Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu. Děkuji.

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
pan Hankey
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 30 čer 2017 21:18

Prosím o kontrolu logu. Děkuji.

#1 Příspěvek od pan Hankey »

Prosím o kontrolu logu. Děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-06-2019
Ran by Tom78 (administrator) on STROJ (ASUS All Series) (04-06-2019 19:43:05)
Running from C:\Users\Tom78\Desktop
Loaded Profiles: Tom78 (Available Profiles: Tom78)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe
(A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Moje\Programy\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Moje\Programy\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Moje\Programy\Avast\AvastUI.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera_crashreporter.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-11-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Moje\Programy\Avast\AvLaunch.exe [262024 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Winlogon: [Shell] c:\windows\system32\explorer.exe [2616320 2017-06-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\Run: [BloodyKeyboard] => C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe [11374080 2017-11-02] () [File not signed]
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [16442096 2018-07-20] (A FOUR TECH CO., LTD. -> )
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-18] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-18] (On2.com) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-23] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07D9C54A-0CA5-4123-BB82-9CD674575459} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {166CD7F0-36D1-42DB-8534-47D1E2CD14C0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3729392 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1CE3C2ED-DD67-4E9F-84A2-42AFFFD6C3AB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {26C93137-B0D7-4ECC-AEC8-D4001B15E6BE} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2EA62DBA-A4B1-45D8-9C35-6F39CB8BCB48} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {35CB327F-6E9E-4873-9EBD-2E148F87CCBA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_pepper.exe [1452600 2019-05-14] (Adobe Inc. -> Adobe)
Task: {373013AE-4B11-4C81-BAE2-3FD64B7E6A25} - System32\Tasks\Opera scheduled Autoupdate 1503746874 => C:\Moje\Prohlizece\Opera\launcher.exe [1493592 2019-05-23] (Opera Software AS -> Opera Software)
Task: {539D94B4-3B7C-4FF9-8A91-CC10C49A9DD5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5AA301E4-AD64-4B3C-AEAA-DEFB1A0498AE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe [1457208 2019-05-14] (Adobe Inc. -> Adobe)
Task: {6BF9A69D-C5CE-4ECA-991F-A5EE7234A1D6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A3FFF407-1877-4DA0-A931-4C391A3CC3C8} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A81FFF11-86E8-4DFE-A437-9A77957E25A6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-11-20] (Piriform Ltd -> Piriform Ltd)
Task: {B0B9D1C2-99DC-48FC-8028-B5E2471F6465} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B36492E1-071D-4E7D-9FF0-2A09CC6778DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-18] (Google Inc -> Google Inc.)
Task: {B6D9C842-F966-40E7-A51A-BC5B935E8EDC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-18] (Google Inc -> Google Inc.)
Task: {BF72989A-D560-48BE-8B21-8E889CEBEA81} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C3B0B22A-67C2-4563-BAD1-7D4B80586525} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-14] (Adobe Inc. -> Adobe)
Task: {C613889D-5089-457F-804F-A351B635A927} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [591344 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CBDB0659-9C6C-43AA-84CC-CCF62AE4FD47} - System32\Tasks\Avast Emergency Update => C:\Moje\Programy\Avast\AvEmUpdate.exe [2934152 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {E36828D2-6E89-4425-9A1F-8588F12D918C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E64DE30D-9FF7-4D22-86A8-2A847B798338} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648688 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E8318FB3-B134-4D49-8ABD-35C547A57BE7} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 185.73.101.1 8.8.4.4
Tcpip\..\Interfaces\{3E23E901-49BD-4232-B46C-DCEB20E89345}: [DhcpNameServer] 82.99.143.180 8.8.4.4
Tcpip\..\Interfaces\{45DF80BB-9782-4E8A-B0F0-BAB1888F7B4E}: [DhcpNameServer] 82.99.143.180 8.8.4.4
Tcpip\..\Interfaces\{54FFDA33-F641-4D2B-8030-41EF90A57627}: [DhcpNameServer] 185.73.101.1 8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

FireFox:
========
FF DefaultProfile: 0xsqg3cl.default
FF ProfilePath: C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\0xsqg3cl.default [2019-06-02]
FF Session Restore: Mozilla\Firefox\Profiles\0xsqg3cl.default -> is enabled.
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\0xsqg3cl.default\Extensions\sp@avast.com.xpi [2019-04-25]
FF Extension: (uBlock Origin) - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\0xsqg3cl.default\Extensions\uBlock0@raymondhill.net.xpi [2019-05-25]
FF Extension: (Avast Online Security) - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\0xsqg3cl.default\Extensions\wrc@avast.com.xpi [2019-05-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll [2019-05-14] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default [2019-06-04]
CHR Extension: (Disk Google) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-18]
CHR Extension: (YouTube) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-18]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-04]
CHR Extension: (Avast Online Security) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-23]
CHR Extension: (uBlock Adblocker Plus) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhflmgomffaphmnbcogleagmloijbkd [2018-08-24]
CHR Profile: C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\System Profile [2017-12-20]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\Tom78\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2019-04-30]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Moje\Programy\Avast\aswidsagent.exe [6844776 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Moje\Programy\Avast\AvastSvc.exe [409224 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-05-29] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [707144 2019-01-24] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2019-01-24] (GOG Sp. z o.o. -> GOG.com)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-10-16] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-10-21] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [207448 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [262496 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [205848 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61472 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279120 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [167872 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477584 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225608 2019-06-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385880 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
R3 AX88179; C:\Windows\System32\DRIVERS\ax88179_178a.sys [84960 2017-06-13] (Microsoft Windows Hardware Compatibility Publisher -> ASIX Electronics Corp.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2016-12-02] (Disc Soft Ltd -> Disc Soft Ltd)
S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Microsoft Windows -> Intel Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2016-11-08] (Martin Malik - REALiX -> REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31712 2016-11-11] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199760 2016-12-20] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-02-26] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] (Intel(R) Code Signing External -> )
S3 Ser2pl; C:\Windows\System32\DRIVERS\ser2pl64.sys [227248 2017-10-30] (WDKTestCert charles-yeh,131345514351795974 -> Prolific Technology Inc.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2017-04-22] (Disc Soft Ltd -> Duplex Secure Ltd.)
U3 a69pr2i8; C:\Windows\System32\Drivers\a69pr2i8.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-04 19:43 - 2019-06-04 19:43 - 000023119 _____ C:\Users\Tom78\Desktop\FRST.txt
2019-06-04 19:40 - 2019-06-04 19:40 - 002433536 _____ (Farbar) C:\Users\Tom78\Desktop\FRST64.exe
2019-06-04 19:24 - 2019-06-04 19:24 - 000000000 ____D C:\Users\Tom78\AppData\Local\mbamtray
2019-05-29 16:16 - 2019-05-29 16:16 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\EasyAntiCheat
2019-05-29 16:14 - 2019-05-29 16:16 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-05-29 01:33 - 2019-05-29 01:33 - 000000234 _____ C:\Users\Tom78\Desktop\Tom Clancy's Ghost Recon® Wildlands.url
2019-05-29 01:33 - 2019-05-29 01:33 - 000000234 _____ C:\Users\Tom78\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tom Clancy's Ghost Recon® Wildlands.url
2019-05-25 11:24 - 2019-05-26 12:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-05-21 13:42 - 2019-05-21 13:42 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-05-17 20:37 - 2019-05-17 21:06 - 000000106 _____ C:\Users\Tom78\Desktop\GTA - čistá session.txt
2019-05-13 21:07 - 2019-05-13 21:07 - 000000000 ____D C:\Users\Tom78\AppData\Local\SquirrelTemp

