Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
ceasare
Návštěvník
Návštěvník
Příspěvky: 62
Registrován: 29 říj 2011 21:22

Prosím o kontrolu

#1 Příspěvek od ceasare »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.09.2018
Ran by Tomino (administrator) on TOMINO-PC (20-09-2018 21:53:21)
Running from C:\Users\Tomino\Desktop
Loaded Profiles: Tomino (Available Profiles: Tomino)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Bitdefender LLC) C:\Program Files\Bitdefender\Tools\BDAntiRansomware\BDAntiRansomware.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Vivaldi Technologies AS) C:\Users\Tomino\AppData\Local\Vivaldi\Application\update_notifier.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
() C:\Program Files (x86)\DFX\dfx.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
() C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(emc) C:\Users\Tomino\AppData\Roaming\uTorrent\uninstall.exe
(BitTorrent, Inc.) C:\Users\Tomino\AppData\Roaming\uTorrent\utorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
HKLM-x32\...\Run: [FxSound Enhancer] => C:\Program Files (x86)\DFX\dfx.exe [1698296 2018-05-01] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-08-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [64096 2018-08-16] (Avira Operations GmbH & Co. KG)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Run: [Ramoptimizerbar] => C:\RamoptimizerBar\RamOptimizerBar1.exe
HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Run: [Vivaldi Update Notifier] => C:\Users\Tomino\AppData\Local\Vivaldi\Application\update_notifier.exe [1495624 2018-08-06] (Vivaldi Technologies AS)
HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Run: [Memory Cleaner] => C:\Users\Tomino\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe [1035912 2017-09-18] (KoshyJohn.com)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 217.112.162.34 217.112.160.1
Tcpip\..\Interfaces\{8DBC73DE-2EDD-4D13-BDC4-39CE11814C52}: [NameServer] 217.112.162.34,217.112.160.1
Tcpip\..\Interfaces\{AC6877A1-7B00-49EF-BEF8-9066CDAAF3E0}: [DhcpNameServer] 217.112.162.34 217.112.160.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2827928165-1415540819-1374306264-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2827928165-1415540819-1374306264-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-07-18] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-18] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Tomino\AppData\Roaming\Mozilla\Firefox\Profiles\pCbVo4ce.default [2018-08-15]
FF Extension: (Avira Browser Safety) - C:\Users\Tomino\AppData\Roaming\Mozilla\Firefox\Profiles\pCbVo4ce.default\Extensions\abs@avira.com [2018-08-15]
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-09-06] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-09-06] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems)

Chrome:
=======
CHR HomePage: Default -> hxxp://google.sk/
CHR StartupUrls: Default -> "hxxp://mystart.incredibar.com/mb187?a=6OyT6MPidt&i=26","hxxp://us.yahoo.com?fr=fpc-comodo","hxxp://www.delta-search.com/?affID=119816&tt=1 ... 0714107141"
CHR NewTab: Default -> Not-active:"chrome-extension://ofmacdiceehcibkfednmgpkhgfhpacgi/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default [2018-09-20]
CHR Extension: (Prekladač Google) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-06-22]
CHR Extension: (Prezentácie) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-22]
CHR Extension: (Dokumenty) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-22]
CHR Extension: (Disk Google) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-22]
CHR Extension: (Custom Fanart.tv) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aphkfmggmfnafpjglcffibhhnnlpabpp [2018-09-20]
CHR Extension: (YouTube) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-22]
CHR Extension: (Tampermonkey) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-08-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-06-22]
CHR Extension: (Tabuľky) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-22]
CHR Extension: (Avira Browser Safety) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-08-15]
CHR Extension: (uTorrent easy client) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfiejlelblhoaflnjajjjjkkgbeifpn [2018-06-22]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-15]
CHR Extension: (The West) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilkgeioneoemibpddeiamfgiofnpjifm [2018-06-22]
CHR Extension: (EPUBReader) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhhclmfgfllimlhabjkgkeebkbiadflb [2018-06-22]
CHR Extension: (RARBG Monitor) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkgcfdmlnfpdjmnheeojdlgpmhaeekga [2018-09-20]
CHR Extension: (Fair AdBlocker) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgblnfidahcdcjddiepkckcfdhpknnjh [2018-07-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-22]
CHR Extension: (New Tab Beautiful Page) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofmacdiceehcibkfednmgpkhgfhpacgi [2018-07-10]
CHR Extension: (CSFD Vyhľadávanie & Rozšírenia) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookhejngpnlkejplknjeligcfnegimip [2018-06-22]
CHR Extension: (Gmail) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-22]
CHR Extension: (Chrome Media Router) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-19]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [895056 2018-09-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [226000 2018-09-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [226000 2018-09-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1148568 2018-09-04] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [436848 2018-08-17] (Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2981360 2018-07-27] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7211968 2018-08-20] ()
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-16] (EasyAntiCheat Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2216256 2018-09-18] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3087176 2018-09-18] (Electronic Arts)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [73240 2018-08-03] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [199920 2018-08-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [153040 2018-08-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2018-08-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2018-08-03] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [34128 2018-08-03] (Avira Operations GmbH & Co. KG)
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2018-03-08] (Windows (R) Win 7 DDK provider)
R3 DFX12; C:\Windows\System32\drivers\dfx12x64.sys [29688 2018-03-08] (Windows (R) Win 7 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2018-02-28] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-20 21:53 - 2018-09-20 21:53 - 000022337 _____ C:\Users\Tomino\Desktop\FRST.txt
2018-09-20 21:52 - 2018-09-20 21:52 - 002413568 _____ (Farbar) C:\Users\Tomino\Desktop\FRST64.exe
2018-09-20 13:35 - 2018-09-20 13:35 - 002581480 _____ C:\Users\Tomino\Desktop\osobni_zpoved-1.pdf
2018-09-20 13:19 - 2018-09-20 13:19 - 006207154 _____ C:\Users\Tomino\Desktop\Žaludové-karbanátky.pdf
2018-09-20 13:18 - 2018-09-20 13:18 - 001598410 _____ C:\Users\Tomino\Desktop\divoke-byliny-compressed.pdf
2018-09-20 13:05 - 2018-09-20 13:05 - 003873243 _____ C:\Users\Tomino\Desktop\Sedmikrásky-v-oleji.pdf
2018-09-20 08:02 - 2018-09-20 08:02 - 005917472 _____ C:\Users\Tomino\Desktop\Kopřivové-gomasio.pdf
2018-09-18 04:19 - 2018-09-20 18:20 - 000000000 ____D C:\Users\Tomino\Downloads\opera autoupdate
2018-09-17 22:58 - 2018-09-17 22:58 - 000000915 _____ C:\Users\Tomino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk
2018-09-17 22:58 - 2018-09-17 22:58 - 000000000 ____D C:\Program Files\MediaInfo
2018-09-17 22:52 - 2018-09-17 22:57 - 000000000 ____D C:\Program Files (x86)\MediaInfo Lite
2018-09-17 17:38 - 2018-09-17 17:38 - 000006437 _____ C:\Users\Tomino\Desktop\vikings.portage.(6583601).nfo
2018-09-17 17:26 - 2018-09-17 17:26 - 000004116 _____ C:\Users\Tomino\Downloads\Vikings S04.TXT
2018-09-17 15:27 - 2018-09-17 15:27 - 000004080 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1537190839
2018-09-17 15:27 - 2018-09-17 15:27 - 000001295 _____ C:\Users\Tomino\Desktop\Prehliadač Opera.lnk
2018-09-17 15:27 - 2018-09-17 15:27 - 000001295 _____ C:\Users\Tomino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2018-09-17 15:20 - 2018-09-17 15:21 - 141196646 _____ C:\Users\Tomino\Downloads\The X-Files S11E10 CZ audio.rar
2018-09-17 15:17 - 2018-09-17 15:17 - 061277280 _____ C:\Users\Tomino\Downloads\20180916 2220 - Prima COOL HD - Vikingové IV (8) -W -HD_1.mpa
2018-09-17 15:16 - 2018-09-17 15:17 - 059560320 _____ C:\Users\Tomino\Downloads\20180917 0030 - Prima COOL HD - Akta X XI (10) -W -HD_1.mpa
2018-09-16 12:56 - 2018-09-16 12:56 - 143149056 _____ C:\Users\Tomino\Downloads\20180915 2350 - Prima COOL HD - Akta X XI (9) -W -HD_2.ac3
2018-09-15 09:25 - 2018-09-15 09:25 - 051379200 _____ C:\Users\Tomino\Downloads\20180914 0115 - HBO3 - Černé jezero (4).mpa
2018-09-15 09:22 - 2018-09-15 09:22 - 000001310 _____ C:\Users\Public\Desktop\Skype.lnk
2018-09-14 08:45 - 2018-09-14 08:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TitulkyCom
2018-09-14 08:45 - 2018-09-14 08:45 - 000000000 ____D C:\Program Files (x86)\TitulkyCom
2018-09-13 14:56 - 2018-09-13 14:56 - 017277901 _____ C:\Users\Tomino\Desktop\Skyexchange-1.2.5.zip
2018-09-12 10:27 - 2018-09-12 10:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyklotrasy
2018-09-12 10:26 - 2018-09-12 10:27 - 000000000 ____D C:\Program Files (x86)\Cyklotrasy
2018-09-12 10:26 - 2018-09-12 10:26 - 000000000 ____D C:\ProgramData\EAGLE Software
2018-09-11 00:27 - 2018-09-06 03:27 - 000132408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2018-09-11 00:24 - 2018-09-06 20:29 - 040346696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 040190064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 032457848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 017014560 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-09-11 00:24 - 2018-09-06 20:29 - 003967664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 003505224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 002014624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439924.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 001563904 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 001467624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439924.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 001420464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 001217440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 001093704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 000628912 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 000518912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-09-11 00:24 - 2018-09-06 20:28 - 035251048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-09-11 00:24 - 2018-09-06 20:28 - 031248872 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-09-11 00:24 - 2018-09-06 20:28 - 020331240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-09-11 00:24 - 2018-09-06 20:28 - 013732232 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-09-11 00:24 - 2018-09-06 20:28 - 011277048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-09-11 00:24 - 2018-09-06 20:28 - 000420144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 025965064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 017754464 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 015698384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 015168800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 004084200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 001159400 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 000906904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 000546808 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 000464832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 000182552 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 000164904 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 000159848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 000142592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-09-09 13:10 - 2018-09-09 13:11 - 000000000 ____D C:\Users\Tomino\Documents\Battlefield V Open Beta
2018-09-09 09:16 - 2018-09-09 09:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit
2018-09-09 09:16 - 2018-09-09 09:16 - 000000000 ____D C:\Program Files\Subtitle Edit
2018-09-05 09:15 - 2018-09-05 09:15 - 000080384 _____ C:\Users\Tomino\Desktop\přihláška-září-18.xls
2018-09-03 21:44 - 2018-09-14 09:10 - 000000000 ____D C:\Users\Tomino\Documents\Kopie
2018-09-02 21:28 - 2018-09-02 21:28 - 000009496 _____ C:\Users\Tomino\Documents\Untitled.veg
2018-09-01 21:07 - 2018-09-05 22:24 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\FileZilla
2018-09-01 21:07 - 2018-09-05 22:24 - 000000000 ____D C:\Users\Tomino\AppData\Local\FileZilla
2018-09-01 21:07 - 2018-09-01 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2018-09-01 21:07 - 2018-09-01 21:07 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2018-09-01 06:43 - 2018-09-01 06:43 - 000000108 _____ C:\Users\Tomino\Desktop\1.url
2018-08-31 23:30 - 2018-08-31 23:30 - 000016487 _____ C:\Windows\SysWOW64\Defrag.debuglog
2018-08-31 23:30 - 2018-08-31 23:30 - 000000000 ____D C:\Users\Tomino\AppData\Local\AviraSpeedup
2018-08-31 19:33 - 2018-08-31 19:33 - 000115747 _____ C:\Users\Tomino\Downloads\Adrift 2018 720p BluRay DD5.1 x264-LoRD.torrent
2018-08-31 08:57 - 2018-09-20 13:10 - 000002061 _____ C:\Users\Tomino\AppData\Roaming\downloads.json
2018-08-31 08:57 - 2018-09-20 13:10 - 000000000 ____D C:\Users\Tomino\Documents\YouTubeDownloads
2018-08-31 08:57 - 2018-09-01 17:34 - 000000000 ____D C:\Users\Tomino\AppData\Local\Flvto Youtube Downloader
2018-08-31 08:57 - 2018-08-31 08:57 - 000004084 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1535698649
2018-08-31 08:57 - 2018-08-31 08:57 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\Opera Software
2018-08-31 08:57 - 2018-08-31 08:57 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader
2018-08-31 08:57 - 2018-08-31 08:57 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\FlvtoConverter
2018-08-31 08:57 - 2018-08-31 08:57 - 000000000 ____D C:\Users\Tomino\AppData\Local\Opera Software
2018-08-31 08:57 - 2018-08-31 08:57 - 000000000 ____D C:\Users\Tomino\AppData\Local\FlvtoYoutubeDownloader
2018-08-29 17:59 - 2018-08-29 17:59 - 000235321 _____ C:\Users\Tomino\Downloads\[nCore][hdser]Bron.S03.SWEDISH.1080p.BluRay.x264-GNiSTOR.torrent
2018-08-29 13:27 - 2018-08-29 13:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitnami
2018-08-29 12:56 - 2018-08-29 12:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2018-08-29 12:54 - 2018-08-29 13:26 - 000000000 ____D C:\xampp
2018-08-28 21:19 - 2018-08-22 18:11 - 002015184 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439907.dll
2018-08-28 21:19 - 2018-08-22 18:11 - 001467728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439907.dll
2018-08-26 19:35 - 2018-09-20 13:04 - 000000000 ____D C:\Users\Tomino\Desktop\Štefaňo príprava
2018-08-23 03:58 - 2018-09-20 21:53 - 000000000 ____D C:\Users\Public\Speedup Sessions
2018-08-22 04:12 - 2018-08-22 04:12 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\KoshyJohn.com
2018-08-22 04:12 - 2018-08-22 04:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KoshyJohn.com
2018-08-21 12:23 - 2018-08-21 12:23 - 000000000 ___HD C:\Users\Public\Shared Files

