Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu, díky

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
JenKre
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 29 srp 2018 18:30

Kontrola logu, díky

#1 Příspěvek od JenKre »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23.08.2018
Ran by Honza (administrator) on I3 (29-08-2018 19:24:28)
Running from C:\Users\Honza\Downloads
Loaded Profiles: Honza (Available Profiles: Honza)
Platform: Windows 8.1 Enterprise (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Intel\eset\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(ESET) C:\Intel\eset\egui.exe
() C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Wargaming.net) C:\Games\World_of_Tanks\WargamingGameUpdater.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
(Elaborate Bytes AG) C:\Instal1\VirtualCloneDrive\VCDDaemon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-07-19] (AVAST Software)
HKLM\...\Run: [egui] => C:\Intel\eset\ecmds.exe [178504 2018-07-24] (ESET)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Instal1\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1 [0 2018-07-03] ()
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 [0 2018-07-03] ()
HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18364648 2018-05-24] (Piriform Ltd)
HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\Run: [World of Tanks] => C:\Hry\WoT\WargamingGameUpdater.exe [3134728 2016-09-26] (Wargaming.net)
HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\Run: [World of Tanks (1)] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net)
HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\MountPoints2: {34d84b34-8256-11e7-82f3-74d435444318} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\MountPoints2: {838f53a1-a744-11e8-8316-74d435444318} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\MountPoints2: {f855bb25-3251-11e8-8306-74d435444318} - "E:\HiSuiteDownLoader.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-05-05]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software)
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2015-08-29]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6201C6C9-74F2-442C-99F9-8C1ED24F184B}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-514960203-916159489-3134127490-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-514960203-916159489-3134127490-1001 -> {21F79914-82F8-4297-8ED4-BC739E39FC5A} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-514960203-916159489-3134127490-1001 -> {6D19D5AF-6273-4721-951C-42E338CAC184} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-514960203-916159489-3134127490-1001 -> {7547767D-B360-4FC2-ACE0-07FB4CCE2776} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-514960203-916159489-3134127490-1001 -> {872500C7-3C23-455F-AE38-EF3DD8EE3BDD} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-514960203-916159489-3134127490-1001 -> {8965A4B2-A566-4AFE-96BC-B8B1AAF15A41} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-514960203-916159489-3134127490-1001 -> {93C935CE-DB5E-477C-ABC2-DA6EA880D4F2} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-514960203-916159489-3134127490-1001 -> {9DE765E1-CC42-458B-A1A2-8FB8C0F77B1D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-514960203-916159489-3134127490-1001 -> {C014ADBB-075E-4FFB-8E08-B6357F2AD949} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-514960203-916159489-3134127490-1001 -> {C909EC7A-E184-403B-AAF2-59ED730237DC} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-07-19] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-05-05] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-07-19] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-05-05] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: lux8k3l2.default
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lux8k3l2.default [2018-08-29]
FF Homepage: Mozilla\Firefox\Profiles\lux8k3l2.default -> hxxp://www.seznam.cz/
FF NewTabOverride: Mozilla\Firefox\Profiles\lux8k3l2.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lux8k3l2.default\Extensions\cs@dictionaries.addons.mozilla.org [2016-09-02] [Legacy]
FF Extension: (Seznam doplněk - Esko) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lux8k3l2.default\Extensions\sko-extension@firma.seznam.cz.xpi [2018-06-06]
FF Extension: (Avast SafePrice) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lux8k3l2.default\Extensions\sp@avast.com.xpi [2017-12-04]
FF Extension: (uBlock Origin) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lux8k3l2.default\Extensions\uBlock0@raymondhill.net.xpi [2018-08-27]
FF Extension: (Avast Online Security) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lux8k3l2.default\Extensions\wrc@avast.com.xpi [2018-07-19]
FF Extension: (Video DownloadHelper) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lux8k3l2.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-01]
FF Extension: (Greasemonkey) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lux8k3l2.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-08-29]
FF SearchPlugin: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lux8k3l2.default\searchplugins\youtube.xml [2015-05-15]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-08-17] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-08-17] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-05-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-05-05] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-514960203-916159489-3134127490-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Honza\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-14] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR NewTab: Default -> Not-active:"chrome-extension://blmojkbhnkkphngknkmgccmlenfaelkd/speeddial/newTab.html", Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default [2018-08-29]
CHR Extension: (Dokumenty) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-31]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-05-05]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-05-05]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-31]
CHR Extension: (Vyhledávání Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-16]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-08-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-25]
CHR Extension: (Avast Online Security) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-05-05]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-13]
CHR Extension: (Chrome Media Router) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-11]
CHR Extension: (Geoseznam) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkejgpgaflkeonkliblcplomemekogop [2018-08-25]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-07-19] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-07-19] (AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [8730648 2018-07-27] (AVAST Software)
R2 ekrn; C:\Intel\eset\ekrn.exe [2330224 2018-07-24] (ESET)
R3 ekrnEpfw; C:\Intel\eset\ekrn.exe [2330224 2018-07-24] (ESET)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-08-16] (Intel Corporation) [File not signed]
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2016-01-03] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [103736 2016-01-03] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [197160 2018-07-19] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229392 2018-07-19] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201328 2018-07-19] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-07-19] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59592 2018-07-19] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239680 2018-07-19] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-07-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [159640 2018-07-19] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111872 2018-07-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85968 2018-07-19] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027728 2018-07-19] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [465640 2018-08-24] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [211160 2018-07-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381584 2018-07-19] (AVAST Software)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [143624 2018-07-24] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241880 2015-03-10] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15872 2018-04-13] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [196112 2018-07-24] (ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [110376 2018-07-24] (ESET)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2018-03-11] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [54896 2017-11-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57976 2017-10-11] (NVIDIA Corporation)
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2016-08-13] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-29 19:24 - 2018-08-29 19:25 - 000023594 _____ C:\Users\Honza\Downloads\FRST.txt
2018-08-29 19:24 - 2018-08-29 19:24 - 000000000 ____D C:\FRST
2018-08-29 19:23 - 2018-08-29 19:24 - 002413056 _____ (Farbar) C:\Users\Honza\Downloads\FRST64.exe
2018-08-29 13:00 - 2018-08-29 16:40 - 3869700149 _____ C:\Users\Honza\Downloads\POLICIE MODRAVA 2.rar
2018-08-27 19:00 - 2018-08-27 19:00 - 000264611 _____ C:\Users\Honza\Downloads\ESET NOD32 Antivirus 11 1 54 0 (x86+x64) + Crack [CracksNow].zip
2018-08-27 16:51 - 2018-08-27 18:42 - 1864184041 _____ C:\Users\Honza\Downloads\Policie Modrava II-4.díl případ starosta dvd.rip@.mkv
2018-08-27 13:32 - 2018-08-27 14:35 - 1153241384 _____ C:\Users\Honza\Downloads\POLICIE MODRAVA II. 03.Magická síla (2017) CZ (78PT).avi
2018-08-27 12:35 - 2018-08-27 13:27 - 937254134 _____ C:\Users\Honza\Downloads\Police Modrava II. - 2. díl - Případ u dračí skály.avi
2018-08-27 10:49 - 2018-08-27 12:25 - 1766707884 _____ C:\Users\Honza\Downloads\Policie Modrava II-1.Díl. Nehoda dvd.rip.@.mkv
2018-08-26 10:04 - 2018-08-26 11:21 - 1396177918 _____ C:\Users\Honza\Downloads\Deadpool 2 cz dabing (2018).avi
2018-08-24 10:39 - 2018-08-24 10:39 - 000000781 _____ C:\Users\Honza\Desktop\World of Tanks.lnk
2018-08-24 10:39 - 2018-08-24 10:39 - 000000000 ____D C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2018-08-24 10:36 - 2018-08-24 10:36 - 004685584 _____ (Wargaming.net ) C:\Users\Honza\Downloads\WoT_internet_install_eu_bnv7fvmtmyym.exe
2018-08-24 02:31 - 2018-08-24 02:31 - 331075033 _____ C:\Users\Honza\AppData\Local\ACCCx4_6_0_391.zip.aamdownload
2018-08-24 02:31 - 2018-08-24 02:31 - 000003672 _____ C:\Users\Honza\AppData\Local\ACCCx4_6_0_391.zip.aamdownload.aamd
2018-08-17 20:46 - 2018-07-19 09:06 - 007371616 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-17 20:46 - 2018-07-19 08:48 - 001737600 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-17 20:46 - 2018-07-19 08:15 - 025745408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-17 20:46 - 2018-07-19 06:35 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-17 20:46 - 2018-07-19 06:33 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-17 20:46 - 2018-07-19 06:33 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-17 20:46 - 2018-07-19 06:30 - 005778432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-17 20:46 - 2018-07-19 06:23 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-17 20:46 - 2018-07-19 06:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-08-17 20:46 - 2018-07-19 06:22 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-17 20:46 - 2018-07-19 06:22 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-17 20:46 - 2018-07-19 06:21 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-17 20:46 - 2018-07-19 06:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-08-17 20:46 - 2018-07-19 06:03 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-17 20:46 - 2018-07-19 06:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-08-17 20:46 - 2018-07-19 05:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-08-17 20:46 - 2018-07-19 05:55 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-08-17 20:46 - 2018-07-19 05:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-08-17 20:46 - 2018-07-19 05:53 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-08-17 20:46 - 2018-07-19 05:47 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-17 20:46 - 2018-07-19 05:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-17 20:46 - 2018-07-19 05:45 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-17 20:46 - 2018-07-19 05:45 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-17 20:46 - 2018-07-19 05:43 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-17 20:46 - 2018-07-19 05:34 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-08-17 20:46 - 2018-07-19 05:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-08-17 20:46 - 2018-07-19 05:31 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-17 20:46 - 2018-07-19 05:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-08-17 20:46 - 2018-07-19 05:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-08-17 20:46 - 2018-07-19 05:28 - 002882048 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-08-17 20:46 - 2018-07-19 05:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-08-17 20:46 - 2018-07-19 05:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-08-17 20:46 - 2018-07-19 05:28 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-08-17 20:46 - 2018-07-19 05:20 - 001554944 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-17 20:46 - 2018-07-19 05:17 - 001049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-08-17 20:46 - 2018-07-19 05:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-08-17 20:46 - 2018-07-19 05:09 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-17 20:46 - 2018-07-19 05:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-08-17 20:46 - 2018-07-19 05:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-08-17 20:46 - 2018-07-13 09:51 - 002452824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-08-17 20:46 - 2018-07-07 20:33 - 001548632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-08-17 20:46 - 2018-07-07 19:05 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-17 20:46 - 2018-07-07 19:02 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-17 20:46 - 2018-07-07 19:00 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-17 20:46 - 2018-07-07 18:33 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-08-17 20:46 - 2018-07-07 18:31 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-08-17 20:46 - 2018-07-06 19:37 - 001754624 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2018-08-17 20:46 - 2018-07-06 18:36 - 001491968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2018-08-17 20:46 - 2018-06-30 20:00 - 001113952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-17 20:46 - 2018-06-27 20:10 - 000559104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2018-08-17 20:46 - 2018-06-27 19:48 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2018-08-17 20:46 - 2018-06-24 17:11 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-17 20:46 - 2018-06-24 17:04 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-08-17 20:46 - 2018-06-19 15:38 - 003611136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-08-17 20:46 - 2018-06-19 15:38 - 003321344 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-17 20:46 - 2018-06-19 15:31 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-08-17 20:46 - 2018-06-19 15:29 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-17 20:46 - 2018-06-16 17:03 - 002779136 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-17 20:46 - 2018-06-16 16:59 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-08-17 20:46 - 2018-06-15 06:34 - 000923512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2018-08-17 20:46 - 2018-06-15 04:28 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-08-17 20:46 - 2018-06-15 04:12 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2018-08-17 20:46 - 2018-06-15 04:00 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-08-17 20:46 - 2018-06-15 03:55 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2018-08-17 20:46 - 2018-06-15 03:43 - 000186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2018-08-17 20:46 - 2018-06-15 03:26 - 000514560 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2018-08-17 20:46 - 2018-06-15 03:22 - 000866304 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2018-08-17 20:46 - 2018-06-15 03:19 - 000399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2018-08-17 20:46 - 2018-06-08 20:47 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-08 17:39 - 2018-08-08 18:19 - 698776734 _____ C:\Users\Honza\Downloads\'T.Burton... mě připomíná Svatební košili K.J.Erbena' Corpse Bride (2005) DabCz.avi
2018-08-03 07:08 - 2018-08-03 23:35 - 1436418045 _____ C:\Users\Honza\Downloads\Chronicles Of The Ghostly Tribe 2015 CZTitulky.mkv.mp4
2018-08-02 14:48 - 2018-08-02 16:44 - 2139778598 _____ C:\Users\Honza\Downloads\Love (2015) - Láska.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-29 19:19 - 2016-03-04 17:24 - 006076416 ___SH C:\Users\Honza\Downloads\Thumbs.db
2018-08-29 19:10 - 2016-11-18 21:29 - 000000000 ____D C:\Users\Honza\AppData\LocalLow\Mozilla
2018-08-29 19:10 - 2015-09-28 09:21 - 000000000 ____D C:\Users\Honza\AppData\Roaming\Seznam.cz
2018-08-29 17:55 - 2015-05-06 22:49 - 000003758 _____ C:\Windows\System32\Tasks\AutoKMS
2018-08-29 17:51 - 2015-05-06 20:52 - 000003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{44B6FB5B-20F3-4754-B322-AE0DA8F02ADB}
2018-08-29 12:25 - 2015-05-06 21:07 - 000000000 ____D C:\ProgramData\NVIDIA
2018-08-29 06:34 - 2015-05-07 17:23 - 000000000 ____D C:\Users\Honza\AppData\Local\Adobe
2018-08-27 17:52 - 2018-07-21 06:36 - 000000000 ____D C:\Users\Honza\AppData\Local\AVAST Software
2018-08-27 17:50 - 2015-06-17 19:03 - 000000000 ___RD C:\Users\Honza\OneDrive
2018-08-27 17:48 - 2015-05-07 02:35 - 000000000 ____D C:\Users\Honza
2018-08-27 17:48 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-26 19:45 - 2014-03-18 17:49 - 001742514 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-26 19:45 - 2014-03-18 17:01 - 000734306 _____ C:\Windows\system32\perfh005.dat
2018-08-26 19:45 - 2014-03-18 17:01 - 000149150 _____ C:\Windows\system32\perfc005.dat
2018-08-26 19:45 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2018-08-25 13:09 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2018-08-24 19:03 - 2017-12-04 20:02 - 000465640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-08-24 10:48 - 2015-05-06 20:53 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-514960203-916159489-3134127490-1001
2018-08-24 10:39 - 2017-09-09 17:15 - 000000000 ____D C:\Games
2018-08-24 02:35 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\NDF
2018-08-23 23:03 - 2017-12-04 20:02 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-08-18 06:03 - 2018-06-09 11:33 - 005102552 _____ C:\Windows\system32\FNTCACHE.DAT
2018-08-18 06:02 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-08-18 06:00 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2018-08-17 21:18 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2018-08-17 21:15 - 2015-05-12 18:46 - 000000000 ____D C:\Windows\system32\MRT
2018-08-17 21:13 - 2015-05-12 18:46 - 137343192 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-08-17 20:31 - 2018-03-13 14:35 - 000004516 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-08-17 20:31 - 2015-05-08 15:47 - 000004372 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-08-17 20:30 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-08-17 20:30 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2018-08-17 20:27 - 2015-05-07 17:24 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-13 19:26 - 2016-11-18 14:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-08-13 19:26 - 2015-05-07 17:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-08-13 19:14 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2018-08-10 15:42 - 2015-06-11 20:02 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-10 15:42 - 2015-06-11 20:02 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-10 10:11 - 2015-05-07 17:18 - 000001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-08-04 01:46 - 2018-07-12 09:03 - 000836480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-08-04 01:46 - 2018-07-12 09:03 - 000181120 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-08-01 14:40 - 2018-02-24 14:36 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update

==================== Files in the root of some directories =======

2016-12-26 17:08 - 2016-12-26 17:08 - 000099384 _____ () C:\Users\Honza\AppData\Roaming\inst.exe
2016-12-26 17:08 - 2016-12-26 17:08 - 000007859 _____ () C:\Users\Honza\AppData\Roaming\pcouffin.cat
2016-12-26 17:08 - 2016-12-26 17:08 - 000001167 _____ () C:\Users\Honza\AppData\Roaming\pcouffin.inf
2016-12-26 17:08 - 2016-12-26 17:08 - 000000055 _____ () C:\Users\Honza\AppData\Roaming\pcouffin.log
2016-12-26 17:08 - 2016-12-26 17:08 - 000082816 _____ (VSO Software) C:\Users\Honza\AppData\Roaming\pcouffin.sys
2017-03-27 17:41 - 2017-03-27 17:41 - 318912029 _____ () C:\Users\Honza\AppData\Local\ACCCx3_9_5_353.zip.aamdownload
2017-03-27 17:41 - 2017-03-27 17:41 - 000003560 _____ () C:\Users\Honza\AppData\Local\ACCCx3_9_5_353.zip.aamdownload.aamd
2018-08-24 02:31 - 2018-08-24 02:31 - 331075033 _____ () C:\Users\Honza\AppData\Local\ACCCx4_6_0_391.zip.aamdownload
2018-08-24 02:31 - 2018-08-24 02:31 - 000003672 _____ () C:\Users\Honza\AppData\Local\ACCCx4_6_0_391.zip.aamdownload.aamd

Some files in TEMP:
====================
2018-08-24 02:31 - 2015-03-05 08:54 - 002212008 _____ (Adobe Systems Incorporated) C:\Users\Honza\AppData\Local\Temp\AdobeApplicationManager.exe
2018-07-29 17:33 - 2018-03-09 23:20 - 001737592 _____ (Microsoft Corporation) C:\Users\Honza\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-08-24 03:52

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.08.2018
Ran by Honza (29-08-2018 19:25:49)
Running from C:\Users\Honza\Downloads
Windows 8.1 Enterprise (Update) (X64) (2015-05-07 00:35:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-514960203-916159489-3134127490-500 - Administrator - Disabled)
Guest (S-1-5-21-514960203-916159489-3134127490-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-514960203-916159489-3134127490-1003 - Limited - Enabled)
Honza (S-1-5-21-514960203-916159489-3134127490-1001 - Administrator - Enabled) => C:\Users\Honza

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Disabled - Out of date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.28 - GIGABYTE)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 31.1.10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.1.10.0 - NVIDIA Corporation) Hidden
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 18.1.5273 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Canon iP1300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP1300) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.43 - Piriform)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
Crossout Launcher 1.0.3.38 (HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\CrossOutLauncher_is1) (Version: - )
DVD Flick (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.2 - )
Easy Tune 6 B13.0305.1 (HKLM-x32\...\{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Hidden
Easy Tune 6 B13.0305.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 11.1.54.0 - ESET, spol. s r.o.)
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{DC7720F2-98BE-41C1-B0A8-E391362E86B8}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries)
Geeks3D.com FurMark 1.10.3 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D.com)
GeoGet verze 2.9.7.771 (HKLM-x32\...\GeoGet_is1) (Version: 2.9.7.771 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
HD Tach version 3 (HKLM-x32\...\HD Tach_is1) (Version: - Simpli Software, Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 172 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
jetAudio Basic (HKLM-x32\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.1.0 - COWON)
KMSpico v9.3.3 (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: 9.3.2 - )
Malware Protection Live (HKLM-x32\...\MalwareProtectionLive) (Version: - ) <==== ATTENTION
Metro 2033 - Redux (HKLM-x32\...\Metro 2033 - Redux_is1) (Version: 1.0.0.7 - Deep Silver)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
MKV TO AVI CONVERTER version 3.0 (HKLM-x32\...\MKV TO AVI CONVERTER_is1) (Version: - )
ModifyRegistry version 0.1 (HKLM-x32\...\{1D5BE6B5-7FD4-4A78-90F2-AF6B53BC8C1C}_is1) (Version: 0.1 - VIA Technologies, Inc.)
Mozilla Firefox 61.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 61.0.2 (x64 cs)) (Version: 61.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 61.0.2.6793 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.0 - Rockstar Games)
RogueKiller verze 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
Seznam prohlížeč (HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\Seznam Browser) (Version: 4.4.2 - Seznam.cz a.s.)
Seznam Software (HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\SeznamInstall) (Version: - Seznam.cz)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TOPO Czech PRO 2013 (HKLM-x32\...\{1278ABFC-E3E6-434B-A302-BB0E4949B87D}) (Version: 7.00 - PICODAS PRAHA, spol. s r.o.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Unity Web Player (HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\UnityWebPlayer) (Version: 5.3.6f1 - Unity Technologies ApS)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.9.0 - Elaborate Bytes)
VSO ConvertXToDVD 6 (HKLM-x32\...\{8FC36FA6-C508-44FB-B137-1CB46D8258B2}_is1) (Version: 6.0.0.80 - VSO Software)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wolfenstein New Order version 1.1.0 (HKLM-x32\...\Wolfenstein New Order_is1) (Version: 1.1.0 - REPACKY BY TOMI2K9)
World of Tanks (HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-19] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-19] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-19] (AVAST Software)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Intel\eset\shellExt.dll [2018-07-24] (ESET)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Instal1\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Instal1\winrar\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Instal1\winrar\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Intel\eset\shellExt.dll [2018-07-24] (ESET)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Instal1\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-19] (AVAST Software)
ContextMenuHandlers3: [jetAudio] -> {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} => C:\Program Files (x86)\JetAudio\JetFlExt64.dll [2013-05-09] (JetAudio)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-19] (AVAST Software)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Intel\eset\shellExt.dll [2018-07-24] (ESET)
ContextMenuHandlers6: [jetAudio] -> {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} => C:\Program Files (x86)\JetAudio\JetFlExt64.dll [2013-05-09] (JetAudio)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Instal1\winrar\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Instal1\winrar\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00A7A4C3-88A9-49D1-98F2-700AF8110418} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-03-14] (NVIDIA Corporation)
Task: {05423918-394E-448F-9743-E9234CF37E65} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {140A90BA-F6CE-45A0-BEF4-473A1F9C4055} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {1F63F079-3CB5-4B33-B3E7-75D948636A72} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {2C796998-2BAF-4A70-9437-EB8F8638BA47} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {45D5D843-E4CB-4E63-AB7C-84894A78B7C0} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-23] (AVAST Software)
Task: {4C8423BE-25D8-46EB-BA57-EB0EFFD9808B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-24] (Piriform Ltd)
Task: {5D74BBD9-35C1-439A-8F4F-A1B8F3ACC07D} - \AutoPico Daily Restart -> No File <==== ATTENTION
Task: {68BE7594-3D23-4B21-931B-7AC20BCB90C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {7278C144-D094-4FA7-92B8-D56DDFB013D3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-08-17] (AVAST Software)
Task: {842D1C63-9512-4CD8-8B6B-BE3E47D36FEE} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [2018-07-27] (AVAST Software)
Task: {8EAF9A1A-73B0-494F-A912-4E4C21E6A66B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-24] (Piriform Ltd)
Task: {9047DBE3-187B-4BDC-8C24-B3A13240FB80} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {9209A248-E495-4108-BC7F-8D21E3DDCD9D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-17] (Adobe Systems Incorporated)
Task: {987F5420-FC99-47C7-93C6-9B3117259D04} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A4016205-EC3A-465F-A5C7-5A983AC0ADAD} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-Jenda.Krejcu@seznam.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26] (Adobe Systems Incorporated)
Task: {A86F72CD-CD05-4329-B571-62D4A9A7E327} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-03-14] (NVIDIA Corporation)
Task: {A9AE5247-F2EB-459F-9494-1B766FB1BEEE} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-05-06] ()
Task: {AA2392F2-B7EA-4E77-9E48-324DE157D894} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-08-17] (Adobe Systems Incorporated)
Task: {D3D81E38-BB8E-4236-9B34-ABC622441FBD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-03-14] (NVIDIA Corporation)
Task: {D86D5F51-033A-4F02-AA1C-EF2AC86B50D0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {E92519E7-904A-4CBD-9144-5DB114470117} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {EA191185-33EE-4030-B3D8-8F880ADE54F0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {EA4E0575-13A1-4C75-AE7C-397E1E3703B1} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-03-14] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-05-06 21:07 - 2017-10-27 18:12 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-12-10 10:20 - 2018-03-14 15:05 - 001267648 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-01-03 15:33 - 2016-01-03 15:33 - 000066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-01-03 15:34 - 2016-01-03 15:34 - 000103736 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2018-04-06 07:39 - 2017-11-13 16:46 - 000092368 _____ () C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\26146libfoxloader-x64.dll
2015-09-28 09:21 - 2017-11-13 16:38 - 000506064 _____ () C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2015-09-28 09:21 - 2017-02-08 13:39 - 000080576 _____ () C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2018-05-24 19:51 - 2018-05-24 19:51 - 000084808 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2017-11-24 11:11 - 2017-11-13 16:49 - 000085200 _____ () C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\28885libfoxloader.dll
2017-12-10 10:20 - 2018-03-14 15:05 - 001041344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-09-28 09:21 - 2018-02-21 11:36 - 000869584 _____ () C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2018-05-05 09:31 - 2016-09-12 14:53 - 048936448 _____ () C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
2018-08-24 04:02 - 2018-08-24 04:02 - 000016384 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\b3094a5333b71616e05cd841d8e683bd\PSIClient.ni.dll
2018-03-13 15:27 - 2018-03-13 15:27 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-07-19 09:42 - 2018-07-19 09:42 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-07-19 09:42 - 2018-07-19 09:42 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2015-05-06 22:43 - 2012-06-25 10:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2018-08-29 17:33 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-514960203-916159489-3134127490-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Honza\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6CD7ED58-EAB6-4CFE-9E4E-04EF9DB06A49}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{328A3D8A-C352-4129-A3A6-2583E640D004}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{6FB945BD-04B3-4543-A460-D3AE5048F4ED}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{964AA8DA-8AA8-432C-8C0D-7FD9A5537EA7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8BDC6D52-12BE-4977-9B9C-E974AC96DA77}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1B5D3F7E-9A28-4E7A-A7B7-A0AAF268B957}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1F36931E-979A-480A-908C-5B58E04098DA}C:\hry\gta v\gta5.exe] => (Allow) C:\hry\gta v\gta5.exe
FirewallRules: [UDP Query User{00D4A6A8-ABED-40BA-BCE8-372074FD8125}C:\hry\gta v\gta5.exe] => (Allow) C:\hry\gta v\gta5.exe
FirewallRules: [{AC8EB98D-AEEC-4074-B5FD-01EA3DF72DA0}] => (Allow) D:\RouterSetup\QISWizard.exe
FirewallRules: [{7CF82BF5-1D28-4DEF-BEF6-C930F4ADA7D1}] => (Allow) D:\RouterSetup\QISWizard.exe
FirewallRules: [{023B443C-1ED8-4885-9AF2-FB8F0C2253EB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{394F29FE-AB12-4224-A70A-EEB11B78DD28}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C9664DE8-5A2B-418B-BE93-D45A7A26E98D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6F93441A-93F8-4CBD-ADCB-C9FB83ECEF2A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6EB9ED47-C7B9-4A62-B05C-1B2B1F8BCDB7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{592F994E-0C8B-43D4-A4AC-30F0F53E8538}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C4AC7A53-19C0-4289-B8E2-4D5C18548D30}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{EB597B6D-3F44-4E82-BBFE-8C3CE080FE8B}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [TCP Query User{83792D1E-160C-4099-A993-E0DF594132B8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8016F79E-B16D-4B7C-AB0C-886DB6A2138F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{913E4A8B-3A53-4EFA-9B96-B5A708751A1E}C:\users\honza\appdata\local\crossout\launcher.exe] => (Allow) C:\users\honza\appdata\local\crossout\launcher.exe
FirewallRules: [UDP Query User{FF795385-EB7F-4775-AFBD-31AAF8F864ED}C:\users\honza\appdata\local\crossout\launcher.exe] => (Allow) C:\users\honza\appdata\local\crossout\launcher.exe
FirewallRules: [{4A7C6EA8-2A18-43B9-A1EE-466949E0F676}] => (Allow) LPort=1688
FirewallRules: [{59D2F7C4-3BAF-4FF8-A6CE-8F26CA0DB01D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E04C3EC7-0302-4F10-8314-80BFEBEC5D87}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{94FDBF76-FB82-4F61-847A-A8BFB688300A}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{6D0BDE58-20F3-42B5-ACC0-002BCCE27D88}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [TCP Query User{7FC82DBC-3A22-4A33-98A3-6B44905CF879}C:\hry\gta v\gta5.exe] => (Block) C:\hry\gta v\gta5.exe
FirewallRules: [UDP Query User{4DEAE60C-3F60-4A4D-BA4B-51E758638E9E}C:\hry\gta v\gta5.exe] => (Block) C:\hry\gta v\gta5.exe
FirewallRules: [TCP Query User{BE23CE3A-9991-446A-BA1C-D0042FA77EB0}C:\users\honza\appdata\local\crossout\launcher.exe] => (Allow) C:\users\honza\appdata\local\crossout\launcher.exe
FirewallRules: [UDP Query User{75ADA1B6-B208-45A5-9724-65D26F04CD46}C:\users\honza\appdata\local\crossout\launcher.exe] => (Allow) C:\users\honza\appdata\local\crossout\launcher.exe
FirewallRules: [TCP Query User{1DA905E8-BD74-4CDE-A703-E0EA801718CD}C:\hry\metro 2033 - redux\metro.exe] => (Allow) C:\hry\metro 2033 - redux\metro.exe
FirewallRules: [UDP Query User{0BF53012-BA58-4E6E-A9AF-31CB36F25956}C:\hry\metro 2033 - redux\metro.exe] => (Allow) C:\hry\metro 2033 - redux\metro.exe
FirewallRules: [{8B0DDC18-6AA4-46FC-8843-C8323BCFA073}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E9DD6D78-7D0F-4E72-8E64-2888607EF97C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A39FCF43-DEB5-49D4-8E7F-F76C5DE649B6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{94EAAF23-F4DA-469B-96E0-A3D20D231BF5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BFD9AE70-5847-4F9C-A529-6B20A8EF0D75}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{78327086-7B8E-44F9-A69F-D4798C3FEC04}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{2EFE73C3-CFA3-4041-B035-AE1ADBE8AE46}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0EA2873E-C32C-443A-BF6C-63183942512C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{6F30DDA7-E4FE-4FB0-A44D-4F0996E56C81}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [TCP Query User{EB72E67B-C5B6-45FF-97A7-B442E4566639}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{73BC5CF9-E12C-4B6F-8CA6-762967315EDE}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{40C6CC0C-6AFF-4C30-BA54-A32DDFF4D863}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{B27B03E9-5C69-42C1-9FCF-369B61A9C088}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe

==================== Restore Points =========================

12-08-2018 02:30:16 Naplánovaný kontrolní bod
17-08-2018 21:09:11 Windows Update
25-08-2018 13:05:57 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/29/2018 07:03:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program GTA5.exe verze 1.0.1493.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1af8

Čas spuštění: 01d43fac29559d31

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Hry\GTA V\GTA5.exe

ID hlášení: 76c2d9f4-abad-11e8-8317-74d435444318

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/29/2018 05:31:05 AM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (5036) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Honza\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).

Error: (08/29/2018 05:31:05 AM) (Source: ESENT) (EventID: 489) (User: )
Description: DllHost (5036) WebCacheLocal: Pokus o otevření souboru C:\Users\Honza\AppData\Local\Microsoft\Windows\WebCache\V01.log jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (08/29/2018 05:30:54 AM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (5036) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Honza\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).

Error: (08/29/2018 05:30:54 AM) (Source: ESENT) (EventID: 489) (User: )
Description: DllHost (5036) WebCacheLocal: Pokus o otevření souboru C:\Users\Honza\AppData\Local\Microsoft\Windows\WebCache\V01.log jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (08/29/2018 05:30:44 AM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (5036) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Honza\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).

Error: (08/29/2018 05:30:44 AM) (Source: ESENT) (EventID: 489) (User: )
Description: DllHost (5036) WebCacheLocal: Pokus o otevření souboru C:\Users\Honza\AppData\Local\Microsoft\Windows\WebCache\V01.log jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (08/29/2018 05:30:34 AM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (5036) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Honza\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).


System errors:
=============
Error: (08/27/2018 05:48:13 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (17:41:29, ‎27. ‎8. ‎2018) bylo neočekávané.

Error: (08/18/2018 05:44:45 AM) (Source: Ntfs) (EventID: 138) (User: )
Description: Správce prostředků transakcí na C:\ zaznamenal závažnou chybu a byl ukončen. Data obsahují kód chyby.

Error: (08/17/2018 09:09:17 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a45\??\C:\Windows\AppCompat\Programs\Amcache.hve

Error: (08/13/2018 07:29:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla ukončena s následující chybou:
Byl proveden pokus o odkaz na neexistující token.

Error: (08/09/2018 10:35:08 PM) (Source: DCOM) (EventID: 10010) (User: I3)
Description: Server {4545DEA0-2DFC-4906-A728-6D986BA399A9} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/09/2018 10:35:08 PM) (Source: DCOM) (EventID: 10010) (User: I3)
Description: Server {4545DEA0-2DFC-4906-A728-6D986BA399A9} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/05/2018 10:46:21 PM) (Source: DCOM) (EventID: 10010) (User: I3)
Description: Server {4545DEA0-2DFC-4906-A728-6D986BA399A9} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/05/2018 10:46:21 PM) (Source: DCOM) (EventID: 10010) (User: I3)
Description: Server {4545DEA0-2DFC-4906-A728-6D986BA399A9} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2017-12-03 14:55:08.785
Description:
Prohledávání Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\Windows\Temp\SppExtComObjHook.dll
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT Authority\System
Název procesu: C:\Windows\System32\svchost.exe
Verze podpisu: AV: 1.257.1306.0, AS: 1.257.1306.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14306.0, NIS: 2.1.14202.0

Date: 2017-12-03 14:54:57.753
Description:
Prohledávání Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\Windows\Temp\SppExtComObjHook.dll
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel:
Název procesu: C:\Windows\System32\svchost.exe
Verze podpisu: AV: 1.257.1306.0, AS: 1.257.1306.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14306.0, NIS: 2.1.14202.0

Date: 2017-12-03 14:54:57.331
Description:
Prohledávání Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\Windows\Temp\SppExtComObjHook.dll
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT Authority\System
Název procesu: System
Verze podpisu: AV: 1.257.1306.0, AS: 1.257.1306.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14306.0, NIS: 2.1.14202.0

Date: 2017-12-03 11:04:05.081
Description:
Prohledávání Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: HackTool:MSIL/AutoKMS
ID: 2147711767
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\Program Files\KMSpico\AutoPico.exe;file:_C:\Program Files\KMSpico\KMSELDI.exe;file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk;file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk;file:_C:\Windows\System32\Tasks\AutoPico Daily Restart;regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D74BBD9-35C1-439A-8F4F-A1B8F3ACC07D};regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart;regkey:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1;startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk;startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk;taskscheduler:_C:\Windows\System32\Tasks\AutoPico Daily Restart;uninstall:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: i3\Honza
Název procesu: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\SwReporter\23.135.200\software_reporter_tool.exe
Verze podpisu: AV: 1.257.1306.0, AS: 1.257.1306.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14306.0, NIS: 2.1.14202.0

Date: 2017-12-03 10:13:30.867
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A73C23BE-BC9E-4FD0-B3BC-DFED87586E18}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2017-04-10 18:13:19.015
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

Date: 2017-04-10 18:05:49.383
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 0.0.0.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 0.0.0.0
Kód chyby: 0x8024001e
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2017-04-10 18:05:49.336
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 0.0.0.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 0.0.0.0
Kód chyby: 0x8024001e
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2016-07-31 12:52:06.065
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80073aba
Popis chyby: Prostředek je zastaralý, a proto není kompatibilní.
Verze podpisu: 1.155.266.0;1.155.266.0
Verze modulu: 1.1.9700.0

CodeIntegrity:
===================================

Date: 2018-02-23 18:22:41.860
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-23 18:22:41.720
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-23 18:22:41.579
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-23 18:22:41.439
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-23 18:22:41.298
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-23 18:22:41.142
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-23 18:22:41.017
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-23 18:22:40.860
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 34%
Total physical RAM: 6103.35 MB
Available physical RAM: 3971.57 MB
Total Virtual: 11105.11 MB
Available Virtual: 7581.55 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.5 GB) (Free:1145.74 GB) NTFS

\\?\Volume{9c2aab28-2843-4257-9fb4-43010a1fa9a6}\ (Obnovení) (Fixed) (Total:0.29 GB) (Free:0.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119426
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu, díky

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
JenKre
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 29 srp 2018 18:30

Re: Kontrola logu, díky

#3 Příspěvek od JenKre »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-08-29.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-29-2018
# Duration: 00:00:10
# OS: Windows 8.1 Enterprise
# Cleaned: 6
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Honza\AppData\Local\MalwareProtectionLive

***** [ Files ] *****

Deleted C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lux8k3l2.default\invalidprefs.js

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\26b6b4d063df431e0e2d530a57f410e6
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|MalwareProtectionLive
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MalwareProtectionLive

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Slunečnice

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1707 octets] - [29/08/2018 20:30:21]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119426
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu, díky

#4 Příspěvek od Rudy »

Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
JenKre
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 29 srp 2018 18:30

Re: Kontrola logu, díky

#5 Příspěvek od JenKre »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23.08.2018
Ran by Honza (administrator) on I3 (29-08-2018 21:43:38)
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza)
Platform: Windows 8.1 Enterprise (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Intel\eset\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(ESET) C:\Intel\eset\egui.exe
(Wargaming.net) C:\Games\World_of_Tanks\WargamingGameUpdater.exe
() C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
(Elaborate Bytes AG) C:\Instal1\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-07-19] (AVAST Software)
HKLM\...\Run: [egui] => C:\Intel\eset\ecmds.exe [178504 2018-07-24] (ESET)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Instal1\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18364648 2018-05-24] (Piriform Ltd)
HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\Run: [World of Tanks] => C:\Hry\WoT\WargamingGameUpdater.exe [3134728 2016-09-26] (Wargaming.net)
HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\Run: [World of Tanks (1)] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net)
HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\MountPoints2: {34d84b34-8256-11e7-82f3-74d435444318} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\MountPoints2: {838f53a1-a744-11e8-8316-74d435444318} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\MountPoints2: {f855bb25-3251-11e8-8306-74d435444318} - "E:\HiSuiteDownLoader.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-05-05]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software)
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2015-08-29]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6201C6C9-74F2-442C-99F9-8C1ED24F184B}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-514960203-916159489-3134127490-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-514960203-916159489-3134127490-1001 -> {21F79914-82F8-4297-8ED4-BC739E39FC5A} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-514960203-916159489-3134127490-1001 -> {6D19D5AF-6273-4721-951C-42E338CAC184} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-514960203-916159489-3134127490-1001 -> {7547767D-B360-4FC2-ACE0-07FB4CCE2776} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-514960203-916159489-3134127490-1001 -> {872500C7-3C23-455F-AE38-EF3DD8EE3BDD} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-514960203-916159489-3134127490-1001 -> {8965A4B2-A566-4AFE-96BC-B8B1AAF15A41} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-514960203-916159489-3134127490-1001 -> {93C935CE-DB5E-477C-ABC2-DA6EA880D4F2} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-514960203-916159489-3134127490-1001 -> {9DE765E1-CC42-458B-A1A2-8FB8C0F77B1D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-514960203-916159489-3134127490-1001 -> {C014ADBB-075E-4FFB-8E08-B6357F2AD949} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-514960203-916159489-3134127490-1001 -> {C909EC7A-E184-403B-AAF2-59ED730237DC} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-07-19] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-05-05] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-07-19] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-05-05] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: lux8k3l2.default
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lux8k3l2.default [2018-08-29]
FF Homepage: Mozilla\Firefox\Profiles\lux8k3l2.default -> hxxp://www.seznam.cz/
FF NewTabOverride: Mozilla\Firefox\Profiles\lux8k3l2.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lux8k3l2.default\Extensions\cs@dictionaries.addons.mozilla.org [2016-09-02] [Legacy]
FF Extension: (Seznam doplněk - Esko) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lux8k3l2.default\Extensions\sko-extension@firma.seznam.cz.xpi [2018-06-06]
FF Extension: (Avast SafePrice) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lux8k3l2.default\Extensions\sp@avast.com.xpi [2017-12-04]
FF Extension: (uBlock Origin) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lux8k3l2.default\Extensions\uBlock0@raymondhill.net.xpi [2018-08-27]
FF Extension: (Avast Online Security) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lux8k3l2.default\Extensions\wrc@avast.com.xpi [2018-07-19]
FF Extension: (Video DownloadHelper) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lux8k3l2.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-01]
FF Extension: (Greasemonkey) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lux8k3l2.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-08-29]
FF SearchPlugin: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\lux8k3l2.default\searchplugins\youtube.xml [2015-05-15]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-08-17] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-08-17] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-05-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-05-05] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-514960203-916159489-3134127490-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Honza\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-14] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR NewTab: Default -> Not-active:"chrome-extension://blmojkbhnkkphngknkmgccmlenfaelkd/speeddial/newTab.html", Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default [2018-08-29]
CHR Extension: (Dokumenty) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-31]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-05-05]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-05-05]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-31]
CHR Extension: (Vyhledávání Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-16]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-08-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-25]
CHR Extension: (Avast Online Security) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-05-05]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-13]
CHR Extension: (Chrome Media Router) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-11]
CHR Extension: (Geoseznam) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkejgpgaflkeonkliblcplomemekogop [2018-08-25]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-07-19] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-07-19] (AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [8730648 2018-07-27] (AVAST Software)
R2 ekrn; C:\Intel\eset\ekrn.exe [2330224 2018-07-24] (ESET)
R3 ekrnEpfw; C:\Intel\eset\ekrn.exe [2330224 2018-07-24] (ESET)
S2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-08-16] (Intel Corporation) [File not signed]
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2016-01-03] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [103736 2016-01-03] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [197160 2018-07-19] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229392 2018-07-19] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201328 2018-07-19] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-07-19] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59592 2018-07-19] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239680 2018-07-19] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-07-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [159640 2018-07-19] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111872 2018-07-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85968 2018-07-19] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027728 2018-07-19] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [465640 2018-08-24] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [211160 2018-07-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381584 2018-07-19] (AVAST Software)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [143624 2018-07-24] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241880 2015-03-10] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15872 2018-04-13] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [196112 2018-07-24] (ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [110376 2018-07-24] (ESET)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2018-03-11] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [54896 2017-11-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57976 2017-10-11] (NVIDIA Corporation)
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2016-08-13] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-29 21:43 - 2018-08-29 21:44 - 000022902 _____ C:\Users\Honza\Desktop\FRST.txt
2018-08-29 20:29 - 2018-08-29 20:30 - 000000000 ____D C:\AdwCleaner
2018-08-29 20:28 - 2018-08-29 20:28 - 007417040 _____ (Malwarebytes) C:\Users\Honza\Desktop\adwcleaner_7.2.2.exe
2018-08-29 19:24 - 2018-08-29 21:43 - 000000000 ____D C:\FRST
2018-08-29 19:23 - 2018-08-29 19:24 - 002413056 _____ (Farbar) C:\Users\Honza\Desktop\FRST64.exe
2018-08-29 13:00 - 2018-08-29 16:40 - 3869700149 _____ C:\Users\Honza\Downloads\POLICIE MODRAVA 2.rar
2018-08-27 19:00 - 2018-08-27 19:00 - 000264611 _____ C:\Users\Honza\Downloads\ESET NOD32 Antivirus 11 1 54 0 (x86+x64) + Crack [CracksNow].zip
2018-08-27 16:51 - 2018-08-27 18:42 - 1864184041 _____ C:\Users\Honza\Downloads\Policie Modrava II-4.díl případ starosta dvd.rip@.mkv
2018-08-27 13:32 - 2018-08-27 14:35 - 1153241384 _____ C:\Users\Honza\Downloads\POLICIE MODRAVA II. 03.Magická síla (2017) CZ (78PT).avi
2018-08-27 12:35 - 2018-08-27 13:27 - 937254134 _____ C:\Users\Honza\Downloads\Police Modrava II. - 2. díl - Případ u dračí skály.avi
2018-08-27 10:49 - 2018-08-27 12:25 - 1766707884 _____ C:\Users\Honza\Downloads\Policie Modrava II-1.Díl. Nehoda dvd.rip.@.mkv
2018-08-26 10:04 - 2018-08-26 11:21 - 1396177918 _____ C:\Users\Honza\Downloads\Deadpool 2 cz dabing (2018).avi
2018-08-24 10:39 - 2018-08-24 10:39 - 000000781 _____ C:\Users\Honza\Desktop\World of Tanks.lnk
2018-08-24 10:39 - 2018-08-24 10:39 - 000000000 ____D C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2018-08-24 10:36 - 2018-08-24 10:36 - 004685584 _____ (Wargaming.net ) C:\Users\Honza\Downloads\WoT_internet_install_eu_bnv7fvmtmyym.exe
2018-08-24 02:31 - 2018-08-24 02:31 - 331075033 _____ C:\Users\Honza\AppData\Local\ACCCx4_6_0_391.zip.aamdownload
2018-08-24 02:31 - 2018-08-24 02:31 - 000003672 _____ C:\Users\Honza\AppData\Local\ACCCx4_6_0_391.zip.aamdownload.aamd
2018-08-17 20:46 - 2018-07-19 09:06 - 007371616 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-17 20:46 - 2018-07-19 08:48 - 001737600 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-17 20:46 - 2018-07-19 08:15 - 025745408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-17 20:46 - 2018-07-19 06:35 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-17 20:46 - 2018-07-19 06:33 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-17 20:46 - 2018-07-19 06:33 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-17 20:46 - 2018-07-19 06:30 - 005778432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-17 20:46 - 2018-07-19 06:23 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-17 20:46 - 2018-07-19 06:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-08-17 20:46 - 2018-07-19 06:22 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-17 20:46 - 2018-07-19 06:22 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-17 20:46 - 2018-07-19 06:21 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-17 20:46 - 2018-07-19 06:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-08-17 20:46 - 2018-07-19 06:03 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-17 20:46 - 2018-07-19 06:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-08-17 20:46 - 2018-07-19 05:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-08-17 20:46 - 2018-07-19 05:55 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-08-17 20:46 - 2018-07-19 05:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-08-17 20:46 - 2018-07-19 05:53 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-08-17 20:46 - 2018-07-19 05:47 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-17 20:46 - 2018-07-19 05:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-17 20:46 - 2018-07-19 05:45 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-17 20:46 - 2018-07-19 05:45 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-17 20:46 - 2018-07-19 05:43 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-17 20:46 - 2018-07-19 05:34 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-08-17 20:46 - 2018-07-19 05:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-08-17 20:46 - 2018-07-19 05:31 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-17 20:46 - 2018-07-19 05:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-08-17 20:46 - 2018-07-19 05:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-08-17 20:46 - 2018-07-19 05:28 - 002882048 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-08-17 20:46 - 2018-07-19 05:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-08-17 20:46 - 2018-07-19 05:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-08-17 20:46 - 2018-07-19 05:28 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-08-17 20:46 - 2018-07-19 05:20 - 001554944 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-17 20:46 - 2018-07-19 05:17 - 001049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-08-17 20:46 - 2018-07-19 05:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-08-17 20:46 - 2018-07-19 05:09 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-17 20:46 - 2018-07-19 05:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-08-17 20:46 - 2018-07-19 05:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-08-17 20:46 - 2018-07-13 09:51 - 002452824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-08-17 20:46 - 2018-07-07 20:33 - 001548632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-08-17 20:46 - 2018-07-07 19:05 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-17 20:46 - 2018-07-07 19:02 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-17 20:46 - 2018-07-07 19:00 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-17 20:46 - 2018-07-07 18:33 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-08-17 20:46 - 2018-07-07 18:31 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-08-17 20:46 - 2018-07-06 19:37 - 001754624 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2018-08-17 20:46 - 2018-07-06 18:36 - 001491968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2018-08-17 20:46 - 2018-06-30 20:00 - 001113952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-17 20:46 - 2018-06-27 20:10 - 000559104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2018-08-17 20:46 - 2018-06-27 19:48 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2018-08-17 20:46 - 2018-06-24 17:11 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-17 20:46 - 2018-06-24 17:04 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-08-17 20:46 - 2018-06-19 15:38 - 003611136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-08-17 20:46 - 2018-06-19 15:38 - 003321344 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-17 20:46 - 2018-06-19 15:31 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-08-17 20:46 - 2018-06-19 15:29 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-17 20:46 - 2018-06-16 17:03 - 002779136 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-17 20:46 - 2018-06-16 16:59 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-08-17 20:46 - 2018-06-15 06:34 - 000923512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2018-08-17 20:46 - 2018-06-15 04:28 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-08-17 20:46 - 2018-06-15 04:12 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2018-08-17 20:46 - 2018-06-15 04:00 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-08-17 20:46 - 2018-06-15 03:55 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2018-08-17 20:46 - 2018-06-15 03:43 - 000186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2018-08-17 20:46 - 2018-06-15 03:26 - 000514560 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2018-08-17 20:46 - 2018-06-15 03:22 - 000866304 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2018-08-17 20:46 - 2018-06-15 03:19 - 000399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2018-08-17 20:46 - 2018-06-08 20:47 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-08 17:39 - 2018-08-08 18:19 - 698776734 _____ C:\Users\Honza\Downloads\'T.Burton... mě připomíná Svatební košili K.J.Erbena' Corpse Bride (2005) DabCz.avi
2018-08-03 07:08 - 2018-08-03 23:35 - 1436418045 _____ C:\Users\Honza\Downloads\Chronicles Of The Ghostly Tribe 2015 CZTitulky.mkv.mp4
2018-08-02 14:48 - 2018-08-02 16:44 - 2139778598 _____ C:\Users\Honza\Downloads\Love (2015) - Láska.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-29 21:43 - 2016-11-18 21:29 - 000000000 ____D C:\Users\Honza\AppData\LocalLow\Mozilla
2018-08-29 21:09 - 2015-08-31 16:11 - 000000000 ____D C:\Users\Honza\AppData\Local\CrashDumps
2018-08-29 20:38 - 2015-05-06 22:49 - 000003758 _____ C:\Windows\System32\Tasks\AutoKMS
2018-08-29 20:38 - 2015-05-06 21:07 - 000000000 ____D C:\ProgramData\NVIDIA
2018-08-29 20:37 - 2018-07-21 06:36 - 000000000 ____D C:\Users\Honza\AppData\Local\AVAST Software
2018-08-29 20:34 - 2015-09-28 09:21 - 000000000 ____D C:\Users\Honza\AppData\Roaming\Seznam.cz
2018-08-29 20:34 - 2015-06-17 19:03 - 000000000 ___RD C:\Users\Honza\OneDrive
2018-08-29 20:32 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-29 20:31 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-08-29 19:19 - 2016-03-04 17:24 - 006076416 ___SH C:\Users\Honza\Downloads\Thumbs.db
2018-08-29 17:51 - 2015-05-06 20:52 - 000003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{44B6FB5B-20F3-4754-B322-AE0DA8F02ADB}
2018-08-29 06:34 - 2015-05-07 17:23 - 000000000 ____D C:\Users\Honza\AppData\Local\Adobe
2018-08-27 17:48 - 2015-05-07 02:35 - 000000000 ____D C:\Users\Honza
2018-08-26 19:45 - 2014-03-18 17:49 - 001742514 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-26 19:45 - 2014-03-18 17:01 - 000734306 _____ C:\Windows\system32\perfh005.dat
2018-08-26 19:45 - 2014-03-18 17:01 - 000149150 _____ C:\Windows\system32\perfc005.dat
2018-08-26 19:45 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2018-08-25 13:09 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2018-08-24 19:03 - 2017-12-04 20:02 - 000465640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-08-24 10:48 - 2015-05-06 20:53 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-514960203-916159489-3134127490-1001
2018-08-24 10:39 - 2017-09-09 17:15 - 000000000 ____D C:\Games
2018-08-24 02:35 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\NDF
2018-08-23 23:03 - 2017-12-04 20:02 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-08-18 06:03 - 2018-06-09 11:33 - 005102552 _____ C:\Windows\system32\FNTCACHE.DAT
2018-08-18 06:00 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2018-08-17 21:18 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2018-08-17 21:15 - 2015-05-12 18:46 - 000000000 ____D C:\Windows\system32\MRT
2018-08-17 21:13 - 2015-05-12 18:46 - 137343192 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-08-17 20:31 - 2018-03-13 14:35 - 000004516 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-08-17 20:31 - 2015-05-08 15:47 - 000004372 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-08-17 20:30 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-08-17 20:30 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2018-08-17 20:27 - 2015-05-07 17:24 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-13 19:26 - 2016-11-18 14:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-08-13 19:26 - 2015-05-07 17:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-08-13 19:14 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2018-08-10 15:42 - 2015-06-11 20:02 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-10 15:42 - 2015-06-11 20:02 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-10 10:11 - 2015-05-07 17:18 - 000001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-08-04 01:46 - 2018-07-12 09:03 - 000836480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-08-04 01:46 - 2018-07-12 09:03 - 000181120 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-08-01 14:40 - 2018-02-24 14:36 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update

==================== Files in the root of some directories =======

2016-12-26 17:08 - 2016-12-26 17:08 - 000099384 _____ () C:\Users\Honza\AppData\Roaming\inst.exe
2016-12-26 17:08 - 2016-12-26 17:08 - 000007859 _____ () C:\Users\Honza\AppData\Roaming\pcouffin.cat
2016-12-26 17:08 - 2016-12-26 17:08 - 000001167 _____ () C:\Users\Honza\AppData\Roaming\pcouffin.inf
2016-12-26 17:08 - 2016-12-26 17:08 - 000000055 _____ () C:\Users\Honza\AppData\Roaming\pcouffin.log
2016-12-26 17:08 - 2016-12-26 17:08 - 000082816 _____ (VSO Software) C:\Users\Honza\AppData\Roaming\pcouffin.sys
2017-03-27 17:41 - 2017-03-27 17:41 - 318912029 _____ () C:\Users\Honza\AppData\Local\ACCCx3_9_5_353.zip.aamdownload
2017-03-27 17:41 - 2017-03-27 17:41 - 000003560 _____ () C:\Users\Honza\AppData\Local\ACCCx3_9_5_353.zip.aamdownload.aamd
2018-08-24 02:31 - 2018-08-24 02:31 - 331075033 _____ () C:\Users\Honza\AppData\Local\ACCCx4_6_0_391.zip.aamdownload
2018-08-24 02:31 - 2018-08-24 02:31 - 000003672 _____ () C:\Users\Honza\AppData\Local\ACCCx4_6_0_391.zip.aamdownload.aamd

Some files in TEMP:
====================
2018-08-24 02:31 - 2015-03-05 08:54 - 002212008 _____ (Adobe Systems Incorporated) C:\Users\Honza\AppData\Local\Temp\AdobeApplicationManager.exe
2018-07-29 17:33 - 2018-03-09 23:20 - 001737592 _____ (Microsoft Corporation) C:\Users\Honza\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-08-24 03:52

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.08.2018
Ran by Honza (29-08-2018 21:45:01)
Running from C:\Users\Honza\Desktop
Windows 8.1 Enterprise (Update) (X64) (2015-05-07 00:35:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-514960203-916159489-3134127490-500 - Administrator - Disabled)
Guest (S-1-5-21-514960203-916159489-3134127490-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-514960203-916159489-3134127490-1003 - Limited - Enabled)
Honza (S-1-5-21-514960203-916159489-3134127490-1001 - Administrator - Enabled) => C:\Users\Honza

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Disabled - Out of date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.28 - GIGABYTE)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 31.1.10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.1.10.0 - NVIDIA Corporation) Hidden
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 18.1.5273 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Canon iP1300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP1300) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.43 - Piriform)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
Crossout Launcher 1.0.3.38 (HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\CrossOutLauncher_is1) (Version: - )
DVD Flick (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.2 - )
Easy Tune 6 B13.0305.1 (HKLM-x32\...\{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Hidden
Easy Tune 6 B13.0305.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 11.1.54.0 - ESET, spol. s r.o.)
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{DC7720F2-98BE-41C1-B0A8-E391362E86B8}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries)
Geeks3D.com FurMark 1.10.3 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D.com)
GeoGet verze 2.9.7.771 (HKLM-x32\...\GeoGet_is1) (Version: 2.9.7.771 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
HD Tach version 3 (HKLM-x32\...\HD Tach_is1) (Version: - Simpli Software, Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 172 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
jetAudio Basic (HKLM-x32\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.1.0 - COWON)
KMSpico v9.3.3 (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: 9.3.2 - )
Metro 2033 - Redux (HKLM-x32\...\Metro 2033 - Redux_is1) (Version: 1.0.0.7 - Deep Silver)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
MKV TO AVI CONVERTER version 3.0 (HKLM-x32\...\MKV TO AVI CONVERTER_is1) (Version: - )
ModifyRegistry version 0.1 (HKLM-x32\...\{1D5BE6B5-7FD4-4A78-90F2-AF6B53BC8C1C}_is1) (Version: 0.1 - VIA Technologies, Inc.)
Mozilla Firefox 61.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 61.0.2 (x64 cs)) (Version: 61.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 61.0.2.6793 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.0 - Rockstar Games)
RogueKiller verze 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
Seznam prohlížeč (HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\Seznam Browser) (Version: 4.4.2 - Seznam.cz a.s.)
Seznam Software (HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\SeznamInstall) (Version: - Seznam.cz)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TOPO Czech PRO 2013 (HKLM-x32\...\{1278ABFC-E3E6-434B-A302-BB0E4949B87D}) (Version: 7.00 - PICODAS PRAHA, spol. s r.o.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Unity Web Player (HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\UnityWebPlayer) (Version: 5.3.6f1 - Unity Technologies ApS)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.9.0 - Elaborate Bytes)
VSO ConvertXToDVD 6 (HKLM-x32\...\{8FC36FA6-C508-44FB-B137-1CB46D8258B2}_is1) (Version: 6.0.0.80 - VSO Software)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wolfenstein New Order version 1.1.0 (HKLM-x32\...\Wolfenstein New Order_is1) (Version: 1.1.0 - REPACKY BY TOMI2K9)
World of Tanks (HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-19] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-19] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-19] (AVAST Software)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Intel\eset\shellExt.dll [2018-07-24] (ESET)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Instal1\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Instal1\winrar\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Instal1\winrar\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Intel\eset\shellExt.dll [2018-07-24] (ESET)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Instal1\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-19] (AVAST Software)
ContextMenuHandlers3: [jetAudio] -> {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} => C:\Program Files (x86)\JetAudio\JetFlExt64.dll [2013-05-09] (JetAudio)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-19] (AVAST Software)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Intel\eset\shellExt.dll [2018-07-24] (ESET)
ContextMenuHandlers6: [jetAudio] -> {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} => C:\Program Files (x86)\JetAudio\JetFlExt64.dll [2013-05-09] (JetAudio)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Instal1\winrar\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Instal1\winrar\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00A7A4C3-88A9-49D1-98F2-700AF8110418} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-03-14] (NVIDIA Corporation)
Task: {05423918-394E-448F-9743-E9234CF37E65} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {140A90BA-F6CE-45A0-BEF4-473A1F9C4055} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {1F63F079-3CB5-4B33-B3E7-75D948636A72} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {2C796998-2BAF-4A70-9437-EB8F8638BA47} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {45D5D843-E4CB-4E63-AB7C-84894A78B7C0} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-23] (AVAST Software)
Task: {4C8423BE-25D8-46EB-BA57-EB0EFFD9808B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-24] (Piriform Ltd)
Task: {5D74BBD9-35C1-439A-8F4F-A1B8F3ACC07D} - \AutoPico Daily Restart -> No File <==== ATTENTION
Task: {68BE7594-3D23-4B21-931B-7AC20BCB90C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {7278C144-D094-4FA7-92B8-D56DDFB013D3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-08-17] (AVAST Software)
Task: {842D1C63-9512-4CD8-8B6B-BE3E47D36FEE} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [2018-07-27] (AVAST Software)
Task: {8EAF9A1A-73B0-494F-A912-4E4C21E6A66B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-24] (Piriform Ltd)
Task: {9047DBE3-187B-4BDC-8C24-B3A13240FB80} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {9209A248-E495-4108-BC7F-8D21E3DDCD9D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-17] (Adobe Systems Incorporated)
Task: {987F5420-FC99-47C7-93C6-9B3117259D04} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A4016205-EC3A-465F-A5C7-5A983AC0ADAD} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-Jenda.Krejcu@seznam.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26] (Adobe Systems Incorporated)
Task: {A86F72CD-CD05-4329-B571-62D4A9A7E327} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-03-14] (NVIDIA Corporation)
Task: {A9AE5247-F2EB-459F-9494-1B766FB1BEEE} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-05-06] ()
Task: {AA2392F2-B7EA-4E77-9E48-324DE157D894} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-08-17] (Adobe Systems Incorporated)
Task: {D3D81E38-BB8E-4236-9B34-ABC622441FBD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-03-14] (NVIDIA Corporation)
Task: {D86D5F51-033A-4F02-AA1C-EF2AC86B50D0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {E92519E7-904A-4CBD-9144-5DB114470117} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {EA191185-33EE-4030-B3D8-8F880ADE54F0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {EA4E0575-13A1-4C75-AE7C-397E1E3703B1} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-03-14] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-05-06 21:07 - 2017-10-27 18:12 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-12-10 10:20 - 2018-03-14 15:05 - 001267648 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-01-03 15:33 - 2016-01-03 15:33 - 000066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-01-03 15:34 - 2016-01-03 15:34 - 000103736 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2018-04-06 07:39 - 2017-11-13 16:46 - 000092368 _____ () C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\26146libfoxloader-x64.dll
2015-09-28 09:21 - 2017-11-13 16:38 - 000506064 _____ () C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2015-09-28 09:21 - 2017-02-08 13:39 - 000080576 _____ () C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2018-05-24 19:51 - 2018-05-24 19:51 - 000084808 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2017-11-24 11:11 - 2017-11-13 16:49 - 000085200 _____ () C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\28885libfoxloader.dll
2015-09-28 09:21 - 2018-02-21 11:36 - 000869584 _____ () C:\Users\Honza\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2018-05-05 09:31 - 2016-09-12 14:53 - 048936448 _____ () C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
2018-03-13 15:27 - 2018-03-13 15:27 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-07-19 09:42 - 2018-07-19 09:42 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-07-19 09:42 - 2018-07-19 09:42 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-12-10 10:20 - 2018-03-14 15:05 - 001041344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-05-06 22:43 - 2012-06-25 10:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2018-08-29 17:33 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-514960203-916159489-3134127490-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Honza\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6CD7ED58-EAB6-4CFE-9E4E-04EF9DB06A49}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{328A3D8A-C352-4129-A3A6-2583E640D004}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{6FB945BD-04B3-4543-A460-D3AE5048F4ED}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{964AA8DA-8AA8-432C-8C0D-7FD9A5537EA7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8BDC6D52-12BE-4977-9B9C-E974AC96DA77}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1B5D3F7E-9A28-4E7A-A7B7-A0AAF268B957}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1F36931E-979A-480A-908C-5B58E04098DA}C:\hry\gta v\gta5.exe] => (Allow) C:\hry\gta v\gta5.exe
FirewallRules: [UDP Query User{00D4A6A8-ABED-40BA-BCE8-372074FD8125}C:\hry\gta v\gta5.exe] => (Allow) C:\hry\gta v\gta5.exe
FirewallRules: [{AC8EB98D-AEEC-4074-B5FD-01EA3DF72DA0}] => (Allow) D:\RouterSetup\QISWizard.exe
FirewallRules: [{7CF82BF5-1D28-4DEF-BEF6-C930F4ADA7D1}] => (Allow) D:\RouterSetup\QISWizard.exe
FirewallRules: [{023B443C-1ED8-4885-9AF2-FB8F0C2253EB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{394F29FE-AB12-4224-A70A-EEB11B78DD28}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C9664DE8-5A2B-418B-BE93-D45A7A26E98D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6F93441A-93F8-4CBD-ADCB-C9FB83ECEF2A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6EB9ED47-C7B9-4A62-B05C-1B2B1F8BCDB7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{592F994E-0C8B-43D4-A4AC-30F0F53E8538}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C4AC7A53-19C0-4289-B8E2-4D5C18548D30}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{EB597B6D-3F44-4E82-BBFE-8C3CE080FE8B}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [TCP Query User{83792D1E-160C-4099-A993-E0DF594132B8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8016F79E-B16D-4B7C-AB0C-886DB6A2138F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{913E4A8B-3A53-4EFA-9B96-B5A708751A1E}C:\users\honza\appdata\local\crossout\launcher.exe] => (Allow) C:\users\honza\appdata\local\crossout\launcher.exe
FirewallRules: [UDP Query User{FF795385-EB7F-4775-AFBD-31AAF8F864ED}C:\users\honza\appdata\local\crossout\launcher.exe] => (Allow) C:\users\honza\appdata\local\crossout\launcher.exe
FirewallRules: [{4A7C6EA8-2A18-43B9-A1EE-466949E0F676}] => (Allow) LPort=1688
FirewallRules: [{59D2F7C4-3BAF-4FF8-A6CE-8F26CA0DB01D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E04C3EC7-0302-4F10-8314-80BFEBEC5D87}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{94FDBF76-FB82-4F61-847A-A8BFB688300A}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{6D0BDE58-20F3-42B5-ACC0-002BCCE27D88}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [TCP Query User{7FC82DBC-3A22-4A33-98A3-6B44905CF879}C:\hry\gta v\gta5.exe] => (Block) C:\hry\gta v\gta5.exe
FirewallRules: [UDP Query User{4DEAE60C-3F60-4A4D-BA4B-51E758638E9E}C:\hry\gta v\gta5.exe] => (Block) C:\hry\gta v\gta5.exe
FirewallRules: [TCP Query User{BE23CE3A-9991-446A-BA1C-D0042FA77EB0}C:\users\honza\appdata\local\crossout\launcher.exe] => (Allow) C:\users\honza\appdata\local\crossout\launcher.exe
FirewallRules: [UDP Query User{75ADA1B6-B208-45A5-9724-65D26F04CD46}C:\users\honza\appdata\local\crossout\launcher.exe] => (Allow) C:\users\honza\appdata\local\crossout\launcher.exe
FirewallRules: [TCP Query User{1DA905E8-BD74-4CDE-A703-E0EA801718CD}C:\hry\metro 2033 - redux\metro.exe] => (Allow) C:\hry\metro 2033 - redux\metro.exe
FirewallRules: [UDP Query User{0BF53012-BA58-4E6E-A9AF-31CB36F25956}C:\hry\metro 2033 - redux\metro.exe] => (Allow) C:\hry\metro 2033 - redux\metro.exe
FirewallRules: [{8B0DDC18-6AA4-46FC-8843-C8323BCFA073}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E9DD6D78-7D0F-4E72-8E64-2888607EF97C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A39FCF43-DEB5-49D4-8E7F-F76C5DE649B6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{94EAAF23-F4DA-469B-96E0-A3D20D231BF5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BFD9AE70-5847-4F9C-A529-6B20A8EF0D75}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{78327086-7B8E-44F9-A69F-D4798C3FEC04}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{2EFE73C3-CFA3-4041-B035-AE1ADBE8AE46}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0EA2873E-C32C-443A-BF6C-63183942512C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{6F30DDA7-E4FE-4FB0-A44D-4F0996E56C81}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [TCP Query User{EB72E67B-C5B6-45FF-97A7-B442E4566639}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{73BC5CF9-E12C-4B6F-8CA6-762967315EDE}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{40C6CC0C-6AFF-4C30-BA54-A32DDFF4D863}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{B27B03E9-5C69-42C1-9FCF-369B61A9C088}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe

==================== Restore Points =========================

12-08-2018 02:30:16 Naplánovaný kontrolní bod
17-08-2018 21:09:11 Windows Update
25-08-2018 13:05:57 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/29/2018 09:09:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GTA5.exe, verze: 1.0.1493.0, časové razítko: 0x5b51da88
Název chybujícího modulu: GTA5.exe, verze: 1.0.1493.0, časové razítko: 0x5b51da88
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000015902b8
ID chybujícího procesu: 0x14e4
Čas spuštění chybující aplikace: 0x01d43fc7e7e77b34
Cesta k chybující aplikaci: C:\Hry\GTA V\GTA5.exe
Cesta k chybujícímu modulu: C:\Hry\GTA V\GTA5.exe
ID zprávy: 0236a630-abbf-11e8-8318-74d435444318
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/29/2018 08:35:21 PM) (Source: IAStorDataMgrSvc) (EventID: 0) (User: )
Description: Službu nelze spustit. Proces služby se nemohl připojit k síťovému řadiči

Error: (08/29/2018 07:03:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program GTA5.exe verze 1.0.1493.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1af8

Čas spuštění: 01d43fac29559d31

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Hry\GTA V\GTA5.exe

ID hlášení: 76c2d9f4-abad-11e8-8317-74d435444318

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (08/29/2018 05:31:05 AM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (5036) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Honza\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).

Error: (08/29/2018 05:31:05 AM) (Source: ESENT) (EventID: 489) (User: )
Description: DllHost (5036) WebCacheLocal: Pokus o otevření souboru C:\Users\Honza\AppData\Local\Microsoft\Windows\WebCache\V01.log jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (08/29/2018 05:30:54 AM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (5036) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Honza\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).

Error: (08/29/2018 05:30:54 AM) (Source: ESENT) (EventID: 489) (User: )
Description: DllHost (5036) WebCacheLocal: Pokus o otevření souboru C:\Users\Honza\AppData\Local\Microsoft\Windows\WebCache\V01.log jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (08/29/2018 05:30:44 AM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (5036) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Honza\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).


System errors:
=============
Error: (08/29/2018 08:31:15 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla ukončena s následující chybou:
Byl proveden pokus o odkaz na neexistující token.

Error: (08/29/2018 08:30:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (08/29/2018 08:30:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast Cleanup Premium byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (08/29/2018 08:30:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PnkBstrB byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/29/2018 08:30:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (08/29/2018 08:30:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PnkBstrA byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/29/2018 08:30:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/29/2018 08:30:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2017-12-03 14:55:08.785
Description:
Prohledávání Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\Windows\Temp\SppExtComObjHook.dll
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT Authority\System
Název procesu: C:\Windows\System32\svchost.exe
Verze podpisu: AV: 1.257.1306.0, AS: 1.257.1306.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14306.0, NIS: 2.1.14202.0

Date: 2017-12-03 14:54:57.753
Description:
Prohledávání Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\Windows\Temp\SppExtComObjHook.dll
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel:
Název procesu: C:\Windows\System32\svchost.exe
Verze podpisu: AV: 1.257.1306.0, AS: 1.257.1306.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14306.0, NIS: 2.1.14202.0

Date: 2017-12-03 14:54:57.331
Description:
Prohledávání Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\Windows\Temp\SppExtComObjHook.dll
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT Authority\System
Název procesu: System
Verze podpisu: AV: 1.257.1306.0, AS: 1.257.1306.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14306.0, NIS: 2.1.14202.0

Date: 2017-12-03 11:04:05.081
Description:
Prohledávání Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: HackTool:MSIL/AutoKMS
ID: 2147711767
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\Program Files\KMSpico\AutoPico.exe;file:_C:\Program Files\KMSpico\KMSELDI.exe;file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk;file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk;file:_C:\Windows\System32\Tasks\AutoPico Daily Restart;regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D74BBD9-35C1-439A-8F4F-A1B8F3ACC07D};regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart;regkey:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1;startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk;startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk;taskscheduler:_C:\Windows\System32\Tasks\AutoPico Daily Restart;uninstall:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: i3\Honza
Název procesu: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\SwReporter\23.135.200\software_reporter_tool.exe
Verze podpisu: AV: 1.257.1306.0, AS: 1.257.1306.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14306.0, NIS: 2.1.14202.0

Date: 2017-12-03 10:13:30.867
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A73C23BE-BC9E-4FD0-B3BC-DFED87586E18}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2017-04-10 18:13:19.015
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

Date: 2017-04-10 18:05:49.383
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 0.0.0.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 0.0.0.0
Kód chyby: 0x8024001e
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2017-04-10 18:05:49.336
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 0.0.0.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 0.0.0.0
Kód chyby: 0x8024001e
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2016-07-31 12:52:06.065
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80073aba
Popis chyby: Prostředek je zastaralý, a proto není kompatibilní.
Verze podpisu: 1.155.266.0;1.155.266.0
Verze modulu: 1.1.9700.0

CodeIntegrity:
===================================

Date: 2018-02-23 18:22:41.860
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-23 18:22:41.720
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-23 18:22:41.579
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-23 18:22:41.439
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-23 18:22:41.298
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-23 18:22:41.142
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-23 18:22:41.017
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-02-23 18:22:40.860
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 27%
Total physical RAM: 6103.35 MB
Available physical RAM: 4397 MB
Total Virtual: 9687.35 MB
Available Virtual: 7945.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.5 GB) (Free:1147.19 GB) NTFS

\\?\Volume{9c2aab28-2843-4257-9fb4-43010a1fa9a6}\ (Obnovení) (Fixed) (Total:0.29 GB) (Free:0.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119426
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu, díky

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\MountPoints2: {34d84b34-8256-11e7-82f3-74d435444318} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\MountPoints2: {838f53a1-a744-11e8-8316-74d435444318} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\MountPoints2: {f855bb25-3251-11e8-8306-74d435444318} - "E:\HiSuiteDownLoader.exe"
C:\Windows\System32\Tasks\AutoKMS
C:\Users\Honza\AppData\Local\Temp
Task: {5D74BBD9-35C1-439A-8F4F-A1B8F3ACC07D} - \AutoPico Daily Restart -> No File <==== ATTENTION
Task: {68BE7594-3D23-4B21-931B-7AC20BCB90C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A9AE5247-F2EB-459F-9494-1B766FB1BEEE} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-05-06] ()
Task: {987F5420-FC99-47C7-93C6-9B3117259D04} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

V PC jsou 2 antiviry (Eset a Avast). Jeden z nich odinstalujte, hrozí nebezpečí sw kolize.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
JenKre
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 29 srp 2018 18:30

Re: Kontrola logu, díky

#7 Příspěvek od JenKre »

Fix result of Farbar Recovery Scan Tool (x64) Version: 23.08.2018
Ran by Honza (30-08-2018 16:14:47) Run:1
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\MountPoints2: {34d84b34-8256-11e7-82f3-74d435444318} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\MountPoints2: {838f53a1-a744-11e8-8316-74d435444318} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-514960203-916159489-3134127490-1001\...\MountPoints2: {f855bb25-3251-11e8-8306-74d435444318} - "E:\HiSuiteDownLoader.exe"
C:\Windows\System32\Tasks\AutoKMS
C:\Users\Honza\AppData\Local\Temp
Task: {5D74BBD9-35C1-439A-8F4F-A1B8F3ACC07D} - \AutoPico Daily Restart -> No File <==== ATTENTION
Task: {68BE7594-3D23-4B21-931B-7AC20BCB90C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A9AE5247-F2EB-459F-9494-1B766FB1BEEE} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-05-06] ()
Task: {987F5420-FC99-47C7-93C6-9B3117259D04} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKU\S-1-5-21-514960203-916159489-3134127490-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34d84b34-8256-11e7-82f3-74d435444318}" => removed successfully
HKLM\Software\Classes\CLSID\{34d84b34-8256-11e7-82f3-74d435444318} => not found
"HKU\S-1-5-21-514960203-916159489-3134127490-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{838f53a1-a744-11e8-8316-74d435444318}" => removed successfully
HKLM\Software\Classes\CLSID\{838f53a1-a744-11e8-8316-74d435444318} => not found
"HKU\S-1-5-21-514960203-916159489-3134127490-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f855bb25-3251-11e8-8306-74d435444318}" => removed successfully
HKLM\Software\Classes\CLSID\{f855bb25-3251-11e8-8306-74d435444318} => not found
C:\Windows\System32\Tasks\AutoKMS => moved successfully
C:\Users\Honza\AppData\Local\Temp => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D74BBD9-35C1-439A-8F4F-A1B8F3ACC07D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D74BBD9-35C1-439A-8F4F-A1B8F3ACC07D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{68BE7594-3D23-4B21-931B-7AC20BCB90C6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68BE7594-3D23-4B21-931B-7AC20BCB90C6}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{A9AE5247-F2EB-459F-9494-1B766FB1BEEE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9AE5247-F2EB-459F-9494-1B766FB1BEEE}" => removed successfully
"C:\Windows\System32\Tasks\AutoKMS" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{987F5420-FC99-47C7-93C6-9B3117259D04}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{987F5420-FC99-47C7-93C6-9B3117259D04}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19161264 B
Java, Flash, Steam htmlcache => 57605559 B
Windows/system/drivers => 1879522242 B
Edge => 0 B
Chrome => 650137220 B
Firefox => 386788601 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6932 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 560 B
LocalService => 48716 B
NetworkService => 0 B
Honza => 7825881 B

RecycleBin => 1559726693 B
EmptyTemp: => 4.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:16:18 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119426
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu, díky

#8 Příspěvek od Rudy »

Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
JenKre
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 29 srp 2018 18:30

Re: Kontrola logu, díky

#9 Příspěvek od JenKre »

Díky za pomoc, má poklona. :thumbsup:
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119426
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu, díky

#10 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“