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-04 19:43 - 2017-12-20 14:30 - 000000000 ____D C:\FRST
2019-06-04 19:34 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-06-04 19:33 - 2016-12-13 01:28 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-06-04 19:18 - 2019-03-15 23:36 - 000000000 ____D C:\Users\Tom78\AppData\Local\CrashDumps
2019-06-04 19:18 - 2017-11-16 23:05 - 000000000 ____D C:\Program Files (x86)\Steam
2019-06-04 18:29 - 2009-07-14 06:45 - 000021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-06-04 18:29 - 2009-07-14 06:45 - 000021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-06-04 18:28 - 2016-12-31 13:53 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\vlc
2019-06-04 18:23 - 2018-12-19 23:44 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-04 18:23 - 2018-12-19 23:44 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-04 18:23 - 2018-11-20 18:48 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-06-04 18:23 - 2018-08-23 20:18 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-04 18:23 - 2018-08-23 20:18 - 000003940 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-04 18:23 - 2018-08-23 20:18 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-04 18:23 - 2018-08-23 20:18 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-04 18:23 - 2018-08-23 20:18 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-04 18:23 - 2018-08-23 20:18 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-04 18:23 - 2018-03-01 20:55 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-06-04 18:23 - 2018-02-14 12:32 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-04 18:23 - 2018-02-14 12:32 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-04 18:23 - 2018-02-14 12:32 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-04 18:23 - 2018-02-14 12:32 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-04 18:23 - 2016-11-06 23:54 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-06-04 11:33 - 2017-11-08 14:20 - 000000000 ____D C:\ProgramData\NVIDIA
2019-06-04 11:30 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-03 13:42 - 2019-03-18 18:59 - 000225608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-06-03 12:45 - 2016-11-11 16:09 - 000000000 ____D C:\Users\Tom78\AppData\Local\Ubisoft Game Launcher
2019-06-02 11:49 - 2018-09-10 15:27 - 000000000 ____D C:\Users\Tom78\AppData\LocalLow\Mozilla
2019-05-30 20:55 - 2016-11-17 23:20 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2019-05-30 15:46 - 2019-03-18 18:59 - 000385880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-05-29 16:16 - 2016-12-18 14:12 - 000000000 ____D C:\Users\Tom78\Documents\My Games
2019-05-29 01:31 - 2018-10-18 14:48 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\Transport Fever
2019-05-29 01:31 - 2017-04-20 20:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2019-05-28 12:33 - 2019-03-18 18:59 - 000004138 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-05-28 04:54 - 2017-10-04 17:27 - 000004000 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1503746874
2019-05-26 12:13 - 2019-04-24 21:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-25 00:15 - 2016-11-08 20:00 - 000007651 _____ C:\Users\Tom78\AppData\Local\Resmon.ResmonCfg
2019-05-23 04:03 - 2017-10-18 23:32 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-21 13:42 - 2019-03-18 18:59 - 000477584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-05-21 13:42 - 2019-03-18 18:59 - 000279120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-05-21 13:42 - 2019-03-18 18:59 - 000167872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-05-21 13:42 - 2019-03-18 18:59 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-05-21 13:42 - 2019-03-18 18:59 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-05-21 13:42 - 2019-03-18 18:59 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 001030784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 000262496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 000207448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 000205848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 000061472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-05-16 17:52 - 2017-02-25 13:12 - 000000000 ____D C:\ProgramData\Package Cache
2019-05-14 15:38 - 2018-03-01 20:55 - 000004536 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-05-14 15:38 - 2017-06-30 22:59 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-05-14 15:38 - 2017-06-30 22:59 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-14 15:38 - 2016-11-07 03:54 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-05-14 15:38 - 2016-11-07 03:54 - 000000000 ____D C:\Windows\system32\Macromed
2019-05-14 14:38 - 2018-03-13 15:15 - 000004524 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-05-14 13:47 - 2016-12-02 21:30 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\DAEMON Tools Lite
2019-05-06 13:42 - 2019-03-01 19:12 - 000000000 ____D C:\Users\Tom78\AppData\Local\Adobe

==================== Files in the root of some directories =======

2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\en_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\es_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021880 _____ (Schneider Electric) C:\Users\Tom78\fr_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021880 _____ (Schneider Electric) C:\Users\Tom78\grm_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\it_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000020344 _____ (Schneider Electric) C:\Users\Tom78\jp_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 001079808 _____ (Microsoft Corporation) C:\Users\Tom78\mfc80u.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000626688 _____ (Microsoft Corporation) C:\Users\Tom78\msvcr80.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 013923704 _____ (Schneider Electric) C:\Users\Tom78\PCPE Setup.exe
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\pt_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000018808 _____ () C:\Users\Tom78\ResourceReader.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000020856 _____ (Schneider Electric) C:\Users\Tom78\ru_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000019832 _____ (Schneider Electric) C:\Users\Tom78\zh_res.dll
2019-03-31 23:44 - 2019-04-24 16:17 - 038595778 _____ () C:\Users\Tom78\AppData\Roaming\gta5_patch.bin
2019-03-31 23:44 - 2019-03-31 23:44 - 000332800 _____ () C:\Users\Tom78\AppData\Roaming\patcher.dll
2017-12-20 14:29 - 2017-12-20 16:19 - 000029696 _____ () C:\Users\Tom78\AppData\Local\MSGBOX.EXE
2016-11-08 20:00 - 2019-05-25 00:15 - 000007651 _____ () C:\Users\Tom78\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-06-02 19:49
==================== End of FRST.txt ============================

----------------------------------------------------------------------------------------------------------------------------------------
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-06-2019
Ran by Tom78 (04-06-2019 19:43:55)
Running from C:\Users\Tom78\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-11-06 21:06:28)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4101578857-3757837661-3053645589-500 - Administrator - Disabled)
Guest (S-1-5-21-4101578857-3757837661-3053645589-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4101578857-3757837661-3053645589-1002 - Limited - Enabled)
Tom78 (S-1-5-21-4101578857-3757837661-3053645589-1000 - Administrator - Enabled) => C:\Users\Tom78

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
Acronis Disk Director (HKLM-x32\...\{AE372858-B1BD-49EF-8308-648322846008}) (Version: 12.0.3223 - Acronis)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.192 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.192 - Adobe)
Aktualizace NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 18.07.0009 - Bloody)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Disney Princezna - Kouzelná cesta (HKLM-x32\...\{E375D72E-5343-4F73-986C-1B00C35F1DFC}) (Version: 1.0 - Disney Interactive Studios)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.67 - NVIDIA Corporation) Hidden
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: "1.0.0.10" - Rockstar Games)
HWiNFO64 Version 5.38 (HKLM\...\HWiNFO64_is1) (Version: 5.38 - Martin Malík - REALiX)
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
KeyDominator2 (HKLM-x32\...\BloodyKeyboard) (Version: 17.11.0002 - Bloody)
Kyodai Mahjongg 2006 v1.2 (HKLM-x32\...\Kyodai Mahjongg 2006_is1) (Version: - Rene-Gilles Deberdt)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Mozilla Firefox 67.0 (x64 cs) (HKLM\...\Mozilla Firefox 67.0 (x64 cs)) (Version: 67.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.3 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.18.0.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.94 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 419.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 419.67 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 419.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.67 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenOffice 4.1.3 (HKLM-x32\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
Opera Stable 60.0.3255.109 (HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\Opera 60.0.3255.109) (Version: 60.0.3255.109 - Opera Software)
Organizér (HKLM-x32\...\{4154BF17-EE1F-4F25-9696-2FF191FE0787}) (Version: 5.3.5.1 - Fireluke Software)
Ovládací panel NVIDIA 419.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.67 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.11.16 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.11.16 - General Workings, Inc.)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
Tom Clancy's Ghost Recon Wildlands (HKLM-x32\...\Uplay Install 1771) (Version: - Ubisoft)
Uplay (HKLM-x32\...\Uplay) (Version: 24.0.2 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
XMedia Recode verze 3.3.8.6 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.3.8.6 - XMedia Recode)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Moje\Programy\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Moje\Programy\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Moje\Programy\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2011-03-09] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Moje\Programy\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2011-03-09] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Moje\Programy\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2011-03-09] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Tom78\Desktop\chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disk-cache-size=1000000000
ShortcutWithArgument: C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disk-cache-size=1000000000

==================== Loaded Modules (Whitelisted) ==============

2018-09-08 16:20 - 2017-04-17 10:43 - 003852800 _____ () [File not signed] C:\Program Files (x86)\Bloody6\Bloody6\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2017-11-27 14:26 - 2014-01-10 11:48 - 004260352 _____ () [File not signed] C:\Program Files (x86)\KeyDominator2\KeyDominator2\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2017-11-27 14:26 - 2017-11-02 10:32 - 011374080 _____ () [File not signed] C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe
2008-12-03 20:05 - 2008-12-03 20:05 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\24teen.com -> 24teen.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\30search.com -> 30search.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\31234.com -> 31234.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\34yo.com -> 34yo.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\356563.net -> 356563.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\36site.com -> 36site.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\4-counter.com -> 4-counter.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\4corn.net -> 4corn.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\4pokertips.com -> 4pokertips.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\600pics.com -> 600pics.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\69teenage.com -> 69teenage.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\75tz.com -> 75tz.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\777search.com -> 777search.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\777top.com -> 777top.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\7adpower.com -> 7adpower.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\888.sooe.cn -> 888.sooe.cn
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\888net.net -> 888net.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\8da.com -> 8da.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\99livecam.com -> 99livecam.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\a2zlinks.com -> a2zlinks.com

There are 1520 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-01-04 15:58 - 000000043 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\program files (x86)\intel\icls client\;c:\program files\intel\icls client\;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\program files (x86)\intel\intel(r) management engine components\dal;c:\program files\intel\intel(r) management engine components\dal;c:\program files (x86)\intel\intel(r) management engine components\ipt;c:\program files\intel\intel(r) management engine components\ipt;c:\program files (x86)\common files\acronis\snapapi\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tom78\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 185.73.101.1 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{32A89603-4C93-4E83-96AB-8DB858A5AB73}] => (Block) %SystemDrive%\Moje\DiskDirector\DiskDirector.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{1D37AC3A-A0A0-46E5-9D31-40F1B00704D9}] => (Block) %SystemDrive%\Moje\DiskDirector\DiskDirector.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{A8428BF2-B651-4BFB-A229-5A159785B944}] => (Allow) C:\Users\Tom78\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{5AB598F2-4265-4261-B9BB-0ACCB703855B}] => (Allow) C:\Users\Tom78\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{324F436C-E05F-4C4C-83F0-8F0858B97736}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{952F2547-AC48-4238-80EF-4F7E71AEA8D6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{01E02B80-E74B-4178-BBE6-BDB8288DC91A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Novus Inceptio\NovusInceptio.exe () [File not signed]
FirewallRules: [{DA6584F7-F8AE-4CDA-AD16-DEE30ED154F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Novus Inceptio\NovusInceptio.exe () [File not signed]
FirewallRules: [{02DC5B5A-75DC-4566-8978-E78C971278CA}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{FAD87EC9-A0A7-4E60-A7A1-A5C7D7E404C6}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{F2BC386C-9C9F-46CB-B1E7-F201AC7F34F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7D330CD6-AE25-43CE-BAAC-321F36A07D7A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4B4A97B0-3FF6-48E2-B8BA-20472EB33043}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8370320D-557F-4A34-8879-38126EB4FD09}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{25E4DCCF-D7D1-4C5D-959A-E387F30F4959}] => (Allow) %SystemDrive%\Moje\Prohlizece\Tor Browser\Browser\firefox.exe (Mozilla Corporation) [File not signed]
FirewallRules: [{703B904C-4930-4666-A855-BF46CECB2A3D}] => (Allow) %SystemDrive%\Moje\Prohlizece\Tor Browser\Browser\firefox.exe (Mozilla Corporation) [File not signed]
FirewallRules: [{E6EC7424-35EF-44F8-ABFE-11D1E6995FAB}] => (Allow) %ProgramFiles% (x86)\GOG Galaxy\GalaxyClient.exe No File
FirewallRules: [{06B1C26B-ED72-467F-888E-D5FBBA1A6373}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7E78973B-823F-45B7-94FB-1213F6BFEE04}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D917749C-54C9-4192-A79A-5E2C92E32DF7}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{80ABEA09-7889-4B17-AE58-6B692C4AAE90}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{5B8D0610-F04B-4FA9-801B-61B82165E655}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C03C3968-3CEB-4031-B0E1-1C08D7073B21}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E541E532-1F87-4DC4-BCB0-C5825F84BCD1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{05499007-526A-42CB-A630-A91D7E489E40}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8FF2607A-A572-4527-9981-94AD72C474BC}] => (Allow) D:\Games\GTA\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{48F593F2-6FBF-4C9B-A06C-C25981C71519}] => (Allow) D:\Games\GTA\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{CA76EC64-5D8A-4DF3-87EB-13738D2ABA76}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7098BFB6-FA54-4D5F-81F5-244CCD05E301}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{663D8CA7-3262-4823-91F6-971B17C95E14}] => (Block) D:\Games\Princezny\play.exe (Disney Interactive Studios) [File not signed]
FirewallRules: [{73F67E4B-1974-4E1B-B77A-53D901915C88}] => (Block) D:\Games\Princezny\play.exe (Disney Interactive Studios) [File not signed]
FirewallRules: [{F0C15B98-2827-4144-8939-CEC6547F7A54}] => (Block) E:\Kyodai Mahjongg 2006\kmj.exe (Rene-Gilles Deberdt) [File not signed]
FirewallRules: [{899926B8-E8E6-4C74-BD9F-5A4900EFD34E}] => (Block) E:\Kyodai Mahjongg 2006\kmj.exe (Rene-Gilles Deberdt) [File not signed]
FirewallRules: [{0AAC3D4E-095D-4571-A029-001B6BF60626}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{DBEA647A-5F1C-4459-95DD-0F8183010E53}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{C05F1F45-1786-407A-89B2-FA61B05B136A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{A2354B08-1F5B-4905-9CAE-63B1A7646F2E}] => (Allow) D:\Games\Ubisoft\Tom Clancy's Ghost Recon Wildlands\GRW.exe (Blue Byte GmbH -> )

==================== Restore Points =========================

29-05-2019 16:13:31 Nainstalováno rozhraní DirectX
29-05-2019 16:14:41 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/04/2019 11:31:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/03/2019 12:46:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AvastUI.exe, verze: 19.5.4444.0, časové razítko: 0x5cdbd76d
Název chybujícího modulu: CommonUI.dll, verze: 19.5.4444.0, časové razítko: 0x5cdbcf48
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001e71b
ID chybujícího procesu: 0x3c8
Čas spuštění chybující aplikace: 0x01d519d575f97f0e
Cesta k chybující aplikaci: C:\Moje\Programy\Avast\AvastUI.exe
Cesta k chybujícímu modulu: C:\Moje\Programy\Avast\CommonUI.dll
ID zprávy: c7ce0d72-85ec-11e9-b5d5-74da38fe0bd6

Error: (06/03/2019 08:10:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/03/2019 02:57:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Mashinky.exe, verze: 0.0.0.0, časové razítko: 0x5ce562a8
Název chybujícího modulu: fmodL64.dll, verze: 0.1.8.9, časové razítko: 0x579f6049
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000080bfb
ID chybujícího procesu: 0xec4
Čas spuštění chybující aplikace: 0x01d519981efbc8b7
Cesta k chybující aplikaci: D:\Games\SteamLibrary\steamapps\common\Mashinky\Mashinky.exe
Cesta k chybujícímu modulu: D:\Games\SteamLibrary\steamapps\common\Mashinky\fmodL64.dll
ID zprávy: 917e2d54-859a-11e9-af64-74da38fe0bd6

Error: (06/02/2019 11:24:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/01/2019 09:05:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/31/2019 11:07:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/30/2019 03:43:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (06/04/2019 07:33:59 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (06/04/2019 07:33:59 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (06/04/2019 06:33:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (06/04/2019 06:33:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (06/04/2019 05:33:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (06/04/2019 05:33:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (06/04/2019 04:33:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (06/04/2019 04:33:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.


CodeIntegrity:
===================================

Date: 2017-10-28 14:18:10.956
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-28 14:18:10.925
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-28 14:18:10.379
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-28 14:18:10.348
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-08 12:34:51.423
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-08 12:34:51.392
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-08 12:34:50.519
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-08 12:34:50.487
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2107 08/08/2014
Motherboard: ASUSTeK COMPUTER INC. B85-PLUS
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 63%
Total physical RAM: 8097.73 MB
Available physical RAM: 2954.74 MB
Total Virtual: 24291.38 MB
Available Virtual: 18084.2 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:126.95 GB) (Free:59.32 GB) NTFS
Drive d: (Hry) (Fixed) (Total:226.74 GB) (Free:17.43 GB) NTFS
Drive e: () (Fixed) (Total:134.65 GB) (Free:24.83 GB) NTFS
Drive f: () (Fixed) (Total:931.41 GB) (Free:15.97 GB) NTFS
Drive h: (Záloha) (Fixed) (Total:443.16 GB) (Free:42.01 GB) NTFS

\\?\Volume{954ccc49-a461-11e6-a407-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 82382C7D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 12DF12DE)
Partition 1: (Not Active) - (Size=127 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=804.6 GB) - (Type=0F Extended)

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu. Děkuji.

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Odporucam nepouzivat a odinstalovat vsetky programy od IObit (napr. Driver Booster, Advanced SystemCare, Uninstaller, atd.) - su to cinske smejdy, ktore mozu poskodit system.

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

pan Hankey
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 30 čer 2017 21:18

Re: Prosím o kontrolu logu. Děkuji.

#3 Příspěvek od pan Hankey »

Ahoj, děkuji za pomoc.

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-05-2019
# Duration: 00:01:10
# OS: Windows 7 Home Premium
# Cleaned: 3
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\IOBIT\Driver Booster
Deleted C:\Users\Tom78\AppData\Roaming\IOBIT\Driver Booster

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Wow6432Node\IObit\Driver Booster

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1257 octets] - [14/09/2018 10:50:44]
AdwCleaner[S01].txt - [1318 octets] - [14/09/2018 10:53:08]
AdwCleaner[S02].txt - [1379 octets] - [14/09/2018 10:53:37]
AdwCleaner[S03].txt - [1440 octets] - [14/09/2018 10:54:20]
AdwCleaner[S04].txt - [1497 octets] - [14/09/2018 10:55:13]
AdwCleaner[S05].txt - [1562 octets] - [15/11/2018 14:17:17]
AdwCleaner[C05].txt - [1748 octets] - [15/11/2018 14:30:30]
AdwCleaner[S06].txt - [1851 octets] - [04/06/2019 19:30:59]
AdwCleaner[S07].txt - [1912 octets] - [04/06/2019 19:34:36]
AdwCleaner[S08].txt - [1973 octets] - [05/06/2019 00:40:36]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C08].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu. Děkuji.

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

pan Hankey
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 30 čer 2017 21:18

Re: Prosím o kontrolu logu. Děkuji.

#5 Příspěvek od pan Hankey »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-06-2019
Ran by Tom78 (administrator) on STROJ (ASUS All Series) (05-06-2019 17:07:10)
Running from C:\Users\Tom78\Desktop
Loaded Profiles: Tom78 (Available Profiles: Tom78)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe
(A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Moje\Programy\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Moje\Programy\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Moje\Programy\Avast\AvastUI.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera.exe
(Opera Software AS -> Opera Software) C:\Moje\Prohlizece\Opera\60.0.3255.109\opera_crashreporter.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-11-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Moje\Programy\Avast\AvLaunch.exe [262024 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Winlogon: [Shell] c:\windows\system32\explorer.exe [2616320 2017-06-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\Run: [BloodyKeyboard] => C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe [11374080 2017-11-02] () [File not signed]
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [16442096 2018-07-20] (A FOUR TECH CO., LTD. -> )
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-18] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-18] (On2.com) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.80\Installer\chrmstp.exe [2019-06-05] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07D9C54A-0CA5-4123-BB82-9CD674575459} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {166CD7F0-36D1-42DB-8534-47D1E2CD14C0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3729392 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1CE3C2ED-DD67-4E9F-84A2-42AFFFD6C3AB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {26C93137-B0D7-4ECC-AEC8-D4001B15E6BE} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2EA62DBA-A4B1-45D8-9C35-6F39CB8BCB48} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {35CB327F-6E9E-4873-9EBD-2E148F87CCBA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_pepper.exe [1452600 2019-05-14] (Adobe Inc. -> Adobe)
Task: {373013AE-4B11-4C81-BAE2-3FD64B7E6A25} - System32\Tasks\Opera scheduled Autoupdate 1503746874 => C:\Moje\Prohlizece\Opera\launcher.exe [1493592 2019-05-23] (Opera Software AS -> Opera Software)
Task: {539D94B4-3B7C-4FF9-8A91-CC10C49A9DD5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5AA301E4-AD64-4B3C-AEAA-DEFB1A0498AE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe [1457208 2019-05-14] (Adobe Inc. -> Adobe)
Task: {6BF9A69D-C5CE-4ECA-991F-A5EE7234A1D6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A3FFF407-1877-4DA0-A931-4C391A3CC3C8} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A81FFF11-86E8-4DFE-A437-9A77957E25A6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-11-20] (Piriform Ltd -> Piriform Ltd)
Task: {B0B9D1C2-99DC-48FC-8028-B5E2471F6465} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B36492E1-071D-4E7D-9FF0-2A09CC6778DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-18] (Google Inc -> Google Inc.)
Task: {B6D9C842-F966-40E7-A51A-BC5B935E8EDC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-18] (Google Inc -> Google Inc.)
Task: {BF72989A-D560-48BE-8B21-8E889CEBEA81} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C3B0B22A-67C2-4563-BAD1-7D4B80586525} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-14] (Adobe Inc. -> Adobe)
Task: {C613889D-5089-457F-804F-A351B635A927} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [591344 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CBDB0659-9C6C-43AA-84CC-CCF62AE4FD47} - System32\Tasks\Avast Emergency Update => C:\Moje\Programy\Avast\AvEmUpdate.exe [2934152 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
Task: {E36828D2-6E89-4425-9A1F-8588F12D918C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E64DE30D-9FF7-4D22-86A8-2A847B798338} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648688 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E8318FB3-B134-4D49-8ABD-35C547A57BE7} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 185.73.101.1 8.8.4.4
Tcpip\..\Interfaces\{3E23E901-49BD-4232-B46C-DCEB20E89345}: [DhcpNameServer] 82.99.143.180 8.8.4.4
Tcpip\..\Interfaces\{54FFDA33-F641-4D2B-8030-41EF90A57627}: [DhcpNameServer] 185.73.101.1 8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

FireFox:
========
FF DefaultProfile: 0xsqg3cl.default
FF ProfilePath: C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\0xsqg3cl.default [2019-06-05]
FF Session Restore: Mozilla\Firefox\Profiles\0xsqg3cl.default -> is enabled.
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\0xsqg3cl.default\Extensions\sp@avast.com.xpi [2019-04-25]
FF Extension: (uBlock Origin) - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\0xsqg3cl.default\Extensions\uBlock0@raymondhill.net.xpi [2019-05-25]
FF Extension: (Avast Online Security) - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\0xsqg3cl.default\Extensions\wrc@avast.com.xpi [2019-05-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll [2019-05-14] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default [2019-06-05]
CHR Extension: (Disk Google) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-18]
CHR Extension: (YouTube) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-18]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-05]
CHR Extension: (Avast Online Security) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-05]
CHR Extension: (uBlock Adblocker Plus) - C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhflmgomffaphmnbcogleagmloijbkd [2018-08-24]
CHR Profile: C:\Users\Tom78\AppData\Local\Google\Chrome\User Data\System Profile [2017-12-20]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\Tom78\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2019-04-30]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Moje\Programy\Avast\aswidsagent.exe [6844776 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Moje\Programy\Avast\AvastSvc.exe [409224 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-05-29] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [707144 2019-01-24] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2019-01-24] (GOG Sp. z o.o. -> GOG.com)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-10-16] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-10-21] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [207448 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [262496 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [205848 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61472 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279120 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [167872 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477584 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225608 2019-06-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385880 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
R3 AX88179; C:\Windows\System32\DRIVERS\ax88179_178a.sys [84960 2017-06-13] (Microsoft Windows Hardware Compatibility Publisher -> ASIX Electronics Corp.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2016-12-02] (Disc Soft Ltd -> Disc Soft Ltd)
S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Microsoft Windows -> Intel Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2016-11-08] (Martin Malik - REALiX -> REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31712 2016-11-11] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199760 2016-12-20] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-02-26] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] (Intel(R) Code Signing External -> )
S3 Ser2pl; C:\Windows\System32\DRIVERS\ser2pl64.sys [227248 2017-10-30] (WDKTestCert charles-yeh,131345514351795974 -> Prolific Technology Inc.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2017-04-22] (Disc Soft Ltd -> Duplex Secure Ltd.)
U3 aesfpkwp; C:\Windows\System32\Drivers\aesfpkwp.sys [0 0000-00-00] (Intel Corporation) <==== ATTENTION (zero byte File/Folder)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-05 17:07 - 2019-06-05 17:07 - 000022925 _____ C:\Users\Tom78\Desktop\FRST.txt
2019-06-05 17:06 - 2019-06-05 17:06 - 000000000 ____D C:\Users\Tom78\Desktop\FRST-OlderVersion
2019-06-05 13:28 - 2019-06-05 13:28 - 000000000 ____D C:\Users\Tom78\AppData\Local\ElevatedDiagnostics
2019-06-05 00:37 - 2019-06-05 00:37 - 007025360 _____ (Malwarebytes) C:\Users\Tom78\Desktop\adwcleaner_7.3.exe
2019-06-04 19:40 - 2019-06-05 17:06 - 002417664 _____ (Farbar) C:\Users\Tom78\Desktop\FRST64.exe
2019-06-04 19:24 - 2019-06-04 19:24 - 000000000 ____D C:\Users\Tom78\AppData\Local\mbamtray
2019-05-29 16:16 - 2019-05-29 16:16 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\EasyAntiCheat
2019-05-29 16:14 - 2019-05-29 16:16 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-05-29 01:33 - 2019-05-29 01:33 - 000000234 _____ C:\Users\Tom78\Desktop\Tom Clancy's Ghost Recon® Wildlands.url
2019-05-29 01:33 - 2019-05-29 01:33 - 000000234 _____ C:\Users\Tom78\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tom Clancy's Ghost Recon® Wildlands.url
2019-05-25 11:24 - 2019-05-26 12:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-05-21 13:42 - 2019-05-21 13:42 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-05-17 20:37 - 2019-05-17 21:06 - 000000106 _____ C:\Users\Tom78\Desktop\GTA - čistá session.txt
2019-05-13 21:07 - 2019-05-13 21:07 - 000000000 ____D C:\Users\Tom78\AppData\Local\SquirrelTemp

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-05 17:07 - 2017-12-20 14:30 - 000000000 ____D C:\FRST
2019-06-05 16:20 - 2019-03-15 23:36 - 000000000 ____D C:\Users\Tom78\AppData\Local\CrashDumps
2019-06-05 14:03 - 2018-09-10 15:27 - 000000000 ____D C:\Users\Tom78\AppData\LocalLow\Mozilla
2019-06-05 13:32 - 2009-07-14 06:45 - 000021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-06-05 13:32 - 2009-07-14 06:45 - 000021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-06-05 13:27 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-06-05 13:26 - 2018-12-19 23:44 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-05 13:26 - 2018-12-19 23:44 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-05 13:26 - 2018-11-20 18:48 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-06-05 13:26 - 2018-08-23 20:18 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-05 13:26 - 2018-08-23 20:18 - 000003940 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-05 13:26 - 2018-08-23 20:18 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-05 13:26 - 2018-08-23 20:18 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-05 13:26 - 2018-08-23 20:18 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-05 13:26 - 2018-08-23 20:18 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-05 13:26 - 2018-03-01 20:55 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-06-05 13:26 - 2018-02-14 12:32 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-05 13:26 - 2018-02-14 12:32 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-05 13:26 - 2018-02-14 12:32 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-05 13:26 - 2018-02-14 12:32 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-06-05 13:26 - 2016-11-06 23:54 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-06-05 12:12 - 2017-11-08 14:20 - 000000000 ____D C:\ProgramData\NVIDIA
2019-06-05 12:02 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-05 02:02 - 2017-10-18 23:32 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-05 00:40 - 2016-11-11 03:28 - 000000000 ____D C:\ProgramData\IObit
2019-06-05 00:40 - 2016-11-11 03:27 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\IObit
2019-06-04 22:57 - 2016-11-08 20:00 - 000007651 _____ C:\Users\Tom78\AppData\Local\Resmon.ResmonCfg
2019-06-04 19:33 - 2016-12-13 01:28 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-06-04 19:18 - 2017-11-16 23:05 - 000000000 ____D C:\Program Files (x86)\Steam
2019-06-04 18:28 - 2016-12-31 13:53 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\vlc
2019-06-03 13:42 - 2019-03-18 18:59 - 000225608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-06-03 12:45 - 2016-11-11 16:09 - 000000000 ____D C:\Users\Tom78\AppData\Local\Ubisoft Game Launcher
2019-05-30 20:55 - 2016-11-17 23:20 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2019-05-30 15:46 - 2019-03-18 18:59 - 000385880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-05-29 16:16 - 2016-12-18 14:12 - 000000000 ____D C:\Users\Tom78\Documents\My Games
2019-05-29 01:31 - 2018-10-18 14:48 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\Transport Fever
2019-05-29 01:31 - 2017-04-20 20:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2019-05-28 12:33 - 2019-03-18 18:59 - 000004138 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-05-28 04:54 - 2017-10-04 17:27 - 000004000 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1503746874
2019-05-26 12:13 - 2019-04-24 21:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-21 13:42 - 2019-03-18 18:59 - 000477584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-05-21 13:42 - 2019-03-18 18:59 - 000279120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-05-21 13:42 - 2019-03-18 18:59 - 000167872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-05-21 13:42 - 2019-03-18 18:59 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-05-21 13:42 - 2019-03-18 18:59 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-05-21 13:42 - 2019-03-18 18:59 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 001030784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 000262496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 000207448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 000205848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 000061472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-05-21 13:41 - 2019-03-18 18:59 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-05-16 17:52 - 2017-02-25 13:12 - 000000000 ____D C:\ProgramData\Package Cache
2019-05-14 15:38 - 2018-03-01 20:55 - 000004536 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-05-14 15:38 - 2017-06-30 22:59 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-05-14 15:38 - 2017-06-30 22:59 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-14 15:38 - 2016-11-07 03:54 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-05-14 15:38 - 2016-11-07 03:54 - 000000000 ____D C:\Windows\system32\Macromed
2019-05-14 14:38 - 2018-03-13 15:15 - 000004524 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-05-14 13:47 - 2016-12-02 21:30 - 000000000 ____D C:\Users\Tom78\AppData\Roaming\DAEMON Tools Lite
2019-05-06 13:42 - 2019-03-01 19:12 - 000000000 ____D C:\Users\Tom78\AppData\Local\Adobe

==================== Files in the root of some directories =======

2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\en_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\es_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021880 _____ (Schneider Electric) C:\Users\Tom78\fr_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021880 _____ (Schneider Electric) C:\Users\Tom78\grm_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\it_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000020344 _____ (Schneider Electric) C:\Users\Tom78\jp_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 001079808 _____ (Microsoft Corporation) C:\Users\Tom78\mfc80u.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000626688 _____ (Microsoft Corporation) C:\Users\Tom78\msvcr80.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 013923704 _____ (Schneider Electric) C:\Users\Tom78\PCPE Setup.exe
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\pt_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000018808 _____ () C:\Users\Tom78\ResourceReader.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000020856 _____ (Schneider Electric) C:\Users\Tom78\ru_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000019832 _____ (Schneider Electric) C:\Users\Tom78\zh_res.dll
2019-03-31 23:44 - 2019-04-24 16:17 - 038595778 _____ () C:\Users\Tom78\AppData\Roaming\gta5_patch.bin
2019-03-31 23:44 - 2019-03-31 23:44 - 000332800 _____ () C:\Users\Tom78\AppData\Roaming\patcher.dll
2017-12-20 14:29 - 2017-12-20 16:19 - 000029696 _____ () C:\Users\Tom78\AppData\Local\MSGBOX.EXE
2016-11-08 20:00 - 2019-06-04 22:57 - 000007651 _____ () C:\Users\Tom78\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-06-02 19:49
==================== End of FRST.txt ============================

---------------------------------------------------------------------------------------------------------------------------------------------------
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-06-2019
Ran by Tom78 (05-06-2019 17:08:04)
Running from C:\Users\Tom78\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-11-06 21:06:28)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4101578857-3757837661-3053645589-500 - Administrator - Disabled)
Guest (S-1-5-21-4101578857-3757837661-3053645589-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4101578857-3757837661-3053645589-1002 - Limited - Enabled)
Tom78 (S-1-5-21-4101578857-3757837661-3053645589-1000 - Administrator - Enabled) => C:\Users\Tom78

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
Acronis Disk Director (HKLM-x32\...\{AE372858-B1BD-49EF-8308-648322846008}) (Version: 12.0.3223 - Acronis)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.192 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.192 - Adobe)
Aktualizace NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 18.07.0009 - Bloody)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Disney Princezna - Kouzelná cesta (HKLM-x32\...\{E375D72E-5343-4F73-986C-1B00C35F1DFC}) (Version: 1.0 - Disney Interactive Studios)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.67 - NVIDIA Corporation) Hidden
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.80 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: "1.0.0.10" - Rockstar Games)
HWiNFO64 Version 5.38 (HKLM\...\HWiNFO64_is1) (Version: 5.38 - Martin Malík - REALiX)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
KeyDominator2 (HKLM-x32\...\BloodyKeyboard) (Version: 17.11.0002 - Bloody)
Kyodai Mahjongg 2006 v1.2 (HKLM-x32\...\Kyodai Mahjongg 2006_is1) (Version: - Rene-Gilles Deberdt)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Mozilla Firefox 67.0 (x64 cs) (HKLM\...\Mozilla Firefox 67.0 (x64 cs)) (Version: 67.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.3 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.18.0.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.94 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 419.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 419.67 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 419.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.67 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenOffice 4.1.3 (HKLM-x32\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
Opera Stable 60.0.3255.109 (HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\Opera 60.0.3255.109) (Version: 60.0.3255.109 - Opera Software)
Organizér (HKLM-x32\...\{4154BF17-EE1F-4F25-9696-2FF191FE0787}) (Version: 5.3.5.1 - Fireluke Software)
Ovládací panel NVIDIA 419.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.67 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.11.16 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.11.16 - General Workings, Inc.)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
Tom Clancy's Ghost Recon Wildlands (HKLM-x32\...\Uplay Install 1771) (Version: - Ubisoft)
Uplay (HKLM-x32\...\Uplay) (Version: 24.0.2 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
XMedia Recode verze 3.3.8.6 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.3.8.6 - XMedia Recode)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Moje\Programy\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Moje\Programy\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Moje\Programy\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2011-03-09] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Moje\Programy\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2011-03-09] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Moje\Programy\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2011-03-09] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Tom78\Desktop\chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --disk-cache-size=1000000000
ShortcutWithArgument: C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --disk-cache-size=1000000000

==================== Loaded Modules (Whitelisted) ==============

2018-09-08 16:20 - 2017-04-17 10:43 - 003852800 _____ () [File not signed] C:\Program Files (x86)\Bloody6\Bloody6\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2017-11-27 14:26 - 2014-01-10 11:48 - 004260352 _____ () [File not signed] C:\Program Files (x86)\KeyDominator2\KeyDominator2\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2017-11-27 14:26 - 2017-11-02 10:32 - 011374080 _____ () [File not signed] C:\Program Files (x86)\KeyDominator2\KeyDominator2\KeyDominator2.exe
2017-07-09 22:51 - 2009-07-08 12:51 - 000730624 _____ (Hewlett-Packard Co.) [File not signed] C:\Windows\system32\hpotscl1.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\24teen.com -> 24teen.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\30search.com -> 30search.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\31234.com -> 31234.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\34yo.com -> 34yo.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\356563.net -> 356563.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\36site.com -> 36site.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\4-counter.com -> 4-counter.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\4corn.net -> 4corn.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\4pokertips.com -> 4pokertips.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\600pics.com -> 600pics.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\69teenage.com -> 69teenage.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\75tz.com -> 75tz.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\777search.com -> 777search.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\777top.com -> 777top.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\7adpower.com -> 7adpower.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\888.sooe.cn -> 888.sooe.cn
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\888net.net -> 888net.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\8da.com -> 8da.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\99livecam.com -> 99livecam.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\a2zlinks.com -> a2zlinks.com

There are 1520 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-01-04 15:58 - 000000043 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\program files (x86)\intel\icls client\;c:\program files\intel\icls client\;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\program files (x86)\intel\intel(r) management engine components\dal;c:\program files\intel\intel(r) management engine components\dal;c:\program files (x86)\intel\intel(r) management engine components\ipt;c:\program files\intel\intel(r) management engine components\ipt;c:\program files (x86)\common files\acronis\snapapi\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tom78\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 185.73.101.1 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{32A89603-4C93-4E83-96AB-8DB858A5AB73}] => (Block) %SystemDrive%\Moje\DiskDirector\DiskDirector.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{1D37AC3A-A0A0-46E5-9D31-40F1B00704D9}] => (Block) %SystemDrive%\Moje\DiskDirector\DiskDirector.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{A8428BF2-B651-4BFB-A229-5A159785B944}] => (Allow) C:\Users\Tom78\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{5AB598F2-4265-4261-B9BB-0ACCB703855B}] => (Allow) C:\Users\Tom78\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{324F436C-E05F-4C4C-83F0-8F0858B97736}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{952F2547-AC48-4238-80EF-4F7E71AEA8D6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{01E02B80-E74B-4178-BBE6-BDB8288DC91A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Novus Inceptio\NovusInceptio.exe () [File not signed]
FirewallRules: [{DA6584F7-F8AE-4CDA-AD16-DEE30ED154F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Novus Inceptio\NovusInceptio.exe () [File not signed]
FirewallRules: [{02DC5B5A-75DC-4566-8978-E78C971278CA}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{FAD87EC9-A0A7-4E60-A7A1-A5C7D7E404C6}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{F2BC386C-9C9F-46CB-B1E7-F201AC7F34F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7D330CD6-AE25-43CE-BAAC-321F36A07D7A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4B4A97B0-3FF6-48E2-B8BA-20472EB33043}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8370320D-557F-4A34-8879-38126EB4FD09}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{25E4DCCF-D7D1-4C5D-959A-E387F30F4959}] => (Allow) %SystemDrive%\Moje\Prohlizece\Tor Browser\Browser\firefox.exe (Mozilla Corporation) [File not signed]
FirewallRules: [{703B904C-4930-4666-A855-BF46CECB2A3D}] => (Allow) %SystemDrive%\Moje\Prohlizece\Tor Browser\Browser\firefox.exe (Mozilla Corporation) [File not signed]
FirewallRules: [{E6EC7424-35EF-44F8-ABFE-11D1E6995FAB}] => (Allow) %ProgramFiles% (x86)\GOG Galaxy\GalaxyClient.exe No File
FirewallRules: [{06B1C26B-ED72-467F-888E-D5FBBA1A6373}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7E78973B-823F-45B7-94FB-1213F6BFEE04}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D917749C-54C9-4192-A79A-5E2C92E32DF7}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{80ABEA09-7889-4B17-AE58-6B692C4AAE90}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{5B8D0610-F04B-4FA9-801B-61B82165E655}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C03C3968-3CEB-4031-B0E1-1C08D7073B21}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E541E532-1F87-4DC4-BCB0-C5825F84BCD1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{05499007-526A-42CB-A630-A91D7E489E40}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8FF2607A-A572-4527-9981-94AD72C474BC}] => (Allow) D:\Games\GTA\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{48F593F2-6FBF-4C9B-A06C-C25981C71519}] => (Allow) D:\Games\GTA\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{CA76EC64-5D8A-4DF3-87EB-13738D2ABA76}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7098BFB6-FA54-4D5F-81F5-244CCD05E301}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{663D8CA7-3262-4823-91F6-971B17C95E14}] => (Block) D:\Games\Princezny\play.exe (Disney Interactive Studios) [File not signed]
FirewallRules: [{73F67E4B-1974-4E1B-B77A-53D901915C88}] => (Block) D:\Games\Princezny\play.exe (Disney Interactive Studios) [File not signed]
FirewallRules: [{F0C15B98-2827-4144-8939-CEC6547F7A54}] => (Block) E:\Kyodai Mahjongg 2006\kmj.exe (Rene-Gilles Deberdt) [File not signed]
FirewallRules: [{899926B8-E8E6-4C74-BD9F-5A4900EFD34E}] => (Block) E:\Kyodai Mahjongg 2006\kmj.exe (Rene-Gilles Deberdt) [File not signed]
FirewallRules: [{0AAC3D4E-095D-4571-A029-001B6BF60626}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{DBEA647A-5F1C-4459-95DD-0F8183010E53}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{A2354B08-1F5B-4905-9CAE-63B1A7646F2E}] => (Allow) D:\Games\Ubisoft\Tom Clancy's Ghost Recon Wildlands\GRW.exe (Blue Byte GmbH -> )
FirewallRules: [{DAF0CCC4-EF25-423C-AED6-2F8B8967BFB2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

29-05-2019 16:13:31 Nainstalováno rozhraní DirectX
29-05-2019 16:14:41 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/05/2019 04:06:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AvastUI.exe, verze: 19.5.4444.0, časové razítko: 0x5cdbd76d
Název chybujícího modulu: CommonUI.dll, verze: 19.5.4444.0, časové razítko: 0x5cdbcf48
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001e71b
ID chybujícího procesu: 0x1068
Čas spuštění chybující aplikace: 0x01d51b85f52c07d5
Cesta k chybující aplikaci: C:\Moje\Programy\Avast\AvastUI.exe
Cesta k chybujícímu modulu: C:\Moje\Programy\Avast\CommonUI.dll
ID zprávy: 2c8a32a2-879b-11e9-8573-74da38fe0bd6

Error: (06/05/2019 12:04:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/05/2019 12:44:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/04/2019 11:31:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/03/2019 12:46:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AvastUI.exe, verze: 19.5.4444.0, časové razítko: 0x5cdbd76d
Název chybujícího modulu: CommonUI.dll, verze: 19.5.4444.0, časové razítko: 0x5cdbcf48
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001e71b
ID chybujícího procesu: 0x3c8
Čas spuštění chybující aplikace: 0x01d519d575f97f0e
Cesta k chybující aplikaci: C:\Moje\Programy\Avast\AvastUI.exe
Cesta k chybujícímu modulu: C:\Moje\Programy\Avast\CommonUI.dll
ID zprávy: c7ce0d72-85ec-11e9-b5d5-74da38fe0bd6

Error: (06/03/2019 08:10:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/03/2019 02:57:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Mashinky.exe, verze: 0.0.0.0, časové razítko: 0x5ce562a8
Název chybujícího modulu: fmodL64.dll, verze: 0.1.8.9, časové razítko: 0x579f6049
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000080bfb
ID chybujícího procesu: 0xec4
Čas spuštění chybující aplikace: 0x01d519981efbc8b7
Cesta k chybující aplikaci: D:\Games\SteamLibrary\steamapps\common\Mashinky\Mashinky.exe
Cesta k chybujícímu modulu: D:\Games\SteamLibrary\steamapps\common\Mashinky\fmodL64.dll
ID zprávy: 917e2d54-859a-11e9-af64-74da38fe0bd6

Error: (06/02/2019 11:24:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (06/05/2019 05:05:26 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (06/05/2019 05:05:26 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (06/05/2019 04:05:25 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (06/05/2019 04:05:25 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (06/05/2019 03:05:25 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (06/05/2019 03:05:25 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (06/05/2019 02:05:25 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (06/05/2019 02:05:25 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.


CodeIntegrity:
===================================

Date: 2017-10-28 14:18:10.956
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-28 14:18:10.925
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-28 14:18:10.379
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-10-28 14:18:10.348
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-08 12:34:51.423
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-08 12:34:51.392
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-08 12:34:50.519
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-08 12:34:50.487
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2107 08/08/2014
Motherboard: ASUSTeK COMPUTER INC. B85-PLUS
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 52%
Total physical RAM: 8097.73 MB
Available physical RAM: 3828.52 MB
Total Virtual: 24291.38 MB
Available Virtual: 18980.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:126.95 GB) (Free:59.22 GB) NTFS
Drive d: (Hry) (Fixed) (Total:226.74 GB) (Free:17.43 GB) NTFS
Drive e: () (Fixed) (Total:134.65 GB) (Free:24.83 GB) NTFS
Drive f: () (Fixed) (Total:931.41 GB) (Free:15.97 GB) NTFS
Drive h: (Záloha) (Fixed) (Total:443.16 GB) (Free:42.01 GB) NTFS

\\?\Volume{954ccc49-a461-11e6-a407-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 82382C7D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 12DF12DE)
Partition 1: (Not Active) - (Size=127 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=804.6 GB) - (Type=0F Extended)

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu. Děkuji.

#6 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    File: C:\Windows\System32\Drivers\aesfpkwp.sys
    ExportKey: HKLM\SOFTWARE\Policies\Mozilla\Firefox
    
    HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
    U3 aesfpkwp; C:\Windows\System32\Drivers\aesfpkwp.sys [0 0000-00-00] (Intel Corporation) <==== ATTENTION (zero byte File/Folder)
    2019-06-05 17:06 - 2019-06-05 17:06 - 000000000 ____D C:\Users\Tom78\Desktop\FRST-OlderVersion
    2019-05-13 21:07 - 2019-05-13 21:07 - 000000000 ____D C:\Users\Tom78\AppData\Local\SquirrelTemp
    2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\en_res.dll
    2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\es_res.dll
    2017-11-21 15:17 - 2017-11-21 16:19 - 000021880 _____ (Schneider Electric) C:\Users\Tom78\fr_res.dll
    2017-11-21 15:17 - 2017-11-21 16:19 - 000021880 _____ (Schneider Electric) C:\Users\Tom78\grm_res.dll
    2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\it_res.dll
    2017-11-21 15:17 - 2017-11-21 16:19 - 000020344 _____ (Schneider Electric) C:\Users\Tom78\jp_res.dll
    2017-11-21 15:17 - 2017-11-21 16:19 - 001079808 _____ (Microsoft Corporation) C:\Users\Tom78\mfc80u.dll
    2017-11-21 15:17 - 2017-11-21 16:19 - 000626688 _____ (Microsoft Corporation) C:\Users\Tom78\msvcr80.dll
    2017-11-21 15:17 - 2017-11-21 16:19 - 013923704 _____ (Schneider Electric) C:\Users\Tom78\PCPE Setup.exe
    2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\pt_res.dll
    2017-11-21 15:17 - 2017-11-21 16:19 - 000018808 _____ () C:\Users\Tom78\ResourceReader.dll
    2017-11-21 15:17 - 2017-11-21 16:19 - 000020856 _____ (Schneider Electric) C:\Users\Tom78\ru_res.dll
    2017-11-21 15:17 - 2017-11-21 16:19 - 000019832 _____ (Schneider Electric) C:\Users\Tom78\zh_res.dll
    2019-03-31 23:44 - 2019-04-24 16:17 - 038595778 _____ () C:\Users\Tom78\AppData\Roaming\gta5_patch.bin
    2019-03-31 23:44 - 2019-03-31 23:44 - 000332800 _____ () C:\Users\Tom78\AppData\Roaming\patcher.dll
    2017-12-20 14:29 - 2017-12-20 16:19 - 000029696 _____ () C:\Users\Tom78\AppData\Local\MSGBOX.EXE
    
    C:\Program Files\IObit
    C:\Program Files (x86)\IObit
    C:\Program Files\Common Files\IObit
    C:\ProgramData\IObit
    C:\ProgramData\ProductData
    C:\Users\Tom78\AppData\Local\IObit
    C:\Users\Tom78\AppData\LocalLow\IObit
    C:\Users\Tom78\AppData\Roaming\IObit
    C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
    C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
    C:\Users\Default\AppData\Local\IObit
    C:\Users\Default\AppData\LocalLow\IObit
    C:\Users\Default\AppData\Roaming\IObit
    C:\Users\Public\Desktop\*Driver Booster*
    C:\Users\Public\Desktop\*Advanced SystemCare*
    C:\Windows\IObit
    C:\Windows\Tasks\ImCleanDisabled
    C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

pan Hankey
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 30 čer 2017 21:18

Re: Prosím o kontrolu logu. Děkuji.

#7 Příspěvek od pan Hankey »

Fix result of Farbar Recovery Scan Tool (x64) Version: 06-06-2019
Ran by Tom78 (07-06-2019 01:00:32) Run:2
Running from C:\Users\Tom78\Desktop
Loaded Profiles: Tom78 (Available Profiles: Tom78)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Windows\System32\Drivers\aesfpkwp.sys
ExportKey: HKLM\SOFTWARE\Policies\Mozilla\Firefox

HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
U3 aesfpkwp; C:\Windows\System32\Drivers\aesfpkwp.sys [0 0000-00-00] (Intel Corporation) <==== ATTENTION (zero byte File/Folder)
2019-06-05 17:06 - 2019-06-05 17:06 - 000000000 ____D C:\Users\Tom78\Desktop\FRST-OlderVersion
2019-05-13 21:07 - 2019-05-13 21:07 - 000000000 ____D C:\Users\Tom78\AppData\Local\SquirrelTemp
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\en_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\es_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021880 _____ (Schneider Electric) C:\Users\Tom78\fr_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021880 _____ (Schneider Electric) C:\Users\Tom78\grm_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\it_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000020344 _____ (Schneider Electric) C:\Users\Tom78\jp_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 001079808 _____ (Microsoft Corporation) C:\Users\Tom78\mfc80u.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000626688 _____ (Microsoft Corporation) C:\Users\Tom78\msvcr80.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 013923704 _____ (Schneider Electric) C:\Users\Tom78\PCPE Setup.exe
2017-11-21 15:17 - 2017-11-21 16:19 - 000021368 _____ (Schneider Electric) C:\Users\Tom78\pt_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000018808 _____ () C:\Users\Tom78\ResourceReader.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000020856 _____ (Schneider Electric) C:\Users\Tom78\ru_res.dll
2017-11-21 15:17 - 2017-11-21 16:19 - 000019832 _____ (Schneider Electric) C:\Users\Tom78\zh_res.dll
2019-03-31 23:44 - 2019-04-24 16:17 - 038595778 _____ () C:\Users\Tom78\AppData\Roaming\gta5_patch.bin
2019-03-31 23:44 - 2019-03-31 23:44 - 000332800 _____ () C:\Users\Tom78\AppData\Roaming\patcher.dll
2017-12-20 14:29 - 2017-12-20 16:19 - 000029696 _____ () C:\Users\Tom78\AppData\Local\MSGBOX.EXE

C:\Program Files\IObit
C:\Program Files (x86)\IObit
C:\Program Files\Common Files\IObit
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\Tom78\AppData\Local\IObit
C:\Users\Tom78\AppData\LocalLow\IObit
C:\Users\Tom78\AppData\Roaming\IObit
C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Default\AppData\Local\IObit
C:\Users\Default\AppData\LocalLow\IObit
C:\Users\Default\AppData\Roaming\IObit
C:\Users\Public\Desktop\*Driver Booster*
C:\Users\Public\Desktop\*Advanced SystemCare*
C:\Windows\IObit
C:\Windows\Tasks\ImCleanDisabled
C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 74
Average :
Sum : 12151500
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========


========================= File: C:\Windows\System32\Drivers\aesfpkwp.sys ========================

"C:\Windows\System32\Drivers\aesfpkwp.sys" => not found
====== End of File: ======

================== ExportKey: ===================

[HKLM\SOFTWARE\Policies\Mozilla\Firefox]
[HKLM\SOFTWARE\Policies\Mozilla\Firefox\Certificates]
"ImportEnterpriseRoots"="1"

=== End of ExportKey ===
"HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => removed successfully
aesfpkwp => service not found.
C:\Users\Tom78\Desktop\FRST-OlderVersion => moved successfully
C:\Users\Tom78\AppData\Local\SquirrelTemp => moved successfully
C:\Users\Tom78\en_res.dll => moved successfully
C:\Users\Tom78\es_res.dll => moved successfully
C:\Users\Tom78\fr_res.dll => moved successfully
C:\Users\Tom78\grm_res.dll => moved successfully
C:\Users\Tom78\it_res.dll => moved successfully
C:\Users\Tom78\jp_res.dll => moved successfully
C:\Users\Tom78\mfc80u.dll => moved successfully
C:\Users\Tom78\msvcr80.dll => moved successfully
C:\Users\Tom78\PCPE Setup.exe => moved successfully
C:\Users\Tom78\pt_res.dll => moved successfully
C:\Users\Tom78\ResourceReader.dll => moved successfully
C:\Users\Tom78\ru_res.dll => moved successfully
C:\Users\Tom78\zh_res.dll => moved successfully
C:\Users\Tom78\AppData\Roaming\gta5_patch.bin => moved successfully
C:\Users\Tom78\AppData\Roaming\patcher.dll => moved successfully
C:\Users\Tom78\AppData\Local\MSGBOX.EXE => moved successfully
"C:\Program Files\IObit" => not found
C:\Program Files (x86)\IObit => moved successfully
"C:\Program Files\Common Files\IObit" => not found
C:\ProgramData\IObit => moved successfully
C:\ProgramData\ProductData => moved successfully
"C:\Users\Tom78\AppData\Local\IObit" => not found
C:\Users\Tom78\AppData\LocalLow\IObit => moved successfully
C:\Users\Tom78\AppData\Roaming\IObit => moved successfully

=========== "C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ==========

not found

========= End -> "C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ========


=========== "C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ========

"C:\Users\Default\AppData\Local\IObit" => not found
"C:\Users\Default\AppData\LocalLow\IObit" => not found
"C:\Users\Default\AppData\Roaming\IObit" => not found

=========== "C:\Users\Public\Desktop\*Driver Booster*" ==========

not found

========= End -> "C:\Users\Public\Desktop\*Driver Booster*" ========


=========== "C:\Users\Public\Desktop\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Public\Desktop\*Advanced SystemCare*" ========

C:\Windows\IObit => moved successfully
"C:\Windows\Tasks\ImCleanDisabled" => not found
"C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5801770 B
Java, Flash, Steam htmlcache => 367439426 B
Windows/system/drivers => 2627687 B
Edge => 0 B
Chrome => 1074920723 B
Firefox => 1094450808 B
Opera => 1165679180 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 0 B
Tom78 => 14311465 B

RecycleBin => 0 B
EmptyTemp: => 3.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 01:02:10 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu. Děkuji.

#8 Příspěvek od Conder »

:arrow: Ako to vyzera s PC? Su nejake problemy?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

pan Hankey
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 30 čer 2017 21:18

Re: Prosím o kontrolu logu. Děkuji.

#9 Příspěvek od pan Hankey »

Celkem dobrý.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu. Děkuji.

#10 Příspěvek od Conder »

:arrow: Logy vyzeraju OK. Ak uz uz teda nie su ziadne problemy, tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

pan Hankey
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 30 čer 2017 21:18

Re: Prosím o kontrolu logu. Děkuji.

#11 Příspěvek od pan Hankey »

Hotovo. Jestli je to všechno tak děkuji za pomoc.

# DelFix v1.013 - Logfile created 08/06/2019 at 21:08:07
# Updated 17/04/2016 by Xplode
# Username : Tom78 - STROJ
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\RSIT
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Tom78\Desktop\Addition.txt
Deleted : C:\Users\Tom78\Desktop\adwcleaner_7.3.exe
Deleted : C:\Users\Tom78\Desktop\Fixlog.txt
Deleted : C:\Users\Tom78\Desktop\FRST.txt
Deleted : C:\Users\Tom78\Desktop\FRST64.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

########## - EOF - ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu. Děkuji.

#12 Příspěvek od Conder »

Ano, to by bolo vsetko. Nie je zaco, rad som pomohol :)
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

pan Hankey
Návštěvník
Návštěvník
Příspěvky: 55
Registrován: 30 čer 2017 21:18

Re: Prosím o kontrolu logu. Děkuji.

#13 Příspěvek od pan Hankey »

Děkuju

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu. Děkuji.

#14 Příspěvek od Conder »

:) Thread zamykam ako vyriesene :closed:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Zamčeno