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-20 21:53 - 2018-06-17 13:57 - 000000000 ____D C:\FRST
2018-09-20 21:52 - 2018-06-23 14:46 - 000000000 ____D C:\Users\Tomino\Downloads\torrent súbori
2018-09-20 21:51 - 2018-02-14 22:30 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\uTorrent
2018-09-20 21:45 - 2018-08-15 00:39 - 000003292 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2018-09-20 21:15 - 2018-03-06 00:24 - 000000132 _____ C:\Users\Tomino\AppData\Roaming\Adobe PNG Format CS6 Prefs
2018-09-20 20:17 - 2018-02-26 17:03 - 000000000 ____D C:\ProgramData\Origin
2018-09-20 19:38 - 2018-04-12 13:19 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\Origin
2018-09-20 19:38 - 2018-02-14 19:26 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-20 19:37 - 2018-06-22 22:55 - 000000000 ____D C:\Program Files (x86)\Origin Games
2018-09-20 18:36 - 2018-02-17 22:21 - 000004998 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Tomino-PC-Tomino Tomino-PC
2018-09-20 18:22 - 2009-07-14 06:45 - 000021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-20 18:22 - 2009-07-14 06:45 - 000021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-20 18:14 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-20 15:36 - 2018-08-15 00:40 - 000003112 _____ C:\Windows\System32\Tasks\BDAntiCryptoWallTask
2018-09-20 14:17 - 2018-07-02 08:00 - 000000000 ____D C:\Users\Tomino\Desktop\OLSEN SPA
2018-09-20 13:02 - 2018-02-14 10:58 - 000000000 ___RD C:\Users\Tomino\Documents\Tomáško
2018-09-20 12:27 - 2018-04-05 17:02 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-09-20 05:14 - 2009-07-14 07:08 - 000032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-09-20 04:17 - 2018-03-06 00:10 - 000000000 ____D C:\Users\Tomino\AppData\Local\Adobe
2018-09-19 20:13 - 2010-01-01 01:03 - 000007665 _____ C:\Users\Tomino\AppData\Local\resmon.resmoncfg
2018-09-19 11:35 - 2018-02-14 10:58 - 000000000 ___RD C:\Users\Tomino\Documents\Evka
2018-09-18 22:42 - 2018-02-14 21:14 - 000002236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-18 13:53 - 2018-04-12 13:19 - 000000000 ____D C:\Program Files (x86)\Origin
2018-09-17 22:52 - 2018-02-24 13:00 - 000000000 ____D C:\Program Files (x86)\MediaInfo
2018-09-17 09:35 - 2018-06-21 10:25 - 000000000 ____D C:\Users\Tomino\AppData\Local\ElevatedDiagnostics
2018-09-16 07:15 - 2018-02-26 00:30 - 000000000 ____D C:\KMPlayer
2018-09-16 06:18 - 2018-02-14 23:11 - 000000000 ____D C:\Users\Tomino\AppData\Local\NVIDIA Corporation
2018-09-15 12:10 - 2018-02-14 19:26 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-09-15 09:22 - 2018-04-09 15:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-09-14 13:03 - 2018-05-04 01:02 - 000000000 ____D C:\Users\Tomino\Desktop\Najnovšie!!!!!!
2018-09-14 08:45 - 2018-06-09 05:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSFilter
2018-09-14 08:45 - 2018-06-09 05:56 - 000000000 ____D C:\Program Files\VSFilter
2018-09-13 17:55 - 2018-02-14 21:31 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\.minecraft
2018-09-12 11:27 - 2018-06-09 08:36 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\Subtitle Edit
2018-09-12 10:25 - 2018-06-13 13:00 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-09-12 10:25 - 2018-06-13 13:00 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-12 10:25 - 2018-06-13 13:00 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-09-12 10:25 - 2018-06-13 13:00 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-09-12 10:25 - 2018-06-13 13:00 - 000000000 ____D C:\Windows\system32\Macromed
2018-09-12 10:25 - 2018-03-06 00:12 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-09-11 15:09 - 2018-02-14 21:38 - 000000000 ____D C:\Users\Tomino\AppData\Local\NVIDIA
2018-09-11 00:27 - 2018-02-15 17:56 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-09-11 00:27 - 2018-02-14 20:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-09-11 00:27 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-09-11 00:26 - 2018-05-22 23:43 - 000000000 ____D C:\Windows\system32\unknown
2018-09-10 19:32 - 2018-04-17 17:40 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2018-09-10 09:03 - 2018-04-12 13:41 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2018-09-09 23:37 - 2018-03-09 20:22 - 000000000 ____D C:\Users\Tomino\AppData\Local\JDownloader 2.0
2018-09-09 13:10 - 2018-02-14 23:11 - 000000000 ____D C:\Users\Tomino\ansel
2018-09-08 20:50 - 2018-04-16 12:37 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\avidemux
2018-09-08 13:35 - 2009-07-14 07:13 - 000781298 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-07 06:49 - 2018-08-19 10:24 - 000000000 ____D C:\Users\Tomino\Documents\Skenovanie
2018-09-06 20:28 - 2018-03-21 17:45 - 023306368 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2018-09-06 20:28 - 2018-03-21 17:45 - 000505696 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2018-09-06 20:27 - 2018-03-21 17:45 - 019088408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-09-06 20:27 - 2018-03-21 17:45 - 004615416 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-09-06 04:50 - 2018-03-21 17:45 - 000041866 _____ C:\Windows\system32\nvinfo.pb
2018-09-06 03:18 - 2018-03-21 17:48 - 005947704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-09-06 03:18 - 2018-03-21 17:48 - 002612616 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2018-09-06 03:17 - 2018-03-21 17:48 - 008330242 _____ C:\Windows\system32\nvcoproc.bin
2018-09-06 03:17 - 2018-03-21 17:48 - 001767280 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-09-06 03:17 - 2018-03-21 17:48 - 000634248 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-09-06 03:17 - 2018-03-21 17:48 - 000450416 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-09-06 03:17 - 2018-03-21 17:48 - 000124112 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-09-06 03:17 - 2018-03-21 17:48 - 000083256 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-09-05 20:12 - 2018-03-21 17:47 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2018-09-05 14:55 - 2018-02-26 00:47 - 000000000 ____D C:\Users\Tomino\AppData\Local\CrashDumps
2018-09-05 09:46 - 2018-02-15 20:17 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\vlc
2018-09-04 07:01 - 2018-08-15 00:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-09-04 06:57 - 2018-04-27 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2018-09-04 06:57 - 2018-04-27 10:39 - 000000000 ____D C:\Program Files\MPC-HC
2018-09-03 13:45 - 2018-02-27 13:39 - 000000000 ____D C:\Users\Tomino\Documents\Súbory programu Outlook
2018-09-02 13:17 - 2018-07-27 16:26 - 000000000 ____D C:\Users\Tomino\AppData\Local\FileUploader
2018-09-02 13:17 - 2018-05-31 19:24 - 000000000 ____D C:\ProgramData\FileUploader
2018-08-31 23:31 - 2018-06-17 13:24 - 000000000 ____D C:\Windows\pss
2018-08-31 23:31 - 2018-06-08 15:40 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-08-31 23:31 - 2018-06-08 11:07 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\AccurateRip
2018-08-31 23:31 - 2018-06-07 07:41 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\VideoReDo-TVSuite5
2018-08-31 23:31 - 2018-06-07 07:41 - 000000000 ____D C:\Program Files (x86)\VideoReDoTVSuite5
2018-08-31 23:31 - 2018-05-04 11:23 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\Sony
2018-08-31 23:31 - 2018-04-17 10:22 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\Anvsoft
2018-08-31 23:31 - 2018-02-14 10:58 - 000000000 ___RD C:\Users\Tomino\Documents\Bastien
2018-08-29 19:22 - 2018-06-08 15:40 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\TeamViewer
2018-08-29 07:39 - 2018-08-15 00:38 - 000000000 ____D C:\ProgramData\Package Cache
2018-08-28 08:24 - 2018-05-04 18:27 - 000000000 ____D C:\ProgramData\TEMP
2018-08-28 08:23 - 2018-06-22 23:17 - 000000000 ____D C:\ProgramData\EZ CD Audio Converter
2018-08-28 08:23 - 2018-05-04 18:27 - 000000887 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZ CD Audio Converter.lnk
2018-08-28 08:23 - 2018-05-04 18:27 - 000000000 ____D C:\Program Files\EZ CD Audio Converter
2018-08-26 00:42 - 2018-02-15 09:33 - 000001744 _____ C:\Users\Tomino\Desktop\Evka - odkaz.lnk
2018-08-24 12:25 - 2018-02-15 09:33 - 000001871 _____ C:\Users\Tomino\Desktop\Tomáško - odkaz.lnk
2018-08-24 12:24 - 2018-02-15 09:33 - 000001861 _____ C:\Users\Tomino\Desktop\Bastien - odkaz.lnk
2018-08-23 03:58 - 2018-08-15 00:40 - 000003666 _____ C:\Windows\System32\Tasks\AviraSystemSpeedupUpdate
2018-08-21 12:23 - 2018-02-14 18:55 - 000000000 ____D C:\Intel

==================== Files in the root of some directories =======

2018-04-04 08:48 - 2018-08-11 14:24 - 000000132 _____ () C:\Users\Tomino\AppData\Roaming\Adobe GIF Format CS6 Prefs
2018-04-04 08:52 - 2018-04-04 08:52 - 000000132 _____ () C:\Users\Tomino\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2018-03-06 00:24 - 2018-09-20 21:15 - 000000132 _____ () C:\Users\Tomino\AppData\Roaming\Adobe PNG Format CS6 Prefs
2018-04-22 20:16 - 2018-04-23 10:04 - 000000034 _____ () C:\Users\Tomino\AppData\Roaming\AdobeWLCMCache.dat
2018-08-31 08:57 - 2018-09-20 13:10 - 000002061 _____ () C:\Users\Tomino\AppData\Roaming\downloads.json
2018-07-15 12:14 - 2018-07-15 12:14 - 000099384 _____ () C:\Users\Tomino\AppData\Roaming\inst.exe
2018-07-15 12:14 - 2018-07-15 12:14 - 000007859 _____ () C:\Users\Tomino\AppData\Roaming\pcouffin.cat
2018-07-15 12:14 - 2018-07-15 12:14 - 000001167 _____ () C:\Users\Tomino\AppData\Roaming\pcouffin.inf
2018-07-15 12:14 - 2018-07-15 12:14 - 000000055 _____ () C:\Users\Tomino\AppData\Roaming\pcouffin.log
2018-07-15 12:14 - 2018-07-15 12:14 - 000082816 _____ (VSO Software) C:\Users\Tomino\AppData\Roaming\pcouffin.sys
2018-03-17 04:48 - 2018-03-17 04:57 - 000003584 _____ () C:\Users\Tomino\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-01-01 01:03 - 2018-09-19 20:13 - 000007665 _____ () C:\Users\Tomino\AppData\Local\resmon.resmoncfg
2018-04-07 08:25 - 2016-11-23 15:37 - 000000570 _____ () C:\Users\Tomino\AppData\Local\TroubleshooterConfig.json

Some files in TEMP:
====================
2018-07-27 16:23 - 2018-07-27 16:23 - 000036864 _____ () C:\Users\Tomino\AppData\Local\Temp\FUp_updater.exe
2018-07-19 21:36 - 2018-07-19 21:36 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Tomino\AppData\Local\Temp\jansi-64-1486223245878721707.dll
2018-09-13 17:34 - 2018-09-13 17:34 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Tomino\AppData\Local\Temp\jansi-64-2656740237074623200.dll
2018-07-21 13:52 - 2018-07-21 13:52 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Tomino\AppData\Local\Temp\jansi-64-2965165143488775058.dll
2018-07-19 21:30 - 2018-07-19 21:30 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Tomino\AppData\Local\Temp\jansi-64-4520651762675978306.dll
2018-09-13 17:13 - 2018-09-13 17:13 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Tomino\AppData\Local\Temp\jansi-64-5718738004010714348.dll
2018-09-13 17:39 - 2018-09-13 17:39 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Tomino\AppData\Local\Temp\jansi-64-5754352189491560585.dll
2018-07-23 04:36 - 2018-07-23 04:36 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Tomino\AppData\Local\Temp\jansi-64-6413538051309700359.dll
2018-07-19 21:28 - 2018-07-19 21:28 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Tomino\AppData\Local\Temp\jansi-64-7738664330334315577.dll
2018-07-21 13:50 - 2018-07-21 13:50 - 000019968 _____ (Red Hat®, Inc.) C:\Users\Tomino\AppData\Local\Temp\jansi-64-7960263975620889405.dll
2018-09-13 17:40 - 2018-09-13 17:40 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Tomino\AppData\Local\Temp\jansi-64-8621726349882385764.dll
2018-07-18 22:43 - 2018-07-18 22:43 - 001906040 _____ (Oracle Corporation) C:\Users\Tomino\AppData\Local\Temp\jre-8u181-windows-au.exe
2018-07-04 12:49 - 2018-07-04 12:49 - 038170824 _____ (PandoraTV) C:\Users\Tomino\AppData\Local\Temp\KMP_4.2.2.13.exe
2018-08-16 08:03 - 2018-08-16 08:03 - 038163512 _____ (PandoraTV) C:\Users\Tomino\AppData\Local\Temp\KMP_4.2.2.14.exe
2018-08-22 04:11 - 2017-09-18 09:50 - 001035912 _____ (KoshyJohn.com) C:\Users\Tomino\AppData\Local\Temp\MemClean.exe
2018-06-27 22:43 - 2018-06-24 17:40 - 000640960 _____ (NVIDIA Corporation) C:\Users\Tomino\AppData\Local\Temp\nvSCPAPI.dll
2018-06-27 22:43 - 2018-06-24 17:40 - 000730560 _____ (NVIDIA Corporation) C:\Users\Tomino\AppData\Local\Temp\nvSCPAPI64.dll
2018-06-27 22:40 - 2018-08-21 12:24 - 000395576 _____ (NVIDIA Corporation) C:\Users\Tomino\AppData\Local\Temp\nvStInst.exe
2018-09-09 23:37 - 2018-09-09 23:37 - 000040448 ____N () C:\Users\Tomino\AppData\Local\Temp\proxy_vole1816838570593542271.dll
2018-09-09 23:37 - 2018-09-09 23:37 - 000040448 ____N () C:\Users\Tomino\AppData\Local\Temp\proxy_vole3783066400268044238.dll
2018-09-09 23:37 - 2018-09-09 23:37 - 000040448 ____N () C:\Users\Tomino\AppData\Local\Temp\proxy_vole7395173724568788626.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-17 09:28

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.09.2018
Ran by Tomino (20-09-2018 21:53:51)
Running from C:\Users\Tomino\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2018-02-14 16:52:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2827928165-1415540819-1374306264-500 - Administrator - Disabled)
Guest (S-1-5-21-2827928165-1415540819-1374306264-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2827928165-1415540819-1374306264-1002 - Limited - Enabled)
Tomino (S-1-5-21-2827928165-1415540819-1374306264-1000 - Administrator - Enabled) => C:\Users\Tomino

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.08 - GIGABYTE)
4K Video Downloader 4.4 (HKLM-x32\...\{5B866026-1C73-4A9F-ACB0-0B16E76780B7}) (Version: 4.4.5.2285 - Open Media LLC)
4K YouTube to MP3 3.3 (HKLM-x32\...\{35F6F72F-08F5-4885-8B69-7A3C6C1F038E}) (Version: 3.3.5.1797 - Open Media LLC)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
All Video Sound Extractor 2.8 (HKLM-x32\...\All Video Sound Extractor_is1) (Version: - Zealotsoft,Inc.)
Any Video Converter Ultimate 5.8.3 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
Audacity 2.2.2 (HKLM-x32\...\Audacity_is1) (Version: 2.2.2 - Audacity Team)
AutoGreen B09.1014.2 (HKLM-x32\...\{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE) Hidden
AutoGreen B09.1014.2 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
Avidemux 2.7 - 64 bits (HKLM-x32\...\Avidemux 2.7 - 64 bits (64-bit)) (Version: 2.7.1.180604 - )
Avira (HKLM-x32\...\{532da46c-2aa3-4588-a4a2-b02bc641bf95}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{9620D4C2-CF5B-4DBE-8103-CC9DAB0871C6}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.40.12 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 4.13.0.7681 - Avira Operations GmbH & Co. KG)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
BDAntiRansomware (HKLM\...\{BE40AB1F-558F-4434-B72F-461EF97E7796}_is1) (Version: 1.0.12.151 - Bitdefender)
Bitnami WordPress Module (HKLM-x32\...\Bitnami WordPress Module 4.9.8-0) (Version: 4.9.8-0 - Bitnami)
Browser Configuration Utility (HKLM-x32\...\{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}) (Version: 1.1.18.0 - DeviceVM Inc.) <==== ATTENTION
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - Canon Inc.)
Cyklotrasy 2.44 (HKLM-x32\...\Cyklotrasy 2.44) (Version: - )
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 399.24 - NVIDIA Corporation) Hidden
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
eac3to Decoder Pack 1.4 (HKLM-x32\...\{167887DA-6C4F-4265-8139-8750A543FD52}_is1) (Version: - )
Easy Tune 6 B10.0521.1 (HKLM-x32\...\{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Hidden
Easy Tune 6 B10.0521.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Epic Games Launcher (HKLM-x32\...\{93BFE5DF-776E-436F-8693-DF1F72C0E3C1}) (Version: 1.1.151.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Exact Audio Copy 1.3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.3 - Andre Wiethoff)
EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 7.2 - Poikosoft)
FFmpeg (Windows) for Audacity verze 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.48.30259 - Electronic Arts)
FileZilla Client 3.36.0 (HKLM-x32\...\FileZilla Client) (Version: 3.36.0 - Tim Kosse)
Flvto Youtube Downloader (HKLM\...\Flvto Youtube Downloader) (Version: 1.2.1 - Hotger)
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
Free FLAC to MP3 Converter 1.4 (HKLM-x32\...\{A54C01BD-1277-4722-B42B-EC9800A90B1E}_is1) (Version: 1.4 - PolySoft Solutions)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Inviska MKV Extract version 3.0 (HKLM-x32\...\{215C3EFC-2BE8-4A5A-9A1F-982C15E47CC9}_is1) (Version: 3.0 - Inviska Software)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.14 - PandoraTV)
Kodi (HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Kodi) (Version: - XBMC-Foundation)
Kuki (HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Kuki) (Version: 20160616.000 - SMART Comp. a.s.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Magic FLAC to MP3 Converter 3.71 (HKLM-x32\...\Magic FLAC to MP3 Converter_is1) (Version: - Magic Video)
MakeMKV v1.12.2 (HKLM-x32\...\MakeMKV) (Version: v1.12.2 - GuinpinSoft inc)
MediaInfo 18.08 (HKLM\...\MediaInfo) (Version: 18.08 - MediaArea.net)
Memory Cleaner 2.60 (HKLM\...\MemClean) (Version: 2.60 - KoshyJohn.com)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MKVToolNix 25.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 25.0.0 - Moritz Bunkus)
Mozilla ActiveX Control v1.7.12 (HKLM-x32\...\Mozilla ActiveX Control v1.7.12) (Version: - )
MPC-HC 1.7.18 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.18 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nero 7 Ultra Edition (HKLM-x32\...\{4F2CE68F-EDBB-4592-BF07-5AC930A51051}) (Version: 7.02.6446 - Nero AG)
NVIDIA 3D Vision radič ovládača 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Grafický ovládač 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 399.24 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 399.24 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
ON_OFF Charge B10.0427.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Opera Stable 55.0.2994.61 (HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Opera 55.0.2994.61) (Version: 55.0.2994.61 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.27.11381 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 399.24 - NVIDIA Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Polda 6 verze 1.1 (HKLM-x32\...\Polda 6_is1) (Version: 1.1 - )
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.13963 - Kakao Corp.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.6 - Power Software Ltd)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6077 - Realtek Semiconductor Corp.)
Roblox Player for Tomino (HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Roblox Player for Tomino (HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\roblox-player) (Version: - Roblox Corporation)
Skype verzia 8.30 (HKLM-x32\...\Skype_is1) (Version: 8.30 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Spotify) (Version: 1.0.82.447.g975ad224 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Subtitle Edit 3.5.7 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.7.1 - Nikse)
Subtitle Workshop 6.0b (HKLM-x32\...\SubtitleWorkshop) (Version: - )
Thumbnail me 3.0 (HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Thumbnail me 3.0) (Version: - )
TitulkyCom verze 1.003 (HKLM-x32\...\{19ECB379-937F-4778-9B72-7522B66660AB}_is1) (Version: 1.003 - Martevax s.r.o.)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.10 - Ghisler Software GmbH)
Total Video Converter 3.70 100621 (HKLM-x32\...\Total Video Converter 3.70_is1) (Version: - EffectMatrix Inc.)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
VideoReDo TVSuite Version 4.21.2.662 (HKLM-x32\...\VideoReDo4_is1) (Version: - DRD Systems, Inc.)
VideoReDo TVSuite Version 5.1.1.719 (HKLM-x32\...\VideoReDo5_is1) (Version: - DRD Systems, Inc.)
Vivaldi (HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Vivaldi) (Version: 1.15.1147.64 - Vivaldi)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
VSFilter 2.41.35 (d08a416) Nightly (64-bit) (HKLM\...\vsfilter64_is1) (Version: 2.41.35 - MPC-HC Team)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.56 - VSO Software)
Wargaming.net Game Center (HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Wargaming.net Game Center) (Version: 18.3.2.9853 - Wargaming.net)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 7.2.9-0 - Bitnami)
YouTube By Click (HKLM-x32\...\{483BD1CD-8516-4174-8D7B-E7CD0D86B917}) (Version: 2.2.84 - ByClick) Hidden
YouTube By Click (HKLM-x32\...\YouTube By Click 2.2.84) (Version: 2.2.84 - ByClick)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2827928165-1415540819-1374306264-1000_Classes\CLSID\{869C14C8-1830-491F-B575-5F9AB40D2B42}\InprocServer32 -> C:\Program Files\MediaInfo\MediaInfo_InfoTip.dll (MediaArea.net)
CustomCLSID: HKU\S-1-5-21-2827928165-1415540819-1374306264-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-02-28] (Nero AG)
ContextMenuHandlers1-x32: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2016-01-01] (Poikosoft)
ContextMenuHandlers1-x32: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2016-05-25] (Power Software Ltd)
ContextMenuHandlers1-x32: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-09-04] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1-x32: [SystemSpeedupFilesMenu] -> {ef263503-8f0e-3e6a-ae2e-fe0b4b441d52} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ContextMenuHandlers1-x32: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers4: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2016-01-01] (Poikosoft)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2016-05-25] (Power Software Ltd)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {3d52b24d-33bb-3895-99ea-a0156f24a3f9} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-09-06] (NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {cefaf456-bc17-3f4b-b7d9-75070925911b} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2016-05-25] (Power Software Ltd)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-09-04] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {14CE4751-4852-43F6-BAB5-5F6298DB6097} - System32\Tasks\Opera scheduled Autoupdate 1535698649 => C:\Users\Tomino\AppData\Local\Programs\Opera\launcher.exe [2018-09-13] (Opera Software)
Task: {305FEA55-603A-49FC-BF2E-62EBA1236B53} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {353A79D2-F45C-4931-8126-39E317D21DD8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-09-12] (Adobe Systems Incorporated)
Task: {3C630C9A-3827-4627-BF3E-3486F7A38BAD} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {497A5E52-AEA3-455C-B145-69E0DE26174E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-07-19] (NVIDIA Corporation)
Task: {53DF3898-2CC6-4230-A71E-6DE192C86F8D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-14] (Google Inc.)
Task: {56B51740-CB74-44DA-B8B8-D246D0ACCFFC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {6C8DAF37-DEEF-4E99-A33C-DD74BDF214F5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {6FEE8D71-8C1C-4A80-B763-89B025E353C0} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-07-19] (NVIDIA Corporation)
Task: {7A68C750-277E-46FD-A9EC-4545A6CAAAD8} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [2018-08-23] (Avira Operations GmbH & Co. KG )
Task: {82257BDE-2F71-4153-931D-9C297335A2D5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {8503D2B0-0D86-4C5D-AED0-6A5B7C977467} - System32\Tasks\AdobeAAMUpdater-1.0-Tomino-PC-Tomino => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {8AD98262-8C46-4652-94DF-84245D8A7841} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_pepper.exe [2018-09-12] (Adobe Systems Incorporated)
Task: {91E117E1-067F-48A3-A4CA-85BC2A1150C6} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {9721550B-EEF4-44FA-B16B-4A805ABFDB20} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {99530FD4-B8D9-4609-874D-D6008FB422FD} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-09-04] (Avira Operations GmbH & Co. KG)
Task: {9D3E99A5-7B75-412B-8A51-D818F6E4B576} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
Task: {A2EE28D3-A1C6-44F6-9028-D9A7E56661D7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-14] (Google Inc.)
Task: {A95F9500-2483-4713-87DC-F437A4C0606C} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Tomino-PC-Tomino Tomino-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {AB1FC029-E7DF-4516-BAED-5BF808FB7106} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {B09875B1-C1AD-4580-8698-49A0FD15444B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {B9F0A727-7A2C-476B-8746-26C4D9A549D4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-07-19] (NVIDIA Corporation)
Task: {BB8F0CF3-900B-417F-A1D7-E72B64ACC5C4} - System32\Tasks\BDAntiCryptoWallTask => C:\Program Files\Bitdefender\Tools\BDAntiRansomware\BDAntiRansomware.exe [2017-01-23] (Bitdefender LLC)
Task: {C49D2492-389B-48B6-8900-DDD91FA410E3} - System32\Tasks\Opera scheduled Autoupdate 1537190839 => C:\Users\Tomino\AppData\Local\Programs\Opera\launcher.exe [2018-09-13] (Opera Software)
Task: {CAA6324F-3481-487D-B276-B4628D9B05DC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {D4FC9127-9CB0-4685-AA28-E3C69D904E61} - System32\Tasks\AdobeGCInvoker-1.0-Tomino-PC-Tomino => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {F0FA17C9-23F9-4216-A6A4-A8D70B6C5ADE} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {F6E84A60-6A23-4391-B13E-9885C8061911} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {FAEBD8A1-A5A1-4908-B047-F6151E1DF354} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-03-21 17:48 - 2018-09-06 03:18 - 000142888 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-06-10 01:41 - 2016-06-10 01:41 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2018-08-27 13:57 - 2018-08-27 13:57 - 000054440 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2018-08-15 00:40 - 2016-08-16 10:21 - 000091648 _____ () C:\Program Files\Bitdefender\Tools\BDAntiRansomware\BDMetrics.dll
2018-04-05 15:21 - 2018-05-01 09:36 - 001698296 _____ () C:\Program Files (x86)\DFX\dfx.exe
2018-05-22 23:36 - 2018-07-19 22:20 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-04-05 15:16 - 2018-04-05 15:16 - 000161784 _____ () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
2018-04-05 15:17 - 2018-04-05 15:17 - 000176120 _____ () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
2018-04-05 15:26 - 2018-04-05 15:26 - 000098296 _____ () C:\Program Files (x86)\Common Files\DFX\Dlls\dfxShared64.dll
2018-05-22 23:36 - 2018-07-19 22:19 - 095437352 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-05-22 23:36 - 2018-07-19 22:19 - 003029032 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-05-22 23:36 - 2018-07-19 22:19 - 000149544 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2018-08-01 18:32 - 2018-07-19 22:19 - 000020008 _____ () c:\program files\nvidia corporation\nvstreamsrv\detoured.dll
2018-09-18 22:42 - 2018-09-15 10:26 - 005110616 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libglesv2.dll
2018-09-18 22:42 - 2018-09-15 10:26 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libegl.dll
2018-04-05 15:26 - 2018-04-05 15:26 - 000083960 _____ () C:\Program Files (x86)\Common Files\DFX\Dlls\dfxShared32.dll
2018-08-01 18:32 - 2018-07-19 22:19 - 000020008 _____ () c:\program files (x86)\nvidia corporation\nvstreamsrv\detoured.dll
2018-08-15 00:39 - 2018-08-03 23:20 - 001204472 _____ () C:\Program Files (x86)\Avira\Antivirus\crypto-42.dll
2018-08-15 00:39 - 2018-08-03 23:20 - 000243352 _____ () C:\Program Files (x86)\Avira\Antivirus\ssl-44.dll
2018-02-14 23:11 - 2018-07-19 22:19 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:gs5sys [2304]
AlternateDataStreams: C:\Users\All Users:gs5sys [2304]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [2304]
AlternateDataStreams: C:\ProgramData\TEMP:0888F409 [147]
AlternateDataStreams: C:\ProgramData\TEMP:3440EB47 [216]
AlternateDataStreams: C:\ProgramData\TEMP:66633281 [148]
AlternateDataStreams: C:\ProgramData\TEMP:93433455 [814]
AlternateDataStreams: C:\ProgramData\TEMP:ADAB671B [128]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\57132958.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\57132958.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2018-06-22 22:39 - 000000841 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomino\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 217.112.162.34 - 217.112.160.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: wuauserv => 3
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Spotify => C:\Users\Tomino\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Tomino\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Vivaldi Update Notifier => "C:\Users\Tomino\AppData\Local\Vivaldi\Application\update_notifier.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D5BD23F3-6984-457B-A12D-56E7643D4E29}] => (Allow) C:\Users\Tomino\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{8F842912-47A6-4E66-BC91-610194782F7C}] => (Allow) C:\Users\Tomino\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{7BB9C2A3-0496-4BF3-8F76-0B4FDE1AF0CB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{106C6F1B-5A8B-4246-80CF-9B05FCAE04F5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{8E0028BB-2211-4ACB-BFAA-75EBC722D508}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{22CB1CA4-0660-4F03-A897-37FC5346CB81}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{B4DC6ED2-C308-4AEE-A897-6D73E04BFF60}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{018778FE-4BF7-409C-929D-9714787CB962}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E9FF377A-50C2-4D0D-B67E-42FD8C85EA6C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{31B29679-118D-41E5-A67D-35283D35F28B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{7C431C17-54B5-4B53-82D9-F33688777EDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D0904536-6E9E-4E10-92A3-D508385FD61C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EBB26664-E421-4621-9B2E-B8B3CAFCAE28}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{C49163A0-BD8B-4DE3-A2BE-AEC0C0185EB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D4984643-3F16-4F05-BFFE-6811965F4CF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D83A1F3C-D086-41E5-BDAD-1ED613B801C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7DB3E909-F172-4168-81EA-FD04B7445CEE}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{FCCFBA55-21BA-4B53-B764-3EA92C09978E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [TCP Query User{757E600A-7DF5-4967-9CA9-1D70C18BF927}X:\games\fifa 17\fifa17.exe] => (Allow) X:\games\fifa 17\fifa17.exe
FirewallRules: [UDP Query User{1E167041-D891-43D4-8C71-BC425AB3E7D0}X:\games\fifa 17\fifa17.exe] => (Allow) X:\games\fifa 17\fifa17.exe
FirewallRules: [TCP Query User{F174C8FD-5004-4B61-9B55-4D914FFC0FE1}C:\program files\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_181\bin\javaw.exe
FirewallRules: [UDP Query User{36E2623F-325B-4506-896B-EFC0A0CCE80B}C:\program files\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_181\bin\javaw.exe
FirewallRules: [TCP Query User{5104F9E9-C9BF-4218-BE34-BC983F12F60A}C:\hry\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Block) C:\hry\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{BA4C76F2-1966-41B7-8244-7F2354B81204}C:\hry\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Block) C:\hry\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [TCP Query User{790A2478-16AC-4EAE-A9E9-D46CBD66A968}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{3AB17DDD-A7D4-45F7-99E0-94714FC86D4D}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{8632708D-2CF4-4EA8-B6AC-B7B3DABD27B1}X:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) X:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{F5A164FB-55E4-4F83-A44E-4D170183ABB3}X:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) X:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{DFB40238-C370-4B78-AF0D-942BA4AFFD48}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{6DA439F7-CA8F-4BFE-96E4-2F0556454010}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{ABC586DE-0737-4A29-96DA-7F29793625C2}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{0671EB3C-0E5F-4479-89AF-2A193B747C58}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{356F8072-1DF6-4581-9DC5-418778B42D99}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{2C760EED-74B2-451C-B07A-A9A52CDAFC43}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{A7A474C7-2139-4539-BAF0-297ED5D66B78}] => (Allow) C:\Users\Tomino\AppData\Local\Programs\Opera\55.0.2994.44\opera.exe
FirewallRules: [{8D0E89BF-732E-4A31-BF3A-978E20F71F57}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{446EA9AC-F1B2-4D00-9B7D-0905D6F2D88C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{69A04DBE-49D8-40DE-A083-3179C194EDAA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/20/2018 08:26:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program mpc-hc64.exe version 1.7.18.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 23d8

Start Time: 01d4510f4f37f523

Termination Time: 22

Application Path: C:\Program Files\MPC-HC\mpc-hc64.exe

Report Id: aec7d4e4-bd02-11e8-a7cf-1c6f659d91c9

Error: (09/20/2018 06:15:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/20/2018 06:14:03 PM) (Source: AviraOptimizerHost) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/20/2018 06:14:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/20/2018 05:34:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/20/2018 03:36:32 PM) (Source: AviraOptimizerHost) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/20/2018 05:15:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/20/2018 04:07:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (09/20/2018 06:13:39 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 18:07:17 on ‎20. ‎9. ‎2018 was unexpected.

Error: (09/19/2018 03:16:46 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Error: (09/19/2018 07:31:23 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (09/19/2018 02:16:21 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/14/2018 10:29:24 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/13/2018 03:46:43 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (09/13/2018 03:46:37 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (09/13/2018 03:46:30 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz
Percentage of memory in use: 81%
Total physical RAM: 3959.49 MB
Available physical RAM: 749.21 MB
Total Virtual: 7917.17 MB
Available Virtual: 3420.72 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.79 GB) (Free:14.03 GB) NTFS
Drive x: () (Fixed) (Total:465.76 GB) (Free:140.64 GB) NTFS
Drive y: (Lokálny disk) (Fixed) (Total:3725.9 GB) (Free:462.23 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 9BB1274D)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 949F226D)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

ceasare
Návštěvník
Návštěvník
Příspěvky: 62
Registrován: 29 říj 2011 21:22

Re: Prosím o kontrolu

#3 Příspěvek od ceasare »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-21-2018
# Duration: 00:00:14
# OS: Windows 7 Home Premium
# Cleaned: 14
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\csastats

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted uTorrentControl_v6 Customized Web Search
Deleted http://mystart.incredibar.com/mb187?a=6OyT6MPidt&i=26
Deleted istartsurf
Deleted http://mystart.incredibar.com/mb187?a=6OyT6MPidt&i=26
Deleted AVG Secure Search
Deleted http://www.yoursearching.com/?type=hp&t ... 0714107141
Deleted SearchGol
Deleted http://websearch.search-guide.info/?pid ... K&unqvl=40
Deleted WebSearch
Deleted Search Here
Deleted http://www.yoursearching.com/?type=hp&t ... 0714107141
Deleted Search the web (Softonic)
Deleted Softonic EN

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2316 octets] - [21/09/2018 07:02:14]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

ceasare
Návštěvník
Návštěvník
Příspěvky: 62
Registrován: 29 říj 2011 21:22

Re: Prosím o kontrolu

#5 Příspěvek od ceasare »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.09.2018
Ran by Tomino (administrator) on TOMINO-PC (21-09-2018 20:22:22)
Running from C:\Users\Tomino\Desktop
Loaded Profiles: Tomino (Available Profiles: Tomino)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Bitdefender LLC) C:\Program Files\Bitdefender\Tools\BDAntiRansomware\BDAntiRansomware.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Vivaldi Technologies AS) C:\Users\Tomino\AppData\Local\Vivaldi\Application\update_notifier.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
() C:\Program Files (x86)\DFX\dfx.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
() C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(KoshyJohn.com) C:\Users\Tomino\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(BitTorrent, Inc.) C:\Users\Tomino\AppData\Roaming\uTorrent\utorrent.exe
() C:\Program Files\MKVToolNix\mkvtoolnix-gui.exe
() C:\Program Files\MKVToolNix\mkvmerge.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
HKLM-x32\...\Run: [FxSound Enhancer] => C:\Program Files (x86)\DFX\dfx.exe [1698296 2018-05-01] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-08-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [64096 2018-08-16] (Avira Operations GmbH & Co. KG)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Run: [Ramoptimizerbar] => C:\RamoptimizerBar\RamOptimizerBar1.exe
HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Run: [Vivaldi Update Notifier] => C:\Users\Tomino\AppData\Local\Vivaldi\Application\update_notifier.exe [1495624 2018-08-06] (Vivaldi Technologies AS)
HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Run: [Memory Cleaner] => C:\Users\Tomino\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe [1035912 2017-09-18] (KoshyJohn.com)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 217.112.162.34 217.112.160.1
Tcpip\..\Interfaces\{8DBC73DE-2EDD-4D13-BDC4-39CE11814C52}: [NameServer] 217.112.162.34,217.112.160.1
Tcpip\..\Interfaces\{AC6877A1-7B00-49EF-BEF8-9066CDAAF3E0}: [DhcpNameServer] 217.112.162.34 217.112.160.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2827928165-1415540819-1374306264-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2827928165-1415540819-1374306264-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-07-18] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-18] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Tomino\AppData\Roaming\Mozilla\Firefox\Profiles\pCbVo4ce.default [2018-08-15]
FF Extension: (Avira Browser Safety) - C:\Users\Tomino\AppData\Roaming\Mozilla\Firefox\Profiles\pCbVo4ce.default\Extensions\abs@avira.com [2018-08-15]
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-09-06] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-09-06] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems)

Chrome:
=======
CHR HomePage: Default -> hxxp://google.sk/
CHR StartupUrls: Default -> "hxxp://mystart.incredibar.com/mb187?a=6OyT6MPidt&i=26","hxxp://us.yahoo.com?fr=fpc-comodo","hxxp://www.delta-search.com/?affID=119816&tt=1 ... oogle.com/"
CHR NewTab: Default -> Not-active:"chrome-extension://ofmacdiceehcibkfednmgpkhgfhpacgi/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default [2018-09-21]
CHR Extension: (Prekladač Google) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-06-22]
CHR Extension: (Prezentácie) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-22]
CHR Extension: (Dokumenty) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-22]
CHR Extension: (Disk Google) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-22]
CHR Extension: (Custom Fanart.tv) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aphkfmggmfnafpjglcffibhhnnlpabpp [2018-09-20]
CHR Extension: (YouTube) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-22]
CHR Extension: (Tampermonkey) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-08-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-06-22]
CHR Extension: (Tabuľky) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-22]
CHR Extension: (Avira Browser Safety) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-08-15]
CHR Extension: (uTorrent easy client) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfiejlelblhoaflnjajjjjkkgbeifpn [2018-06-22]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-15]
CHR Extension: (The West) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilkgeioneoemibpddeiamfgiofnpjifm [2018-06-22]
CHR Extension: (EPUBReader) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhhclmfgfllimlhabjkgkeebkbiadflb [2018-06-22]
CHR Extension: (RARBG Monitor) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkgcfdmlnfpdjmnheeojdlgpmhaeekga [2018-09-20]
CHR Extension: (Fair AdBlocker) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgblnfidahcdcjddiepkckcfdhpknnjh [2018-07-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-22]
CHR Extension: (New Tab Beautiful Page) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofmacdiceehcibkfednmgpkhgfhpacgi [2018-07-10]
CHR Extension: (CSFD Vyhľadávanie & Rozšírenia) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookhejngpnlkejplknjeligcfnegimip [2018-06-22]
CHR Extension: (Gmail) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-22]
CHR Extension: (Chrome Media Router) - C:\Users\Tomino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-19]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [895056 2018-09-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [226000 2018-09-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [226000 2018-09-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1148568 2018-09-04] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [436848 2018-08-17] (Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2981360 2018-07-27] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7211968 2018-08-20] ()
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-16] (EasyAntiCheat Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2216256 2018-09-18] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3087176 2018-09-18] (Electronic Arts)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [73240 2018-08-03] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [199920 2018-08-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [153040 2018-08-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2018-08-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2018-08-03] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [34128 2018-08-03] (Avira Operations GmbH & Co. KG)
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2018-03-08] (Windows (R) Win 7 DDK provider)
R3 DFX12; C:\Windows\System32\drivers\dfx12x64.sys [29688 2018-03-08] (Windows (R) Win 7 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2018-02-28] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-21 10:49 - 2018-09-21 10:49 - 000059959 _____ C:\Users\Tomino\Desktop\sicario.day.of.the.soldado.2018.1080p.bluray.x264-geckos.srt
2018-09-21 10:45 - 2018-09-21 10:45 - 000059959 _____ C:\Users\Tomino\Desktop\Sicario_ Day of the Soldado (303767).srt
2018-09-21 10:45 - 2018-09-21 10:45 - 000025304 _____ C:\Users\Tomino\Desktop\Titulky-2018-21-09--10_45_13.zip
2018-09-21 10:45 - 2018-09-21 10:45 - 000000157 _____ C:\Users\Tomino\Desktop\_info.txt
2018-09-21 07:01 - 2018-09-21 07:02 - 000000000 ____D C:\AdwCleaner
2018-09-21 06:58 - 2018-09-21 06:58 - 007571152 _____ (Malwarebytes) C:\Users\Tomino\Desktop\adwcleaner_7.2.3.1.exe
2018-09-20 21:53 - 2018-09-21 20:22 - 000020711 _____ C:\Users\Tomino\Desktop\FRST.txt
2018-09-20 21:53 - 2018-09-20 21:54 - 000044705 _____ C:\Users\Tomino\Desktop\Addition.txt
2018-09-20 21:52 - 2018-09-20 21:52 - 002413568 _____ (Farbar) C:\Users\Tomino\Desktop\FRST64.exe
2018-09-18 04:19 - 2018-09-21 16:21 - 000000000 ____D C:\Users\Tomino\Downloads\opera autoupdate
2018-09-17 22:58 - 2018-09-17 22:58 - 000000915 _____ C:\Users\Tomino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk
2018-09-17 22:58 - 2018-09-17 22:58 - 000000000 ____D C:\Program Files\MediaInfo
2018-09-17 22:52 - 2018-09-17 22:57 - 000000000 ____D C:\Program Files (x86)\MediaInfo Lite
2018-09-17 17:38 - 2018-09-17 17:38 - 000006437 _____ C:\Users\Tomino\Desktop\vikings.portage.(6583601).nfo
2018-09-17 17:26 - 2018-09-17 17:26 - 000004116 _____ C:\Users\Tomino\Downloads\Vikings S04.TXT
2018-09-17 15:27 - 2018-09-17 15:27 - 000004080 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1537190839
2018-09-17 15:27 - 2018-09-17 15:27 - 000001295 _____ C:\Users\Tomino\Desktop\Prehliadač Opera.lnk
2018-09-17 15:27 - 2018-09-17 15:27 - 000001295 _____ C:\Users\Tomino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2018-09-17 15:20 - 2018-09-17 15:21 - 141196646 _____ C:\Users\Tomino\Downloads\The X-Files S11E10 CZ audio.rar
2018-09-17 15:17 - 2018-09-17 15:17 - 061277280 _____ C:\Users\Tomino\Downloads\20180916 2220 - Prima COOL HD - Vikingové IV (8) -W -HD_1.mpa
2018-09-17 15:16 - 2018-09-17 15:17 - 059560320 _____ C:\Users\Tomino\Downloads\20180917 0030 - Prima COOL HD - Akta X XI (10) -W -HD_1.mpa
2018-09-16 12:56 - 2018-09-16 12:56 - 143149056 _____ C:\Users\Tomino\Downloads\20180915 2350 - Prima COOL HD - Akta X XI (9) -W -HD_2.ac3
2018-09-15 09:25 - 2018-09-15 09:25 - 051379200 _____ C:\Users\Tomino\Downloads\20180914 0115 - HBO3 - Černé jezero (4).mpa
2018-09-15 09:22 - 2018-09-15 09:22 - 000001310 _____ C:\Users\Public\Desktop\Skype.lnk
2018-09-14 08:45 - 2018-09-14 08:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TitulkyCom
2018-09-14 08:45 - 2018-09-14 08:45 - 000000000 ____D C:\Program Files (x86)\TitulkyCom
2018-09-13 14:56 - 2018-09-13 14:56 - 017277901 _____ C:\Users\Tomino\Desktop\Skyexchange-1.2.5.zip
2018-09-12 10:27 - 2018-09-12 10:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyklotrasy
2018-09-12 10:26 - 2018-09-12 10:27 - 000000000 ____D C:\Program Files (x86)\Cyklotrasy
2018-09-12 10:26 - 2018-09-12 10:26 - 000000000 ____D C:\ProgramData\EAGLE Software
2018-09-11 00:27 - 2018-09-06 03:27 - 000132408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2018-09-11 00:24 - 2018-09-06 20:29 - 040346696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 040190064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 032457848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 017014560 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-09-11 00:24 - 2018-09-06 20:29 - 003967664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 003505224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 002014624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439924.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 001563904 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 001467624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439924.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 001420464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 001217440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 001093704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 000628912 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-09-11 00:24 - 2018-09-06 20:29 - 000518912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-09-11 00:24 - 2018-09-06 20:28 - 035251048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-09-11 00:24 - 2018-09-06 20:28 - 031248872 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-09-11 00:24 - 2018-09-06 20:28 - 020331240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-09-11 00:24 - 2018-09-06 20:28 - 013732232 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-09-11 00:24 - 2018-09-06 20:28 - 011277048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-09-11 00:24 - 2018-09-06 20:28 - 000420144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 025965064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 017754464 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 015698384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 015168800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 004084200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 001159400 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 000906904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 000546808 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 000464832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 000182552 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 000164904 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 000159848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-09-11 00:24 - 2018-09-06 20:27 - 000142592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-09-09 13:10 - 2018-09-09 13:11 - 000000000 ____D C:\Users\Tomino\Documents\Battlefield V Open Beta
2018-09-09 09:16 - 2018-09-09 09:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit
2018-09-09 09:16 - 2018-09-09 09:16 - 000000000 ____D C:\Program Files\Subtitle Edit
2018-09-03 21:44 - 2018-09-14 09:10 - 000000000 ____D C:\Users\Tomino\Documents\Kopie
2018-09-02 21:28 - 2018-09-02 21:28 - 000009496 _____ C:\Users\Tomino\Documents\Untitled.veg
2018-09-01 21:07 - 2018-09-05 22:24 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\FileZilla
2018-09-01 21:07 - 2018-09-05 22:24 - 000000000 ____D C:\Users\Tomino\AppData\Local\FileZilla
2018-09-01 21:07 - 2018-09-01 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2018-09-01 21:07 - 2018-09-01 21:07 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2018-09-01 06:43 - 2018-09-01 06:43 - 000000108 _____ C:\Users\Tomino\Desktop\1.url
2018-08-31 23:30 - 2018-08-31 23:30 - 000016487 _____ C:\Windows\SysWOW64\Defrag.debuglog
2018-08-31 23:30 - 2018-08-31 23:30 - 000000000 ____D C:\Users\Tomino\AppData\Local\AviraSpeedup
2018-08-31 19:33 - 2018-08-31 19:33 - 000115747 _____ C:\Users\Tomino\Downloads\Adrift 2018 720p BluRay DD5.1 x264-LoRD.torrent
2018-08-31 08:57 - 2018-09-20 13:10 - 000002061 _____ C:\Users\Tomino\AppData\Roaming\downloads.json
2018-08-31 08:57 - 2018-09-20 13:10 - 000000000 ____D C:\Users\Tomino\Documents\YouTubeDownloads
2018-08-31 08:57 - 2018-09-01 17:34 - 000000000 ____D C:\Users\Tomino\AppData\Local\Flvto Youtube Downloader
2018-08-31 08:57 - 2018-08-31 08:57 - 000004084 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1535698649
2018-08-31 08:57 - 2018-08-31 08:57 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\Opera Software
2018-08-31 08:57 - 2018-08-31 08:57 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader
2018-08-31 08:57 - 2018-08-31 08:57 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\FlvtoConverter
2018-08-31 08:57 - 2018-08-31 08:57 - 000000000 ____D C:\Users\Tomino\AppData\Local\Opera Software
2018-08-31 08:57 - 2018-08-31 08:57 - 000000000 ____D C:\Users\Tomino\AppData\Local\FlvtoYoutubeDownloader
2018-08-29 17:59 - 2018-08-29 17:59 - 000235321 _____ C:\Users\Tomino\Downloads\[nCore][hdser]Bron.S03.SWEDISH.1080p.BluRay.x264-GNiSTOR.torrent
2018-08-29 13:27 - 2018-08-29 13:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitnami
2018-08-29 12:56 - 2018-08-29 12:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2018-08-29 12:54 - 2018-08-29 13:26 - 000000000 ____D C:\xampp
2018-08-28 21:19 - 2018-08-22 18:11 - 002015184 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439907.dll
2018-08-28 21:19 - 2018-08-22 18:11 - 001467728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439907.dll
2018-08-26 19:35 - 2018-09-20 13:04 - 000000000 ____D C:\Users\Tomino\Desktop\Štefaňo príprava
2018-08-23 03:58 - 2018-09-21 20:21 - 000000000 ____D C:\Users\Public\Speedup Sessions
2018-08-22 04:12 - 2018-08-22 04:12 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\KoshyJohn.com
2018-08-22 04:12 - 2018-08-22 04:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KoshyJohn.com

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-21 20:22 - 2018-06-17 13:57 - 000000000 ____D C:\FRST
2018-09-21 20:22 - 2018-02-14 22:30 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\uTorrent
2018-09-21 20:05 - 2018-02-15 20:17 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\vlc
2018-09-21 18:53 - 2018-06-23 14:46 - 000000000 ____D C:\Users\Tomino\Downloads\torrent súbori
2018-09-21 18:30 - 2018-08-15 00:39 - 000003292 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2018-09-21 16:27 - 2018-02-17 22:21 - 000005000 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Tomino-PC-Tomino Tomino-PC
2018-09-21 16:23 - 2009-07-14 06:45 - 000021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-21 16:23 - 2009-07-14 06:45 - 000021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-21 16:18 - 2018-02-14 19:26 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-21 16:16 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-21 16:14 - 2018-08-15 00:40 - 000003112 _____ C:\Windows\System32\Tasks\BDAntiCryptoWallTask
2018-09-21 13:38 - 2018-06-22 22:55 - 000000000 ____D C:\Program Files (x86)\Origin Games
2018-09-21 13:38 - 2018-04-12 13:19 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\Origin
2018-09-21 13:38 - 2018-02-26 17:03 - 000000000 ____D C:\ProgramData\Origin
2018-09-21 13:31 - 2018-07-02 08:00 - 000000000 ____D C:\Users\Tomino\Desktop\OLSEN SPA
2018-09-21 06:56 - 2018-02-14 10:58 - 000000000 ___RD C:\Users\Tomino\Documents\Evka
2018-09-21 06:55 - 2018-05-04 01:02 - 000000000 ____D C:\Users\Tomino\Desktop\Najnovšie!!!!!!
2018-09-21 02:00 - 2018-03-06 00:10 - 000000000 ____D C:\Users\Tomino\AppData\Local\Adobe
2018-09-20 22:00 - 2018-04-05 17:02 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-09-20 22:00 - 2018-04-05 17:01 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-09-20 21:15 - 2018-03-06 00:24 - 000000132 _____ C:\Users\Tomino\AppData\Roaming\Adobe PNG Format CS6 Prefs
2018-09-20 13:02 - 2018-02-14 10:58 - 000000000 ___RD C:\Users\Tomino\Documents\Tomáško
2018-09-20 05:14 - 2009-07-14 07:08 - 000032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-09-19 20:13 - 2010-01-01 01:03 - 000007665 _____ C:\Users\Tomino\AppData\Local\resmon.resmoncfg
2018-09-18 22:42 - 2018-02-14 21:14 - 000002236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-18 13:53 - 2018-04-12 13:19 - 000000000 ____D C:\Program Files (x86)\Origin
2018-09-17 22:52 - 2018-02-24 13:00 - 000000000 ____D C:\Program Files (x86)\MediaInfo
2018-09-17 09:35 - 2018-06-21 10:25 - 000000000 ____D C:\Users\Tomino\AppData\Local\ElevatedDiagnostics
2018-09-16 07:15 - 2018-02-26 00:30 - 000000000 ____D C:\KMPlayer
2018-09-16 06:18 - 2018-02-14 23:11 - 000000000 ____D C:\Users\Tomino\AppData\Local\NVIDIA Corporation
2018-09-15 12:10 - 2018-02-14 19:26 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-09-15 09:22 - 2018-04-09 15:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-09-14 08:45 - 2018-06-09 05:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSFilter
2018-09-14 08:45 - 2018-06-09 05:56 - 000000000 ____D C:\Program Files\VSFilter
2018-09-13 17:55 - 2018-02-14 21:31 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\.minecraft
2018-09-12 11:27 - 2018-06-09 08:36 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\Subtitle Edit
2018-09-12 10:25 - 2018-06-13 13:00 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-09-12 10:25 - 2018-06-13 13:00 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-12 10:25 - 2018-06-13 13:00 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-09-12 10:25 - 2018-06-13 13:00 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-09-12 10:25 - 2018-06-13 13:00 - 000000000 ____D C:\Windows\system32\Macromed
2018-09-12 10:25 - 2018-03-06 00:12 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-09-11 15:09 - 2018-02-14 21:38 - 000000000 ____D C:\Users\Tomino\AppData\Local\NVIDIA
2018-09-11 00:27 - 2018-02-15 17:56 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-09-11 00:27 - 2018-02-14 20:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-09-11 00:27 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-09-11 00:26 - 2018-05-22 23:43 - 000000000 ____D C:\Windows\system32\unknown
2018-09-10 19:32 - 2018-04-17 17:40 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2018-09-10 09:03 - 2018-04-12 13:41 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2018-09-09 23:37 - 2018-03-09 20:22 - 000000000 ____D C:\Users\Tomino\AppData\Local\JDownloader 2.0
2018-09-09 13:10 - 2018-02-14 23:11 - 000000000 ____D C:\Users\Tomino\ansel
2018-09-08 20:50 - 2018-04-16 12:37 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\avidemux
2018-09-08 13:35 - 2009-07-14 07:13 - 000781298 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-07 06:49 - 2018-08-19 10:24 - 000000000 ____D C:\Users\Tomino\Documents\Skenovanie
2018-09-06 20:28 - 2018-03-21 17:45 - 023306368 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2018-09-06 20:28 - 2018-03-21 17:45 - 000505696 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2018-09-06 20:27 - 2018-03-21 17:45 - 019088408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-09-06 20:27 - 2018-03-21 17:45 - 004615416 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-09-06 04:50 - 2018-03-21 17:45 - 000041866 _____ C:\Windows\system32\nvinfo.pb
2018-09-06 03:18 - 2018-03-21 17:48 - 005947704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-09-06 03:18 - 2018-03-21 17:48 - 002612616 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2018-09-06 03:17 - 2018-03-21 17:48 - 008330242 _____ C:\Windows\system32\nvcoproc.bin
2018-09-06 03:17 - 2018-03-21 17:48 - 001767280 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-09-06 03:17 - 2018-03-21 17:48 - 000634248 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-09-06 03:17 - 2018-03-21 17:48 - 000450416 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-09-06 03:17 - 2018-03-21 17:48 - 000124112 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-09-06 03:17 - 2018-03-21 17:48 - 000083256 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-09-05 20:12 - 2018-03-21 17:47 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2018-09-05 14:55 - 2018-02-26 00:47 - 000000000 ____D C:\Users\Tomino\AppData\Local\CrashDumps
2018-09-04 07:01 - 2018-08-15 00:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-09-04 06:57 - 2018-04-27 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2018-09-04 06:57 - 2018-04-27 10:39 - 000000000 ____D C:\Program Files\MPC-HC
2018-09-03 13:45 - 2018-02-27 13:39 - 000000000 ____D C:\Users\Tomino\Documents\Súbory programu Outlook
2018-09-02 13:17 - 2018-07-27 16:26 - 000000000 ____D C:\Users\Tomino\AppData\Local\FileUploader
2018-09-02 13:17 - 2018-05-31 19:24 - 000000000 ____D C:\ProgramData\FileUploader
2018-08-31 23:31 - 2018-06-17 13:24 - 000000000 ____D C:\Windows\pss
2018-08-31 23:31 - 2018-06-08 15:40 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-08-31 23:31 - 2018-06-08 11:07 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\AccurateRip
2018-08-31 23:31 - 2018-06-07 07:41 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\VideoReDo-TVSuite5
2018-08-31 23:31 - 2018-06-07 07:41 - 000000000 ____D C:\Program Files (x86)\VideoReDoTVSuite5
2018-08-31 23:31 - 2018-05-04 11:23 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\Sony
2018-08-31 23:31 - 2018-04-17 10:22 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\Anvsoft
2018-08-31 23:31 - 2018-02-14 10:58 - 000000000 ___RD C:\Users\Tomino\Documents\Bastien
2018-08-29 19:22 - 2018-06-08 15:40 - 000000000 ____D C:\Users\Tomino\AppData\Roaming\TeamViewer
2018-08-29 07:39 - 2018-08-15 00:38 - 000000000 ____D C:\ProgramData\Package Cache
2018-08-28 08:24 - 2018-05-04 18:27 - 000000000 ____D C:\ProgramData\TEMP
2018-08-28 08:23 - 2018-06-22 23:17 - 000000000 ____D C:\ProgramData\EZ CD Audio Converter
2018-08-28 08:23 - 2018-05-04 18:27 - 000000887 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZ CD Audio Converter.lnk
2018-08-28 08:23 - 2018-05-04 18:27 - 000000000 ____D C:\Program Files\EZ CD Audio Converter
2018-08-26 00:42 - 2018-02-15 09:33 - 000001744 _____ C:\Users\Tomino\Desktop\Evka - odkaz.lnk
2018-08-24 12:25 - 2018-02-15 09:33 - 000001871 _____ C:\Users\Tomino\Desktop\Tomáško - odkaz.lnk
2018-08-24 12:24 - 2018-02-15 09:33 - 000001861 _____ C:\Users\Tomino\Desktop\Bastien - odkaz.lnk
2018-08-23 03:58 - 2018-08-15 00:40 - 000003666 _____ C:\Windows\System32\Tasks\AviraSystemSpeedupUpdate

==================== Files in the root of some directories =======

2018-04-04 08:48 - 2018-08-11 14:24 - 000000132 _____ () C:\Users\Tomino\AppData\Roaming\Adobe GIF Format CS6 Prefs
2018-04-04 08:52 - 2018-04-04 08:52 - 000000132 _____ () C:\Users\Tomino\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2018-03-06 00:24 - 2018-09-20 21:15 - 000000132 _____ () C:\Users\Tomino\AppData\Roaming\Adobe PNG Format CS6 Prefs
2018-04-22 20:16 - 2018-04-23 10:04 - 000000034 _____ () C:\Users\Tomino\AppData\Roaming\AdobeWLCMCache.dat
2018-08-31 08:57 - 2018-09-20 13:10 - 000002061 _____ () C:\Users\Tomino\AppData\Roaming\downloads.json
2018-07-15 12:14 - 2018-07-15 12:14 - 000099384 _____ () C:\Users\Tomino\AppData\Roaming\inst.exe
2018-07-15 12:14 - 2018-07-15 12:14 - 000007859 _____ () C:\Users\Tomino\AppData\Roaming\pcouffin.cat
2018-07-15 12:14 - 2018-07-15 12:14 - 000001167 _____ () C:\Users\Tomino\AppData\Roaming\pcouffin.inf
2018-07-15 12:14 - 2018-07-15 12:14 - 000000055 _____ () C:\Users\Tomino\AppData\Roaming\pcouffin.log
2018-07-15 12:14 - 2018-07-15 12:14 - 000082816 _____ (VSO Software) C:\Users\Tomino\AppData\Roaming\pcouffin.sys
2018-03-17 04:48 - 2018-03-17 04:57 - 000003584 _____ () C:\Users\Tomino\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-01-01 01:03 - 2018-09-19 20:13 - 000007665 _____ () C:\Users\Tomino\AppData\Local\resmon.resmoncfg
2018-04-07 08:25 - 2016-11-23 15:37 - 000000570 _____ () C:\Users\Tomino\AppData\Local\TroubleshooterConfig.json

Some files in TEMP:
====================
2018-07-27 16:23 - 2018-07-27 16:23 - 000036864 _____ () C:\Users\Tomino\AppData\Local\Temp\FUp_updater.exe
2018-07-19 21:36 - 2018-07-19 21:36 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Tomino\AppData\Local\Temp\jansi-64-1486223245878721707.dll
2018-09-13 17:34 - 2018-09-13 17:34 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Tomino\AppData\Local\Temp\jansi-64-2656740237074623200.dll
2018-07-21 13:52 - 2018-07-21 13:52 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Tomino\AppData\Local\Temp\jansi-64-2965165143488775058.dll
2018-07-19 21:30 - 2018-07-19 21:30 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Tomino\AppData\Local\Temp\jansi-64-4520651762675978306.dll
2018-09-13 17:13 - 2018-09-13 17:13 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Tomino\AppData\Local\Temp\jansi-64-5718738004010714348.dll
2018-09-13 17:39 - 2018-09-13 17:39 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Tomino\AppData\Local\Temp\jansi-64-5754352189491560585.dll
2018-07-23 04:36 - 2018-07-23 04:36 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Tomino\AppData\Local\Temp\jansi-64-6413538051309700359.dll
2018-07-19 21:28 - 2018-07-19 21:28 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Tomino\AppData\Local\Temp\jansi-64-7738664330334315577.dll
2018-07-21 13:50 - 2018-07-21 13:50 - 000019968 _____ (Red Hat®, Inc.) C:\Users\Tomino\AppData\Local\Temp\jansi-64-7960263975620889405.dll
2018-09-13 17:40 - 2018-09-13 17:40 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Tomino\AppData\Local\Temp\jansi-64-8621726349882385764.dll
2018-07-18 22:43 - 2018-07-18 22:43 - 001906040 _____ (Oracle Corporation) C:\Users\Tomino\AppData\Local\Temp\jre-8u181-windows-au.exe
2018-07-04 12:49 - 2018-07-04 12:49 - 038170824 _____ (PandoraTV) C:\Users\Tomino\AppData\Local\Temp\KMP_4.2.2.13.exe
2018-08-16 08:03 - 2018-08-16 08:03 - 038163512 _____ (PandoraTV) C:\Users\Tomino\AppData\Local\Temp\KMP_4.2.2.14.exe
2018-08-22 04:11 - 2017-09-18 09:50 - 001035912 _____ (KoshyJohn.com) C:\Users\Tomino\AppData\Local\Temp\MemClean.exe
2018-06-27 22:43 - 2018-06-24 17:40 - 000640960 _____ (NVIDIA Corporation) C:\Users\Tomino\AppData\Local\Temp\nvSCPAPI.dll
2018-06-27 22:43 - 2018-06-24 17:40 - 000730560 _____ (NVIDIA Corporation) C:\Users\Tomino\AppData\Local\Temp\nvSCPAPI64.dll
2018-06-27 22:40 - 2018-08-21 12:24 - 000395576 _____ (NVIDIA Corporation) C:\Users\Tomino\AppData\Local\Temp\nvStInst.exe
2018-09-09 23:37 - 2018-09-09 23:37 - 000040448 ____N () C:\Users\Tomino\AppData\Local\Temp\proxy_vole1816838570593542271.dll
2018-09-09 23:37 - 2018-09-09 23:37 - 000040448 ____N () C:\Users\Tomino\AppData\Local\Temp\proxy_vole3783066400268044238.dll
2018-09-09 23:37 - 2018-09-09 23:37 - 000040448 ____N () C:\Users\Tomino\AppData\Local\Temp\proxy_vole7395173724568788626.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-17 09:28

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.09.2018
Ran by Tomino (21-09-2018 20:22:53)
Running from C:\Users\Tomino\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2018-02-14 16:52:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2827928165-1415540819-1374306264-500 - Administrator - Disabled)
Guest (S-1-5-21-2827928165-1415540819-1374306264-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2827928165-1415540819-1374306264-1002 - Limited - Enabled)
Tomino (S-1-5-21-2827928165-1415540819-1374306264-1000 - Administrator - Enabled) => C:\Users\Tomino

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.08 - GIGABYTE)
4K Video Downloader 4.4 (HKLM-x32\...\{5B866026-1C73-4A9F-ACB0-0B16E76780B7}) (Version: 4.4.5.2285 - Open Media LLC)
4K YouTube to MP3 3.3 (HKLM-x32\...\{35F6F72F-08F5-4885-8B69-7A3C6C1F038E}) (Version: 3.3.5.1797 - Open Media LLC)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 18.011.20063 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
All Video Sound Extractor 2.8 (HKLM-x32\...\All Video Sound Extractor_is1) (Version: - Zealotsoft,Inc.)
Any Video Converter Ultimate 5.8.3 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
Audacity 2.2.2 (HKLM-x32\...\Audacity_is1) (Version: 2.2.2 - Audacity Team)
AutoGreen B09.1014.2 (HKLM-x32\...\{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE) Hidden
AutoGreen B09.1014.2 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
Avidemux 2.7 - 64 bits (HKLM-x32\...\Avidemux 2.7 - 64 bits (64-bit)) (Version: 2.7.1.180604 - )
Avira (HKLM-x32\...\{532da46c-2aa3-4588-a4a2-b02bc641bf95}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{9620D4C2-CF5B-4DBE-8103-CC9DAB0871C6}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.40.12 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 4.13.0.7681 - Avira Operations GmbH & Co. KG)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
BDAntiRansomware (HKLM\...\{BE40AB1F-558F-4434-B72F-461EF97E7796}_is1) (Version: 1.0.12.151 - Bitdefender)
Bitnami WordPress Module (HKLM-x32\...\Bitnami WordPress Module 4.9.8-0) (Version: 4.9.8-0 - Bitnami)
Browser Configuration Utility (HKLM-x32\...\{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}) (Version: 1.1.18.0 - DeviceVM Inc.) <==== ATTENTION
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - Canon Inc.)
Cyklotrasy 2.44 (HKLM-x32\...\Cyklotrasy 2.44) (Version: - )
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 399.24 - NVIDIA Corporation) Hidden
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
eac3to Decoder Pack 1.4 (HKLM-x32\...\{167887DA-6C4F-4265-8139-8750A543FD52}_is1) (Version: - )
Easy Tune 6 B10.0521.1 (HKLM-x32\...\{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Hidden
Easy Tune 6 B10.0521.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Epic Games Launcher (HKLM-x32\...\{93BFE5DF-776E-436F-8693-DF1F72C0E3C1}) (Version: 1.1.151.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Exact Audio Copy 1.3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.3 - Andre Wiethoff)
EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 7.2 - Poikosoft)
FFmpeg (Windows) for Audacity verze 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.48.30259 - Electronic Arts)
FileZilla Client 3.36.0 (HKLM-x32\...\FileZilla Client) (Version: 3.36.0 - Tim Kosse)
Flvto Youtube Downloader (HKLM\...\Flvto Youtube Downloader) (Version: 1.2.1 - Hotger)
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
Free FLAC to MP3 Converter 1.4 (HKLM-x32\...\{A54C01BD-1277-4722-B42B-EC9800A90B1E}_is1) (Version: 1.4 - PolySoft Solutions)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Inviska MKV Extract version 3.0 (HKLM-x32\...\{215C3EFC-2BE8-4A5A-9A1F-982C15E47CC9}_is1) (Version: 3.0 - Inviska Software)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.14 - PandoraTV)
Kodi (HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Kodi) (Version: - XBMC-Foundation)
Kuki (HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Kuki) (Version: 20160616.000 - SMART Comp. a.s.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Magic FLAC to MP3 Converter 3.71 (HKLM-x32\...\Magic FLAC to MP3 Converter_is1) (Version: - Magic Video)
MakeMKV v1.12.2 (HKLM-x32\...\MakeMKV) (Version: v1.12.2 - GuinpinSoft inc)
MediaInfo 18.08 (HKLM\...\MediaInfo) (Version: 18.08 - MediaArea.net)
Memory Cleaner 2.60 (HKLM\...\MemClean) (Version: 2.60 - KoshyJohn.com)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MKVToolNix 25.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 25.0.0 - Moritz Bunkus)
Mozilla ActiveX Control v1.7.12 (HKLM-x32\...\Mozilla ActiveX Control v1.7.12) (Version: - )
MPC-HC 1.7.18 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.18 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nero 7 Ultra Edition (HKLM-x32\...\{4F2CE68F-EDBB-4592-BF07-5AC930A51051}) (Version: 7.02.6446 - Nero AG)
NVIDIA 3D Vision radič ovládača 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Grafický ovládač 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 399.24 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 399.24 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
ON_OFF Charge B10.0427.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Opera Stable 55.0.2994.61 (HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Opera 55.0.2994.61) (Version: 55.0.2994.61 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.27.11381 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 399.24 - NVIDIA Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Polda 6 verze 1.1 (HKLM-x32\...\Polda 6_is1) (Version: 1.1 - )
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.13963 - Kakao Corp.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.6 - Power Software Ltd)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6077 - Realtek Semiconductor Corp.)
Roblox Player for Tomino (HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Roblox Player for Tomino (HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\roblox-player) (Version: - Roblox Corporation)
Skype verzia 8.30 (HKLM-x32\...\Skype_is1) (Version: 8.30 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Spotify) (Version: 1.0.82.447.g975ad224 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Subtitle Edit 3.5.7 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.7.1 - Nikse)
Subtitle Workshop 6.0b (HKLM-x32\...\SubtitleWorkshop) (Version: - )
Thumbnail me 3.0 (HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Thumbnail me 3.0) (Version: - )
TitulkyCom verze 1.003 (HKLM-x32\...\{19ECB379-937F-4778-9B72-7522B66660AB}_is1) (Version: 1.003 - Martevax s.r.o.)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.10 - Ghisler Software GmbH)
Total Video Converter 3.70 100621 (HKLM-x32\...\Total Video Converter 3.70_is1) (Version: - EffectMatrix Inc.)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
VideoReDo TVSuite Version 4.21.2.662 (HKLM-x32\...\VideoReDo4_is1) (Version: - DRD Systems, Inc.)
VideoReDo TVSuite Version 5.1.1.719 (HKLM-x32\...\VideoReDo5_is1) (Version: - DRD Systems, Inc.)
Vivaldi (HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Vivaldi) (Version: 1.15.1147.64 - Vivaldi)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
VSFilter 2.41.35 (d08a416) Nightly (64-bit) (HKLM\...\vsfilter64_is1) (Version: 2.41.35 - MPC-HC Team)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.56 - VSO Software)
Wargaming.net Game Center (HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Wargaming.net Game Center) (Version: 18.3.2.9853 - Wargaming.net)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 7.2.9-0 - Bitnami)
YouTube By Click (HKLM-x32\...\{483BD1CD-8516-4174-8D7B-E7CD0D86B917}) (Version: 2.2.84 - ByClick) Hidden
YouTube By Click (HKLM-x32\...\YouTube By Click 2.2.84) (Version: 2.2.84 - ByClick)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2827928165-1415540819-1374306264-1000_Classes\CLSID\{869C14C8-1830-491F-B575-5F9AB40D2B42}\InprocServer32 -> C:\Program Files\MediaInfo\MediaInfo_InfoTip.dll (MediaArea.net)
CustomCLSID: HKU\S-1-5-21-2827928165-1415540819-1374306264-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-02-28] (Nero AG)
ContextMenuHandlers1-x32: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2016-01-01] (Poikosoft)
ContextMenuHandlers1-x32: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2016-05-25] (Power Software Ltd)
ContextMenuHandlers1-x32: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-09-04] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1-x32: [SystemSpeedupFilesMenu] -> {ef263503-8f0e-3e6a-ae2e-fe0b4b441d52} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ContextMenuHandlers1-x32: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers4: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2016-01-01] (Poikosoft)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2016-05-25] (Power Software Ltd)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {3d52b24d-33bb-3895-99ea-a0156f24a3f9} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-09-06] (NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {cefaf456-bc17-3f4b-b7d9-75070925911b} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2016-05-25] (Power Software Ltd)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-09-04] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {14CE4751-4852-43F6-BAB5-5F6298DB6097} - System32\Tasks\Opera scheduled Autoupdate 1535698649 => C:\Users\Tomino\AppData\Local\Programs\Opera\launcher.exe [2018-09-13] (Opera Software)
Task: {305FEA55-603A-49FC-BF2E-62EBA1236B53} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {353A79D2-F45C-4931-8126-39E317D21DD8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-09-12] (Adobe Systems Incorporated)
Task: {3C630C9A-3827-4627-BF3E-3486F7A38BAD} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {497A5E52-AEA3-455C-B145-69E0DE26174E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-07-19] (NVIDIA Corporation)
Task: {53DF3898-2CC6-4230-A71E-6DE192C86F8D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-14] (Google Inc.)
Task: {56B51740-CB74-44DA-B8B8-D246D0ACCFFC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {6FEE8D71-8C1C-4A80-B763-89B025E353C0} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-07-19] (NVIDIA Corporation)
Task: {7A68C750-277E-46FD-A9EC-4545A6CAAAD8} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [2018-08-23] (Avira Operations GmbH & Co. KG )
Task: {82257BDE-2F71-4153-931D-9C297335A2D5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {8503D2B0-0D86-4C5D-AED0-6A5B7C977467} - System32\Tasks\AdobeAAMUpdater-1.0-Tomino-PC-Tomino => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {8AD98262-8C46-4652-94DF-84245D8A7841} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_pepper.exe [2018-09-12] (Adobe Systems Incorporated)
Task: {91E117E1-067F-48A3-A4CA-85BC2A1150C6} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {9721550B-EEF4-44FA-B16B-4A805ABFDB20} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {99530FD4-B8D9-4609-874D-D6008FB422FD} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-09-04] (Avira Operations GmbH & Co. KG)
Task: {9D3E99A5-7B75-412B-8A51-D818F6E4B576} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
Task: {A2EE28D3-A1C6-44F6-9028-D9A7E56661D7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-14] (Google Inc.)
Task: {A95F9500-2483-4713-87DC-F437A4C0606C} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Tomino-PC-Tomino Tomino-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {AB1FC029-E7DF-4516-BAED-5BF808FB7106} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {B09875B1-C1AD-4580-8698-49A0FD15444B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {B9F0A727-7A2C-476B-8746-26C4D9A549D4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-07-19] (NVIDIA Corporation)
Task: {C49D2492-389B-48B6-8900-DDD91FA410E3} - System32\Tasks\Opera scheduled Autoupdate 1537190839 => C:\Users\Tomino\AppData\Local\Programs\Opera\launcher.exe [2018-09-13] (Opera Software)
Task: {C883D348-43F2-4416-BFA2-46AD14EA1EAB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {CAA6324F-3481-487D-B276-B4628D9B05DC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {D4FC9127-9CB0-4685-AA28-E3C69D904E61} - System32\Tasks\AdobeGCInvoker-1.0-Tomino-PC-Tomino => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {F0FA17C9-23F9-4216-A6A4-A8D70B6C5ADE} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {F6E84A60-6A23-4391-B13E-9885C8061911} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {FAB97F9F-74C3-49BB-95CB-BBD29C3796CF} - System32\Tasks\BDAntiCryptoWallTask => C:\Program Files\Bitdefender\Tools\BDAntiRansomware\BDAntiRansomware.exe [2017-01-23] (Bitdefender LLC)
Task: {FAEBD8A1-A5A1-4908-B047-F6151E1DF354} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-06-10 01:41 - 2016-06-10 01:41 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2018-08-27 13:57 - 2018-08-27 13:57 - 000054440 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2018-08-15 00:40 - 2016-08-16 10:21 - 000091648 _____ () C:\Program Files\Bitdefender\Tools\BDAntiRansomware\BDMetrics.dll
2018-04-05 15:21 - 2018-05-01 09:36 - 001698296 _____ () C:\Program Files (x86)\DFX\dfx.exe
2018-05-22 23:36 - 2018-07-19 22:20 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-04-05 15:16 - 2018-04-05 15:16 - 000161784 _____ () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
2018-04-05 15:17 - 2018-04-05 15:17 - 000176120 _____ () C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
2018-04-05 15:26 - 2018-04-05 15:26 - 000098296 _____ () C:\Program Files (x86)\Common Files\DFX\Dlls\dfxShared64.dll
2018-05-22 23:36 - 2018-07-19 22:19 - 095437352 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-05-22 23:36 - 2018-07-19 22:19 - 003029032 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-05-22 23:36 - 2018-07-19 22:19 - 000149544 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2018-07-12 20:48 - 2018-07-12 20:48 - 029978360 _____ () C:\Program Files\MKVToolNix\mkvtoolnix-gui.exe
2018-07-12 20:47 - 2018-07-12 20:47 - 008436456 _____ () C:\Program Files\MKVToolNix\mkvmerge.exe
2018-04-05 15:26 - 2018-04-05 15:26 - 000083960 _____ () C:\Program Files (x86)\Common Files\DFX\Dlls\dfxShared32.dll
2018-08-01 18:32 - 2018-07-19 22:19 - 000020008 _____ () c:\program files (x86)\nvidia corporation\nvstreamsrv\detoured.dll
2018-08-15 00:39 - 2018-08-03 23:20 - 001204472 _____ () C:\Program Files (x86)\Avira\Antivirus\crypto-42.dll
2018-08-15 00:39 - 2018-08-03 23:20 - 000243352 _____ () C:\Program Files (x86)\Avira\Antivirus\ssl-44.dll
2018-02-14 23:11 - 2018-07-19 22:19 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:gs5sys [2304]
AlternateDataStreams: C:\Users\All Users:gs5sys [2304]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [2304]
AlternateDataStreams: C:\ProgramData\TEMP:0888F409 [147]
AlternateDataStreams: C:\ProgramData\TEMP:3440EB47 [216]
AlternateDataStreams: C:\ProgramData\TEMP:66633281 [148]
AlternateDataStreams: C:\ProgramData\TEMP:93433455 [814]
AlternateDataStreams: C:\ProgramData\TEMP:ADAB671B [128]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\57132958.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\57132958.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2018-06-22 22:39 - 000000841 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomino\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 217.112.162.34 - 217.112.160.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: wuauserv => 3
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Spotify => C:\Users\Tomino\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Tomino\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Vivaldi Update Notifier => "C:\Users\Tomino\AppData\Local\Vivaldi\Application\update_notifier.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D5BD23F3-6984-457B-A12D-56E7643D4E29}] => (Allow) C:\Users\Tomino\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{8F842912-47A6-4E66-BC91-610194782F7C}] => (Allow) C:\Users\Tomino\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{7BB9C2A3-0496-4BF3-8F76-0B4FDE1AF0CB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{106C6F1B-5A8B-4246-80CF-9B05FCAE04F5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{8E0028BB-2211-4ACB-BFAA-75EBC722D508}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{22CB1CA4-0660-4F03-A897-37FC5346CB81}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{B4DC6ED2-C308-4AEE-A897-6D73E04BFF60}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{018778FE-4BF7-409C-929D-9714787CB962}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E9FF377A-50C2-4D0D-B67E-42FD8C85EA6C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{31B29679-118D-41E5-A67D-35283D35F28B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{7C431C17-54B5-4B53-82D9-F33688777EDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D0904536-6E9E-4E10-92A3-D508385FD61C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EBB26664-E421-4621-9B2E-B8B3CAFCAE28}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{C49163A0-BD8B-4DE3-A2BE-AEC0C0185EB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D4984643-3F16-4F05-BFFE-6811965F4CF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D83A1F3C-D086-41E5-BDAD-1ED613B801C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7DB3E909-F172-4168-81EA-FD04B7445CEE}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{FCCFBA55-21BA-4B53-B764-3EA92C09978E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [TCP Query User{757E600A-7DF5-4967-9CA9-1D70C18BF927}X:\games\fifa 17\fifa17.exe] => (Allow) X:\games\fifa 17\fifa17.exe
FirewallRules: [UDP Query User{1E167041-D891-43D4-8C71-BC425AB3E7D0}X:\games\fifa 17\fifa17.exe] => (Allow) X:\games\fifa 17\fifa17.exe
FirewallRules: [TCP Query User{F174C8FD-5004-4B61-9B55-4D914FFC0FE1}C:\program files\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_181\bin\javaw.exe
FirewallRules: [UDP Query User{36E2623F-325B-4506-896B-EFC0A0CCE80B}C:\program files\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_181\bin\javaw.exe
FirewallRules: [TCP Query User{5104F9E9-C9BF-4218-BE34-BC983F12F60A}C:\hry\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Block) C:\hry\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{BA4C76F2-1966-41B7-8244-7F2354B81204}C:\hry\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Block) C:\hry\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [TCP Query User{790A2478-16AC-4EAE-A9E9-D46CBD66A968}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{3AB17DDD-A7D4-45F7-99E0-94714FC86D4D}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{8632708D-2CF4-4EA8-B6AC-B7B3DABD27B1}X:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) X:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{F5A164FB-55E4-4F83-A44E-4D170183ABB3}X:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) X:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{DFB40238-C370-4B78-AF0D-942BA4AFFD48}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{6DA439F7-CA8F-4BFE-96E4-2F0556454010}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{ABC586DE-0737-4A29-96DA-7F29793625C2}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{0671EB3C-0E5F-4479-89AF-2A193B747C58}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{356F8072-1DF6-4581-9DC5-418778B42D99}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{2C760EED-74B2-451C-B07A-A9A52CDAFC43}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{A7A474C7-2139-4539-BAF0-297ED5D66B78}] => (Allow) C:\Users\Tomino\AppData\Local\Programs\Opera\55.0.2994.44\opera.exe
FirewallRules: [{8D0E89BF-732E-4A31-BF3A-978E20F71F57}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{446EA9AC-F1B2-4D00-9B7D-0905D6F2D88C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{69A04DBE-49D8-40DE-A083-3179C194EDAA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

21-09-2018 02:12:50 Plánovaný kontrolný bod

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/21/2018 04:16:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/21/2018 04:14:58 PM) (Source: AviraOptimizerHost) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/21/2018 10:19:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/21/2018 07:04:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/21/2018 07:04:08 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (09/20/2018 08:26:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program mpc-hc64.exe version 1.7.18.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 23d8

Start Time: 01d4510f4f37f523

Termination Time: 22

Application Path: C:\Program Files\MPC-HC\mpc-hc64.exe

Report Id: aec7d4e4-bd02-11e8-a7cf-1c6f659d91c9

Error: (09/20/2018 06:15:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/20/2018 06:14:03 PM) (Source: AviraOptimizerHost) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (09/21/2018 07:02:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 6000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (09/21/2018 07:02:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Avira Optimizer Host sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/21/2018 07:02:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 1000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (09/21/2018 07:02:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Software Integrity Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/21/2018 07:02:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Service Host sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 10000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (09/21/2018 07:02:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Media Player - služba zdieľania v sieti sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (09/21/2018 07:02:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA NetworkService Container sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/21/2018 07:02:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management & Security Application User Notification Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz
Percentage of memory in use: 49%
Total physical RAM: 3959.49 MB
Available physical RAM: 1987.79 MB
Total Virtual: 7917.17 MB
Available Virtual: 5227.98 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.79 GB) (Free:12.17 GB) NTFS
Drive x: () (Fixed) (Total:465.76 GB) (Free:118.47 GB) NTFS
Drive y: (Lokálny disk) (Fixed) (Total:3725.9 GB) (Free:401.53 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 9BB1274D)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 949F226D)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu

#6 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    File: C:\Program Files (x86)\DFX\dfx.exe
    File: C:\Users\Tomino\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe
    File: C:\Users\Tomino\AppData\Roaming\inst.exe
    Folder: C:\RamoptimizerBar
    Folder: C:\Program Files (x86)\TitulkyCom
    Folder: C:\Windows\system32\unknown
    CMD: type "C:\Users\Tomino\Desktop\1.url"
    ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}
    
    HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Run: [Ramoptimizerbar] => C:\RamoptimizerBar\RamOptimizerBar1.exe
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    CHR StartupUrls: Default -> "hxxp://mystart.incredibar.com/mb187?a=6OyT6MPidt&i=26","hxxp://us.yahoo.com?fr=fpc-comodo","hxxp://www.delta-search.com/?affID=119816&tt=190313_wo1&babsrc=HP_ss&mntrId=00FD1C6F654A0286","hxxp://websearch.search-guide.info/?pid=1675&r=2013/11/02&hid=17357841208660309704&lg=EN&cc=SK&unqvl=40","hxxp://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/"
    CHR NewTab: Default ->  Not-active:"chrome-extension://ofmacdiceehcibkfednmgpkhgfhpacgi/newtab.html"
    2018-08-28 08:24 - 2018-05-04 18:27 - 000000000 ____D C:\ProgramData\TEMP
    2018-07-15 12:14 - 2018-07-15 12:14 - 000099384 _____ () C:\Users\Tomino\AppData\Roaming\inst.exe
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
    Task: {82257BDE-2F71-4153-931D-9C297335A2D5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
    Task: {9D3E99A5-7B75-412B-8A51-D818F6E4B576} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
    AlternateDataStreams: C:\ProgramData:gs5sys [2304]
    AlternateDataStreams: C:\Users\All Users:gs5sys [2304]
    AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [2304]
    AlternateDataStreams: C:\ProgramData\TEMP:0888F409 [147]
    AlternateDataStreams: C:\ProgramData\TEMP:3440EB47 [216]
    AlternateDataStreams: C:\ProgramData\TEMP:66633281 [148]
    AlternateDataStreams: C:\ProgramData\TEMP:93433455 [814]
    AlternateDataStreams: C:\ProgramData\TEMP:ADAB671B [128]
    AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
    C:\RamoptimizerBar
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

ceasare
Návštěvník
Návštěvník
Příspěvky: 62
Registrován: 29 říj 2011 21:22

Re: Prosím o kontrolu

#7 Příspěvek od ceasare »

Fix result of Farbar Recovery Scan Tool (x64) Version: 15.09.2018
Ran by Tomino (22-09-2018 16:22:45) Run:2
Running from C:\Users\Tomino\Desktop
Loaded Profiles: Tomino (Available Profiles: Tomino)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\DFX\dfx.exe
File: C:\Users\Tomino\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe
File: C:\Users\Tomino\AppData\Roaming\inst.exe
Folder: C:\RamoptimizerBar
Folder: C:\Program Files (x86)\TitulkyCom
Folder: C:\Windows\system32\unknown
CMD: type "C:\Users\Tomino\Desktop\1.url"
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}

HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\...\Run: [Ramoptimizerbar] => C:\RamoptimizerBar\RamOptimizerBar1.exe
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR StartupUrls: Default -> "hxxp://mystart.incredibar.com/mb187?a=6OyT6MPidt&i=26","hxxp://us.yahoo.com?fr=fpc-comodo","hxxp://www.delta-search.com/?affID=119816&tt=1 ... oogle.com/"
CHR NewTab: Default -> Not-active:"chrome-extension://ofmacdiceehcibkfednmgpkhgfhpacgi/newtab.html"
2018-08-28 08:24 - 2018-05-04 18:27 - 000000000 ____D C:\ProgramData\TEMP
2018-07-15 12:14 - 2018-07-15 12:14 - 000099384 _____ () C:\Users\Tomino\AppData\Roaming\inst.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Task: {82257BDE-2F71-4153-931D-9C297335A2D5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {9D3E99A5-7B75-412B-8A51-D818F6E4B576} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
AlternateDataStreams: C:\ProgramData:gs5sys [2304]
AlternateDataStreams: C:\Users\All Users:gs5sys [2304]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [2304]
AlternateDataStreams: C:\ProgramData\TEMP:0888F409 [147]
AlternateDataStreams: C:\ProgramData\TEMP:3440EB47 [216]
AlternateDataStreams: C:\ProgramData\TEMP:66633281 [148]
AlternateDataStreams: C:\ProgramData\TEMP:93433455 [814]
AlternateDataStreams: C:\ProgramData\TEMP:ADAB671B [128]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
C:\RamoptimizerBar

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 185
Average :
Sum : 268486587
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========


========================= File: C:\Program Files (x86)\DFX\dfx.exe ========================

C:\Program Files (x86)\DFX\dfx.exe
File not signed
MD5: 89C694591C6BC465FBD9BC7942A9C996
Creation and modification date: 2018-04-05 15:21 - 2018-05-01 09:36
Size: 001698296
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/0cc5dc3 ... 535470577/

====== End of File: ======


========================= File: C:\Users\Tomino\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe ========================

C:\Users\Tomino\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe
File is digitally signed
MD5: 96B5A0E1F398F1C4C286B8DACA94E029
Creation and modification date: 2018-08-22 04:12 - 2017-09-18 09:50
Size: 001035912
Attributes: ----A
Company Name: KoshyJohn.com
Internal Name:
Original Name: MemClean.exe
Product: Memory Cleaner
Description: Memory Cleaner (x64)
File Version:
Product Version: 2.60
Copyright: Copyright © 2017 Koshy John. All Rights Reserved.
VirusTotal: https://www.virustotal.com/file/41c622e ... 537543972/

====== End of File: ======


========================= File: C:\Users\Tomino\AppData\Roaming\inst.exe ========================

C:\Users\Tomino\AppData\Roaming\inst.exe
File is digitally signed
MD5: 16E53BFC96CE14021C0E07EB1C198478
Creation and modification date: 2018-07-15 12:14 - 2018-07-15 12:14
Size: 000099384
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/124f371 ... 535354796/

====== End of File: ======


========================= Folder: C:\RamoptimizerBar ========================

not found.

====== End of Folder: ======


========================= Folder: C:\Program Files (x86)\TitulkyCom ========================

2018-09-14 08:45 - 2014-01-07 14:25 - 000050688 ____A [B118DA0EB2035F92A8B711BAC4AC5A79] (Martevax s.r.o.) C:\Program Files (x86)\TitulkyCom\TitulkyCom.exe
2018-09-14 08:45 - 2014-01-07 14:25 - 000016896 ____A [87485EAC2238FE6F49CE024A726A3C03] (Titulky.com) C:\Program Files (x86)\TitulkyCom\TitulkyComLib.dll
2018-09-14 08:45 - 2014-01-07 13:53 - 000013824 ____A [AFE6661BB47EC26A51065B5DFA7DFDC2] (Martevax) C:\Program Files (x86)\TitulkyCom\TitulkyComUtil.exe
2018-09-14 08:45 - 2018-09-14 08:45 - 000008077 ____A [508126E3F367A66AD37405DC7BB566D3] () C:\Program Files (x86)\TitulkyCom\unins000.dat
2018-09-14 08:45 - 2018-09-14 08:45 - 001197921 ____A [402B1D80CCA6F228132BD6DE2DE1D238] () C:\Program Files (x86)\TitulkyCom\unins000.exe
2018-09-14 08:45 - 2018-09-14 08:45 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\TitulkyCom\extras
2018-09-14 08:45 - 2013-12-27 15:55 - 000845006 ____A [707F46ECF220977CDB5BE8EE66350E22] (MPC-HC Team ) C:\Program Files (x86)\TitulkyCom\extras\DirectVobSub_2.41.7259_x64.exe
2018-09-14 08:45 - 2013-12-27 16:11 - 000864288 ____A [66E349B300D8010AE0B33012AA05B5F5] (MPC-HC Team ) C:\Program Files (x86)\TitulkyCom\extras\VSFilter_2.41.35_x64.exe

====== End of Folder: ======


========================= Folder: C:\Windows\system32\unknown ========================

2018-09-11 00:24 - 2018-09-06 20:30 - 000456592 ____A [A903E8EA81E481207E5F678DE5DFF606] (Khronos Group) C:\Windows\system32\unknown\OpenCL32.dll
2018-09-11 00:24 - 2018-09-06 20:30 - 000551768 ____A [3B5D86AFC5E88F4ACE6F818D54C8C5DC] (Khronos Group) C:\Windows\system32\unknown\OpenCL64.dll
2018-09-11 00:24 - 2018-09-06 20:30 - 001056992 ____A [FB0124878E031D927D49A7CD1C3563F9] () C:\Windows\system32\unknown\VulkanRT-Installer.exe

====== End of Folder: ======


========= type "C:\Users\Tomino\Desktop\1.url" =========

[InternetShortcut]
URL=https://hdclub.sk/ucp.php?i=ucp_notific ... aa84408e3f

========= End of CMD: =========

================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}]
"AuthorizedCDFPrefix"=""
"Comments"="This utility optimizes the internet search experience based on your country and language, and adds online games to your system."
"Contact"=""
"DisplayVersion"="1.1.18.0"
"HelpLink"=""
"HelpTelephone"=""
"InstallDate"="20180214"
"InstallLocation"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\"
"InstallSource"="C:\Users\Tomino\AppData\Local\Temp\{8C3AB8FA-D496-4CCB-9B8A-9814EA6ED442}\"
"ModifyPath"="MsiExec.exe /X{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}"
"NoModify"="1"
"NoRepair"="1"
"Publisher"="DeviceVM Inc."
"Readme"=""
"Size"=""
"EstimatedSize"="3056"
"UninstallString"="MsiExec.exe /X{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}"
"URLInfoAbout"="http://www.splashtop.com/"
"URLUpdateInfo"=""
"VersionMajor"="1"
"VersionMinor"="1"
"WindowsInstaller"="1"
"Version"="16842770"
"Language"="0"
"DisplayName"="Browser Configuration Utility"

=== End of ExportKey ===
"HKU\S-1-5-21-2827928165-1415540819-1374306264-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Ramoptimizerbar" => removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"Chrome StartupUrls" => removed successfully
"Chrome NewTab" => removed successfully
C:\ProgramData\TEMP => moved successfully
C:\Users\Tomino\AppData\Roaming\inst.exe => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{82257BDE-2F71-4153-931D-9C297335A2D5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82257BDE-2F71-4153-931D-9C297335A2D5}" => removed successfully
C:\Windows\System32\Tasks\Avast Emergency Update => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Emergency Update" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{9D3E99A5-7B75-412B-8A51-D818F6E4B576}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D3E99A5-7B75-412B-8A51-D818F6E4B576}" => removed successfully
C:\Windows\System32\Tasks\Avast Software\Overseer => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => removed successfully
C:\ProgramData => ":gs5sys" ADS removed successfully
"C:\Users\All Users" => ":gs5sys" ADS not found.
"C:\ProgramData\Application Data" => ":gs5sys" ADS not found.
"C:\ProgramData\TEMP" => ":0888F409" ADS not found.
"C:\ProgramData\TEMP" => ":3440EB47" ADS not found.
"C:\ProgramData\TEMP" => ":66633281" ADS not found.
"C:\ProgramData\TEMP" => ":93433455" ADS not found.
"C:\ProgramData\TEMP" => ":ADAB671B" ADS not found.
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"C:\RamoptimizerBar" => not found
Could not move "C:\Windows\System32\Drivers\etc\hosts" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 135028570 B
Java, Flash, Steam htmlcache => 11970480 B
Windows/system/drivers => 18354422 B
Edge => 0 B
Chrome => 545506626 B
Firefox => 0 B
Opera => 80046664 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 4914 B
Tomino => 3494496643 B

RecycleBin => 0 B
EmptyTemp: => 4 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 22-09-2018 16:27:45)

C:\Windows\System32\Drivers\etc\hosts => Could not move
Could not restore Hosts.

==== End of Fixlog 16:27:45 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu

#8 Příspěvek od Conder »

:arrow: Ak nepoznas/nepouzivas "Browser Configuration Utility", odinstaluj to (Start -> Ovladaci panel -> Programy -> Odinstalovat program).

:arrow: Ako to vyzera s PC? Nastala nejaka zmana alebo su este nejake problemy?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

ceasare
Návštěvník
Návštěvník
Příspěvky: 62
Registrován: 29 říj 2011 21:22

Re: Prosím o kontrolu

#9 Příspěvek od ceasare »

Ďakujem pekne. Určite zmenu cítim. Niečo ešte, ale treba doladiť, ale to bude asi problém v HW.

Ešte raz díky moc :)

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu

#10 Příspěvek od Conder »

:arrow: Tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět