78\AppData\Local\SquirrelTemp => moved successfully
C:\Users\Tom78\en_res.dll => moved successfully
C:\Users\Tom78\es_res.dll => moved successfully
C:\Users\Tom78\fr_res.dll => moved successfully
C:\Users\Tom78\grm_res.dll => moved successfully
C:\Users\Tom78\it_res.dll => moved successfully
C:\Users\Tom78\jp_res.dll => moved successfully
C:\Users\Tom78\mfc80u.dll => moved successfully
C:\Users\Tom78\msvcr80.dll => moved successfully
C:\Users\Tom78\PCPE Setup.exe => moved successfully
C:\Users\Tom78\pt_res.dll => moved successfully
C:\Users\Tom78\ResourceReader.dll => moved successfully
C:\Users\Tom78\ru_res.dll => moved successfully
C:\Users\Tom78\zh_res.dll => moved successfully
C:\Users\Tom78\AppData\Roaming\gta5_patch.bin => moved successfully
C:\Users\Tom78\AppData\Roaming\patcher.dll => moved successfully
C:\Users\Tom78\AppData\Local\MSGBOX.EXE => moved successfully
"C:\Program Files\IObit" => not found
C:\Program Files (x86)\IObit => moved successfully
"C:\Program Files\Common Files\IObit" => not found
C:\ProgramData\IObit => moved successfully
C:\ProgramData\ProductData => moved successfully
"C:\Users\Tom78\AppData\Local\IObit" => not found
C:\Users\Tom78\AppData\LocalLow\IObit => moved successfully
C:\Users\Tom78\AppData\Roaming\IObit => moved successfully

=========== "C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ==========

not found

========= End -> "C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ========


=========== "C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ========

"C:\Users\Default\AppData\Local\IObit" => not found
"C:\Users\Default\AppData\LocalLow\IObit" => not found
"C:\Users\Default\AppData\Roaming\IObit" => not found

=========== "C:\Users\Public\Desktop\*Driver Booster*" ==========

not found

========= End -> "C:\Users\Public\Desktop\*Driver Booster*" ========


=========== "C:\Users\Public\Desktop\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Public\Desktop\*Advanced SystemCare*" ========

C:\Windows\IObit => moved successfully
"C:\Windows\Tasks\ImCleanDisabled" => not found
"C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5801770 B
Java, Flash, Steam htmlcache => 367439426 B
Windows/system/drivers => 2627687 B
Edge => 0 B
Chrome => 1074920723 B
Firefox => 1094450808 B
Opera => 1165679180 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 0 B
Tom78 => 14311465 B

RecycleBin => 0 B
EmptyTemp: => 3.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 01:02:10 ====

Re: Prosím o kontrolu logu. Děkuji.

Napsal: 07 čer 2019 15:53
od Conder
:arrow: Ako to vyzera s PC? Su nejake problemy?

Re: Prosím o kontrolu logu. Děkuji.

Napsal: 07 čer 2019 20:55
od pan Hankey
Celkem dobrý.

Re: Prosím o kontrolu logu. Děkuji.

Napsal: 07 čer 2019 23:43
od Conder
:arrow: Logy vyzeraju OK. Ak uz uz teda nie su ziadne problemy, tak este upraceme po pouzitych nastrojoch:

Re: Prosím o kontrolu logu. Děkuji.

Napsal: 08 čer 2019 20:12
od pan Hankey
Hotovo. Jestli je to všechno tak děkuji za pomoc.

# DelFix v1.013 - Logfile created 08/06/2019 at 21:08:07
# Updated 17/04/2016 by Xplode
# Username : Tom78 - STROJ
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\RSIT
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Tom78\Desktop\Addition.txt
Deleted : C:\Users\Tom78\Desktop\adwcleaner_7.3.exe
Deleted : C:\Users\Tom78\Desktop\Fixlog.txt
Deleted : C:\Users\Tom78\Desktop\FRST.txt
Deleted : C:\Users\Tom78\Desktop\FRST64.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

########## - EOF - ##########

Re: Prosím o kontrolu logu. Děkuji.

Napsal: 09 čer 2019 15:33
od Conder
Ano, to by bolo vsetko. Nie je zaco, rad som pomohol :)

Re: Prosím o kontrolu logu. Děkuji.

Napsal: 09 čer 2019 19:36
od pan Hankey
Děkuju

Re: Prosím o kontrolu logu. Děkuji.

Napsal: 10 čer 2019 17:27
od Conder
:) Thread zamykam ako vyriesene :closed:
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz