kontrola - kde je problém

Zpráva

afro-0 · #1 Příspěvek od **afro-0** » 14 dub 2020 15:21

Zdravím, prosím o kontrolu systému, počítač je v posledních dnech výrazně pomalejší, někdy musím pc restartovat abych z něj dostal nějaké výsledky (někdy i několikrát po sobě, když se zasekne mazání velkého souboru nebo nějaký program).
Pc je sice už starší ale doteď tohle nedělal. Děkuji mnohokrát.

Logfile of random's system information tool 1.10 (written by random/random)
Run by doma at 2020-04-14 16:06:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 23 GB (23%) free of 100 GB
Total RAM: 4095 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:06:37, on 14.4.2020
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Users\doma\AppData\Roaming\uTorrent\uninstall.exe
C:\Users\doma\AppData\Roaming\uTorrent\utorrent.exe
C:\Program Files\trend micro\doma.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://securesearch.org/homepage?hp=2& ... 2020-04-14 12:40:35&bName=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE11ENUS/WOL_WCP
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4 - HKCU\..\Run: [AvastBrowserAutoLaunch_75FB0DFF46A3918D104EF3B6503EF98A] "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --auto-launch-at-startup --check-run=src=logon --profile-directory=Default
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Users\doma\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.2 ... rol_32.CAB
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Application\80.0.3764.149\elevation_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7834 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {39BEDFEF-A634-4779-8970-13F1463BBD89}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a3147fce-cb44-48a0-a363-051119d18616 -SystemEventPortName:HostProcess-4cf7fccd-0b10-47b7-a01d-75aa22986d0b -IoCancelEventPortName:HostProcess-1f8fe8f9-39b9-4978-a526-f42f492d8a8a -NonStateChangingEventPortName:HostProcess-d8c39d05-0db3-4b5e-94f4-25c6e1664835 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a418dd55-d77e-4165-a39f-b54168a1f43f -DeviceGroupId:WpdFsGroup
"C:\Program Files\AVAST Software\Avast\aswEngSrv.exe" /pipename="79F0CA9D-7784-63DC-E5B2-816031E4835E" /binpath="C:\Program Files\AVAST Software\Avast"
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\servicing\TrustedInstaller.exe
"taskhost.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
C:\Windows\Explorer.EXE
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
AvastUI.exe /nogui
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\Windows\system32\conhost.exe "1334407315-1266589418-15363894611850482364-6681666522085646015-1775357842268578531
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Users\doma\AppData\Roaming\uTorrent\uninstall.exe" backup
utorrent.exe
C:\Windows\system32\wbem\wmiprvse.exe
dummy /ccupdate
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\WmiApSrv.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528

"C:\Users\doma\Downloads\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-12-23 582008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-12-23 245112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-11 13776088]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2020-03-03 277664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastBrowserAutoLaunch_75FB0DFF46A3918D104EF3B6503EF98A"=C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2020-03-19 1875592]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
"uTorrent"=C:\Users\doma\AppData\Roaming\uTorrent\utorrent.exe [2018-10-25 414656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-10-06 601424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\doma\AppData\Roaming\uTorrent\utorrent.exe [2018-10-25 414656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^doma^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^KooBits 4.lnk]
C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"vidc.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-04-14 16:06:31 ----D---- C:\Program Files\trend micro
2020-04-14 16:06:29 ----D---- C:\rsit
2020-04-14 15:57:04 ----A---- C:\Windows\system32\aswBoot.exe
2020-04-14 15:56:15 ----A---- C:\Windows\system32\drivers\aswfb740bf2f73eeece.tmp
2020-04-14 15:56:14 ----A---- C:\Windows\system32\drivers\aswab3b8169ea5f4471.tmp
2020-04-14 15:56:13 ----A---- C:\Windows\system32\drivers\aswNetHub.sys
2020-04-14 15:55:50 ----A---- C:\Windows\system32\drivers\aswNetNd6.sys
2020-04-06 20:35:55 ----D---- C:\Program Files (x86)\Gabest
2020-04-06 20:35:30 ----A---- C:\Windows\system32\xvidvfw.dll
2020-04-06 20:35:30 ----A---- C:\Windows\system32\xvidcore.dll
2020-04-06 20:35:29 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2020-04-06 20:35:29 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2020-04-06 20:35:28 ----D---- C:\Program Files (x86)\Xvid
2020-04-06 20:34:39 ----D---- C:\Program Files (x86)\AviSynth 2.5

======List of files/folders modified in the last 1 month======

2020-04-14 16:06:31 ----D---- C:\Program Files
2020-04-14 16:06:27 ----D---- C:\Users\doma\AppData\Roaming\uTorrent
2020-04-14 16:04:45 ----D---- C:\Windows\Temp
2020-04-14 16:04:21 ----D---- C:\Windows\system32\drivers
2020-04-14 15:59:06 ----D---- C:\ProgramData\NVIDIA
2020-04-14 15:57:58 ----D---- C:\Windows\inf
2020-04-14 15:57:57 ----D---- C:\Windows\system32\DriverStore
2020-04-14 15:57:04 ----D---- C:\Windows\System32
2020-04-14 15:54:51 ----D---- C:\Windows\system32\config
2020-04-14 15:54:37 ----D---- C:\Windows
2020-04-14 15:44:45 ----D---- C:\Windows\Prefetch
2020-04-14 15:17:20 ----D---- C:\Windows\SysWOW64
2020-04-14 15:16:08 ----RD---- C:\Program Files (x86)
2020-04-14 15:16:01 ----HD---- C:\ProgramData
2020-04-14 14:40:59 ----D---- C:\Windows\system32\Tasks
2020-04-09 13:41:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2020-04-09 12:00:13 ----D---- C:\Users\doma\AppData\Roaming\DAEMON Tools Lite
2020-04-09 11:56:06 ----D---- C:\Windows\Logs
2020-04-08 02:04:10 ----SHD---- C:\System Volume Information
2020-04-02 18:26:23 ----D---- C:\Program Files (x86)\Battle.net
2020-03-26 13:23:07 ----D---- C:\ProgramData\AVAST Software
2020-03-21 21:21:41 ----SHD---- C:\Windows\Installer
2020-03-18 20:24:04 ----D---- C:\Program Files (x86)\Diablo III
2020-03-17 12:43:23 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswArDisk;aswArDisk; C:\Windows\system32\drivers\aswArDisk.sys [2020-04-14 37856]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2020-04-14 178968]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2020-04-14 60696]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2020-04-14 85056]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2020-04-14 317280]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2016-03-14 834544]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2020-04-14 206120]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2020-04-14 234776]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2020-04-14 42984]
R1 aswNetHub;aswNetHub; C:\Windows\system32\drivers\aswNetHub.sys [2020-04-14 492144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2020-04-14 109480]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2020-04-14 851808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2020-04-14 459608]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2017-08-10 254528]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2020-03-03 175400]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2020-03-03 235184]
R3 aswNetNd6;Avast Firewall NDIS6 Helper; C:\Windows\system32\DRIVERS\aswNetNd6.sys [2020-04-14 38152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-12-11 4351960]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2010-08-12 350952]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2017-10-11 50624]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2017-08-18 57792]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2017-08-10 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-08-10 47672]
S3 grmnusb;grmnusb; C:\Windows\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-10-11 30144]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2014-05-03 34816]
S3 wdm_usb;wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [2016-03-10 151184]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-02-25 88648]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2020-03-03 413472]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11 518080]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-11-14 932728]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-10-11 460736]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-12-11 292568]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-11-14 426040]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2020-03-03 6046624]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-30 164984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-28 153168]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-03-13 335416]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-30 164984]
S3 AvastSecureBrowserElevationService;Avast Secure Browser Elevation Service; C:\Program Files (x86)\AVAST Software\Browser\Application\80.0.3764.149\elevation_service.exe [2020-03-19 973760]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\elevation_service.exe [2020-04-02 1113072]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-28 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-02-26 116224]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11 518080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-27 1255736]
S4 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]

-----------------EOF-----------------

#2 Příspěvek od **Conder** » 14 dub 2020 15:52

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

Uloz na plochu a ukonci vsetky programy
Spusti AdwCleaner ako spravca
Odsuhlas licencne podmienky
Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
V pripade nalezov nechaj vsetky nalezy oznacene a klikni na Karantena
Ak nebudu ziadne nalezy, klikni na
Pockaj na dokoncenie a potvrd restartovanie PC
Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
Otvori sa log, jeho obsah sem skopiruj

afro-0 · #3 Příspěvek od **afro-0** » 14 dub 2020 17:32

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-14-2020
# Duration: 00:00:02
# OS: Windows 7 Home Premium
# Cleaned: 9
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\doma\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

Deleted Adaware Secure Search - nladljmabboanhihfkjacnnkgjhnokhj

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2219 octets] - [14/04/2020 18:25:41]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#4 Příspěvek od **Conder** » 14 dub 2020 23:16

Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

afro-0 · #5 Příspěvek od **afro-0** » 15 dub 2020 13:19

Ještě jedna prosbička navíc, po spuštění systému windows se automaticky spouští daemon tools lite a také prohlížeč avast secure browser,
Nepřišel jsem na kde tyto dvě věci vypnout, prosím o radu či pomoc v tomto . Moc děkuji.

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-04-2020
Ran by doma (administrator) on DOMA-PC (Hewlett-Packard G5242sc) (15-04-2020 14:10:14)
Running from C:\Users\doma\Desktop
Loaded Profiles: doma (Available Profiles: doma)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <17>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13776088 2014-12-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108216 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\...\Run: [AvastBrowserAutoLaunch_75FB0DFF46A3918D104EF3B6503EF98A] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1875592 2020-03-19] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] () [File not signed]
HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\...\MountPoints2: {06e62a80-cbb3-11e8-aa98-7071bcc8c232} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\...\MountPoints2: {91163e9c-a625-11e9-90c1-7071bcc8c232} - F:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-07] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\80.0.3764.149\Installer\chrmstp.exe [2020-04-02] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.75\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D5DDDF2-5AC1-4CB2-9240-27E5F296B25B} - System32\Tasks\{DBDCA945-F36E-4AA2-858E-EF5B64D63186} => C:\Windows\system32\pcalua.exe -a C:\Users\doma\Downloads\MSVBVM50.EXE -d C:\Users\doma\Downloads
Task: {0EF3516F-E214-45D1-9FD6-B95A8310E3A0} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-30] (AVAST Software s.r.o. -> AVAST Software)
Task: {191E542A-9F8F-4636-976B-253BFDC8E345} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1CD15F07-0F03-4B39-9662-6105C458D10B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-28] (Avast Software s.r.o. -> Avast Software)
Task: {1ECC92E3-0066-4CBD-9312-1501B4E96FA2} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1875592 2020-03-19] (Avast Software s.r.o. -> AVAST Software)
Task: {26773258-08B9-4077-93F2-FFFD23C40EA2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-03-13] (Adobe Inc. -> Adobe)
Task: {2FBCA2CD-FF07-4AD9-BA79-A77D7DE1DD0F} - System32\Tasks\{62C540AB-6265-405C-B028-69202085FFEE} => E:\setup.exe
Task: {35FBAC93-1803-4F45-9886-8C7AA1713F05} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {38201600-17DA-4BB4-BE0E-E7B724D2F21C} - System32\Tasks\{5987CF32-F115-46B3-B23E-3E1CBF29D6D8} => C:\Program Files (x86)\Magic 2015\DotP_D15.exe
Task: {39F7EC67-CC67-46C1-96F6-F5ECFFA6A1BC} - System32\Tasks\{5631E135-AA8B-4EEC-8FDD-1029C364E03B} => C:\Users\doma\Desktop\byt\BYT_P2.EXE
Task: {4BD48B25-5E98-4C6D-BD57-968B2F2DD0BE} - System32\Tasks\{DBCBD086-4C5E-46B3-9BAE-483B91874050} => C:\Windows\system32\pcalua.exe -a C:\Users\doma\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=smt
Task: {4CCE713F-F7E0-4646-A23E-6E66A1782BCB} - System32\Tasks\{4A9972DB-094F-47BB-B405-048924F0DCC0} => C:\Users\doma\Desktop\byt\BYT_P2.EXE
Task: {58A15BEA-8E59-426F-AF3E-6010506D849F} - System32\Tasks\{8915AB97-9140-4D1A-8EC4-C1BEB2767052} => C:\Users\doma\Desktop\byt\BYT_P2.EXE
Task: {5A2E8309-70E9-4616-A6D4-39DD4D1FB529} - System32\Tasks\{5BC5738E-4B2E-44ED-9167-70C4C8F9628E} => C:\Program Files (x86)\Magic 2015\DotP_D15.exe
Task: {5B21EF40-ED63-42DC-A3D2-6028E8531B90} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-15] (Adobe Inc. -> Adobe)
Task: {5B3C9FB2-A33B-4466-B386-61587C510DAB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [960448 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5F00D1FF-8EBC-4D34-ADAC-CA007C88E8C4} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6A8613DC-DE7B-4F00-8E79-1DE63A654802} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E417BE2-CB2D-4311-AB9F-042415876DFF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14544792 2018-10-23] (Piriform Software Ltd -> Piriform Ltd)
Task: {6F1AD5BD-0794-4C2F-97FB-026C8950927A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-30] (AVAST Software s.r.o. -> AVAST Software)
Task: {77B5CEE6-DE84-4859-881D-7B0EAAECDCE6} - System32\Tasks\{B2FF17D3-2E10-4B0F-9866-4CCFE0C8442F} => C:\Windows\system32\pcalua.exe -a E:\Setup\rsrc\Autorun.exe -d E:\
Task: {8003BA1B-2D79-49AB-AA50-420036B76E18} - System32\Tasks\{D19BF509-7E11-4AE4-835A-0A7ADBCD8774} => C:\Program Files (x86)\Magic 2015\DotP_D15.exe
Task: {868C21EA-3696-4BB9-8833-8B94B75A7A57} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [1174016 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Task: {9FB940AD-E941-4736-A02C-A53DC1BCB4DB} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1875592 2020-03-19] (Avast Software s.r.o. -> AVAST Software)
Task: {A2B46E42-832A-4FDC-A3B5-D8E75C24599F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A40C9D16-2B26-4708-A846-8CAB3FAB418A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-28] (Google Inc -> Google Inc.)
Task: {B1F8992A-F08A-41E3-9581-526092EB385F} - System32\Tasks\{8A240A8F-7E48-4261-8AB1-3F08EC1124DC} => C:\Program Files (x86)\Magic 2015\DotP_D15.exe
Task: {BE45FD7C-11E6-4521-9936-39FC1868303A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-28] (Google Inc -> Google Inc.)
Task: {C0B8F65C-6BDE-4073-84D0-87673DE6401A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {DB8CA683-8220-4AF2-AB80-591DC9CE49F7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DD677ACB-27AB-40B8-ACB2-69630E0B494C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {EE19C081-D466-4E11-AB0F-8BD1E201DE7A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3325032 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
Task: {F0D1DD36-6CBA-4C6B-A924-0FCCE3DC1FAF} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F3328EB8-8B8D-49A8-89FF-9FFC95316238} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1542080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F38DAEFA-0870-4C99-A044-5D6931AEFC1B} - System32\Tasks\{52C5A6B6-EA08-45B8-8C6A-4032F3B00C9D} => C:\Users\doma\Desktop\byt\BYT_P2.EXE
Task: {FE05401A-C914-461C-82D0-BA6E0E43C302} - System32\Tasks\{7FC2C6BF-F64A-4EA8-AADB-C2FEB9A98FC1} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Tanbee\Tanbee MKV Converter\uninst.exe"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{A93A6509-4855-43FC-A31D-E977FA94D6FE}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&r ... d=ie7&rlz=
HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT171101&iDate=2020-04-14 12:40:35&bName=
HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=en-us
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-12-23] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-12-23] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-13] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-12-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-12-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-13] (Adobe Inc. -> )
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default [2020-04-15]
CHR DownloadDir: C:\Users\doma\Downloads
CHR Notifications: Default -> hxxps://lightpdf.com; hxxps://www.autohotarek.cz; hxxps://www.chance.cz; hxxps://www.kupi.cz
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.com/"
CHR Extension: (Dokumenty) - C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (GCVote) - C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\boingbkmoapffongfpcancmephhnmehp [2017-10-29]
CHR Extension: (Adaware Ad Block) - C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmllgdnjnkbapbchnebiedipojhmnjej [2018-06-30]
CHR Extension: (Vyhledávání Google) - C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tipli do prohlížeče) - C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2019-03-15]
CHR Extension: (Tampermonkey) - C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-12-01]
CHR Extension: (Adobe Acrobat) - C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-04]
CHR Extension: (Avast Passwords) - C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2020-02-10]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-03-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-13]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-15]
CHR Extension: (DeftPDF) - C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghnkoikialmacnjlibfmlnhhihndepb [2020-03-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Adaware Web Protection) - C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnooggpliipegmffiolegeppbgkclbpi [2020-03-31]
CHR Extension: (Gmail) - C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03]
CHR Extension: (Geoseznam) - C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkejgpgaflkeonkliblcplomemekogop [2018-09-12]
CHR HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5504928 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-30] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [345384 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-30] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\80.0.3764.149\elevation_service.exe [973760 2020-03-19] (Avast Software s.r.o. -> AVAST Software)
S4 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2006-11-10] (Nero AG) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-12-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37856 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [206120 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [234776 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [178968 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60696 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42984 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175920 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [492144 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109480 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85056 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851808 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [459608 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235696 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [317280 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-08-10] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-08-10] (Disc Soft Ltd -> Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2017-08-10] (DT Soft Ltd -> DT Soft Ltd)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2016-03-14] () [File not signed]
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [151184 2016-03-10] (NGO -> MBB)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-15 14:10 - 2020-04-15 14:11 - 000026565 _____ C:\Users\doma\Desktop\FRST.txt
2020-04-15 14:08 - 2020-04-15 14:10 - 000000000 ____D C:\FRST
2020-04-15 14:07 - 2020-04-15 14:07 - 002281472 _____ (Farbar) C:\Users\doma\Desktop\FRST64.exe
2020-04-14 18:24 - 2020-04-14 18:26 - 000000000 ____D C:\AdwCleaner
2020-04-14 18:19 - 2020-04-14 18:19 - 008196784 _____ (Malwarebytes) C:\Users\doma\Desktop\adwcleaner_8.0.4.exe
2020-04-14 16:06 - 2020-04-14 16:06 - 000000000 ____D C:\rsit
2020-04-14 16:06 - 2020-04-14 16:06 - 000000000 ____D C:\Program Files\trend micro
2020-04-14 16:05 - 2020-04-14 16:05 - 001222144 _____ C:\Users\doma\Downloads\RSITx64.exe
2020-04-14 15:57 - 2020-04-14 15:55 - 000337048 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-04-14 15:56 - 2020-04-14 16:01 - 000492144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-04-14 15:56 - 2020-04-14 15:55 - 000235696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-04-14 15:56 - 2020-04-14 15:55 - 000175920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-04-14 15:55 - 2020-04-14 15:55 - 000038152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys
2020-04-14 15:48 - 2020-04-14 15:48 - 001822672 _____ (emc) C:\Users\doma\Downloads\uTorrent221.exe
2020-04-14 15:48 - 2020-04-14 15:48 - 000000946 _____ C:\Users\doma\Desktop\µTorrent.lnk
2020-04-14 15:48 - 2020-04-14 15:48 - 000000000 ____D C:\Users\doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2020-04-14 15:31 - 2020-04-14 15:31 - 000091035 _____ C:\Users\doma\Downloads\[CzT]Resident_Evil_2002_2016_CZ_EN_1080pHD_.torrent
2020-04-14 15:20 - 2020-04-14 15:20 - 000051252 _____ C:\Users\doma\Downloads\[CzT]Resident_Evil_1_6_2002_2016_CZ_.torrent
2020-04-14 14:40 - 2020-04-14 14:43 - 000000000 ____D C:\Users\doma\AppData\Local\BitTorrentHelper
2020-04-08 18:06 - 2020-04-08 18:06 - 001340253 _____ C:\Users\doma\Downloads\agents-of-shield-subtitles-cz-5.zip
2020-04-08 14:54 - 2020-04-08 14:55 - 000057478 _____ C:\Users\doma\Downloads\S05E01.zip
2020-04-07 20:10 - 2020-04-07 20:10 - 000032128 _____ C:\Users\doma\Downloads\Marvel-s-Agents.of.S.H.I.E.L.D.S06E03 (1).zip
2020-04-06 20:35 - 2020-04-14 15:17 - 000000000 ____D C:\Program Files (x86)\Gabest
2020-04-06 20:35 - 2020-04-06 20:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
2020-04-06 20:35 - 2020-04-06 20:35 - 000000000 ____D C:\Program Files (x86)\Xvid
2020-04-06 20:35 - 2011-05-30 15:42 - 000255488 _____ C:\Windows\system32\xvidvfw.dll
2020-04-06 20:35 - 2011-05-30 15:42 - 000240640 _____ C:\Windows\SysWOW64\xvidvfw.dll
2020-04-06 20:35 - 2011-05-23 11:52 - 000153088 _____ C:\Windows\SysWOW64\xvid.ax
2020-04-06 20:35 - 2011-05-23 09:49 - 000173568 _____ C:\Windows\system32\xvid.ax
2020-04-06 20:35 - 2011-05-23 09:46 - 000645632 _____ C:\Windows\SysWOW64\xvidcore.dll
2020-04-06 20:35 - 2011-05-23 09:45 - 000696832 _____ C:\Windows\system32\xvidcore.dll
2020-04-06 20:34 - 2020-04-11 12:25 - 000000000 ____D C:\Program Files (x86)\AviSynth 2.5
2020-04-06 20:34 - 2020-04-06 20:34 - 030194425 _____ (AVI ReComp Team) C:\Users\doma\Downloads\AVI_ReComp_1.5.6_Setup.exe
2020-04-06 20:18 - 2020-04-06 20:18 - 000065349 _____ C:\Users\doma\Downloads\Runaways-S03E06(0000325544) (1).srt
2020-04-06 20:17 - 2020-04-06 20:17 - 000065349 _____ C:\Users\doma\Downloads\Runaways-S03E06(0000325544).srt
2020-03-30 19:51 - 2020-03-30 19:51 - 000066603 _____ C:\Users\doma\Downloads\Tisk úloh z matematiky.pdf
2020-03-27 14:14 - 2020-03-27 14:14 - 000017082 _____ C:\Users\doma\Downloads\prochajda.gpx
2020-03-20 12:15 - 2020-03-20 12:15 - 005192280 _____ (Husdawg, LLC) C:\Users\doma\Downloads\Detection.exe
2020-03-19 10:49 - 2020-03-19 10:49 - 000240610 _____ C:\Users\doma\Downloads\faktura200266755 (1).pdf
2020-03-19 10:30 - 2020-03-19 10:30 - 000050928 _____ C:\Users\doma\Downloads\Informace o splatnosti k pojistne smlouve c 1835825112.zip

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-15 14:10 - 2014-06-11 04:52 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-04-15 14:10 - 2014-06-11 04:52 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-04-15 14:10 - 2014-06-11 04:52 - 000004396 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-04-15 14:10 - 2014-01-27 18:55 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-04-15 14:10 - 2014-01-27 18:55 - 000000000 ____D C:\Windows\system32\Macromed
2020-04-15 14:08 - 2018-06-30 09:28 - 000000000 ____D C:\Users\doma\AppData\Local\AVAST Software
2020-04-15 14:07 - 2014-01-27 18:56 - 000000000 ____D C:\ProgramData\AVAST Software
2020-04-15 14:06 - 2018-05-19 19:54 - 000000000 ____D C:\Users\doma\AppData\Roaming\uTorrent
2020-04-15 14:04 - 2009-07-14 06:45 - 000031936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-04-15 14:04 - 2009-07-14 06:45 - 000031936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-04-15 14:03 - 2014-01-27 18:53 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-15 13:59 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-14 18:20 - 2017-04-09 21:22 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-04-14 15:57 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-04-14 15:55 - 2019-01-14 16:20 - 000234776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-04-14 15:55 - 2019-01-04 20:38 - 000178968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-04-14 15:55 - 2019-01-04 20:38 - 000060696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-04-14 15:55 - 2019-01-04 20:38 - 000037856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-04-14 15:55 - 2018-10-19 19:26 - 000042984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-04-14 15:55 - 2017-11-12 16:32 - 000206120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-04-14 15:55 - 2014-01-27 18:57 - 000851808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-04-14 15:55 - 2014-01-27 18:57 - 000459608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-04-14 15:55 - 2014-01-27 18:57 - 000317280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-04-14 15:55 - 2014-01-27 18:57 - 000109480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-04-14 15:55 - 2014-01-27 18:57 - 000085056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-04-13 15:46 - 2014-02-26 22:00 - 000000000 ____D C:\Users\doma\AppData\Local\Battle.net
2020-04-13 15:45 - 2020-02-16 10:11 - 000003814 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-13 15:45 - 2020-02-16 10:11 - 000003798 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-13 15:45 - 2020-02-16 10:10 - 000004146 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-13 15:45 - 2020-02-16 10:10 - 000003738 _____ C:\Windows\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-13 15:45 - 2020-02-16 10:10 - 000003738 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-13 15:45 - 2020-02-16 10:10 - 000003730 _____ C:\Windows\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-13 15:45 - 2020-02-16 10:10 - 000003554 _____ C:\Windows\system32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-13 15:45 - 2020-02-16 10:10 - 000003494 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-13 15:45 - 2018-06-30 13:00 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-04-13 15:45 - 2018-06-30 13:00 - 000002786 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-04-13 15:45 - 2018-03-14 16:19 - 000004524 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-04-13 15:45 - 2018-02-28 17:58 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-04-13 15:45 - 2018-02-28 17:58 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-04-13 15:45 - 2015-12-04 05:38 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-04-13 15:45 - 2015-06-21 09:33 - 000002934 _____ C:\Windows\system32\Tasks\{4A9972DB-094F-47BB-B405-048924F0DCC0}
2020-04-13 15:45 - 2015-03-10 22:33 - 000003160 _____ C:\Windows\system32\Tasks\SidebarExecute
2020-04-13 15:45 - 2014-12-24 11:17 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-04-09 13:41 - 2010-11-21 11:27 - 000766164 _____ C:\Windows\system32\perfh005.dat
2020-04-09 13:41 - 2010-11-21 11:27 - 000195804 _____ C:\Windows\system32\perfc005.dat
2020-04-09 13:41 - 2009-07-14 07:13 - 001742112 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-09 12:00 - 2014-04-22 18:38 - 000000000 ____D C:\Users\doma\AppData\Roaming\DAEMON Tools Lite
2020-04-07 21:23 - 2018-02-28 17:58 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-07 21:23 - 2018-02-28 17:58 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-07 21:23 - 2018-02-28 17:58 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-04-02 18:26 - 2014-02-26 21:59 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-04-02 18:17 - 2019-06-28 15:14 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-04-02 18:17 - 2019-06-28 15:14 - 000003150 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-04-02 18:17 - 2018-06-30 09:31 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-04-02 18:17 - 2018-06-30 09:31 - 000002386 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-04-02 18:17 - 2018-06-30 09:31 - 000002386 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2020-03-19 23:15 - 2014-06-07 18:17 - 000000000 ____D C:\Users\doma\AppData\LocalLow\KMPlayer
2020-03-19 23:11 - 2017-11-12 17:05 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-18 20:24 - 2014-01-29 18:09 - 000000000 ____D C:\Program Files (x86)\Diablo III

==================== Files in the root of some directories ========

2014-06-07 20:03 - 2014-06-07 20:03 - 000000540 _____ () C:\Users\doma\AppData\Roaming\AutoGK.ini
2015-10-07 21:19 - 2015-10-18 14:48 - 000000197 _____ () C:\Users\doma\AppData\Local\Ciferace.ini
2014-07-12 22:25 - 2014-07-12 22:25 - 000003584 _____ () C:\Users\doma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-10-30 15:55 - 2017-10-30 15:55 - 000000036 _____ () C:\Users\doma\AppData\Local\housecall.guid.cache
2014-11-15 16:58 - 2014-11-15 16:58 - 000001207 _____ () C:\Users\doma\AppData\Local\recently-used.xbel
2018-11-06 08:27 - 2018-11-06 08:27 - 000007604 _____ () C:\Users\doma\AppData\Local\Resmon.ResmonCfg
2016-07-18 22:47 - 2016-10-11 22:03 - 000000196 _____ () C:\Users\doma\AppData\Local\setupciferace0-302.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2020-04-07 19:14
==================== End of FRST.txt ========================

afro-0 · #6 Příspěvek od **afro-0** » 15 dub 2020 13:19

ADDITION:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2020
Ran by doma (15-04-2020 14:11:38)
Running from C:\Users\doma\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-01-27 16:44:53)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3153835651-1892699775-2217729689-500 - Administrator - Disabled)
doma (S-1-5-21-3153835651-1892699775-2217729689-1001 - Administrator - Enabled) => C:\Users\doma
Guest (S-1-5-21-3153835651-1892699775-2217729689-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3153835651-1892699775-2217729689-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.363 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Aktualizace NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.7943 - DsNET Corp)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.2.2401 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 80.0.3764.149 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.141.333 - AVAST Software) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.48 - Piriform)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
Debugging Tools for Windows (x86) (HKLM-x32\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
Epic Games Launcher (HKLM-x32\...\{DCE27B29-200D-491A-BBC5-98ECEFEC0843}) (Version: 1.1.257.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
K-Lite Mega Codec Pack 10.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.2.0 - )
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.1.4 - PandoraTV)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
MediaInfo 0.7.98 (HKLM\...\MediaInfo) (Version: 0.7.98 - MediaArea.net)
Microsoft .NET Framework 4.7.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
MKVtoolnix 4.9.1 (HKLM-x32\...\MKVtoolnix) (Version: 4.9.1 - Moritz Bunkus)
Mp3 Knife 3.4 (HKLM-x32\...\Mp3 Knife_is1) (Version: - Vicky's Cool Softwares)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM-x32\...\{4908C75E-E5E2-43F7-B1DF-023CBA831029}) (Version: 7.02.2631 - Nero AG)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Ovládací panel NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
PlayLiteM 1.0.1.4.LM (HKLM-x32\...\{0A82E91F-6B47-4D36-AEF1-40481CAB06E2}_is1) (Version: 1.0.1.3 - AVTECH)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-14] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-14] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-14] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-14] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-14] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3554304 2013-03-17] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\system32\xvidvfw.dll [255488 2011-05-30] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [127488 2013-12-20] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\i420vfw.dll [70656 2004-01-25] (www.helixcommunity.org) [File not signed]
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3649536 2013-03-17] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [240640 2011-05-30] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2013-12-20] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\yv12vfw.dll [70656 2004-01-25] (www.helixcommunity.org) [File not signed]
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2020-02-16 11:28 - 2016-11-14 11:45 - 001408200 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-06-17 15:38 - 000000104 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\MKVtoolnix
HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\doma\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^Users^doma^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^KooBits 4.lnk => C:\Windows\pss\KooBits 4.lnk.Startup
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\doma\AppData\Roaming\uTorrent\utorrent.exe"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{EE9BC9D4-B9B1-4839-8791-6F203B168692}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{4057DEB9-FEEE-4FCC-8FE8-03BFCB1F415D}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{AC476C0B-4D5C-4ED6-A2BE-474D5F4BF1F9}] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{217ACF65-EF28-437B-B888-935154FE6C3C}] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{B1920D45-B74D-4134-86E9-97EF59BF7FC7}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{EF98DE1E-AF64-42FB-801D-F0E30582CCB7}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{3F4EE74C-B3C2-4F03-8331-B1EB8ED1B4B9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{CA296A89-EFF0-4D57-B5CF-6F20201C9446}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{2AE6AE77-8058-471E-A310-4B7AF0E00A9F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B752D1DD-104F-46E0-B7F6-3D1E35CB5355}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4F3277CA-504E-49FC-BA1B-DA69DA4A8362}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D20679B7-1BCF-41D5-9D46-F9D9D81F7339}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BE8F580F-05FE-418E-8BC7-34B64C881C36}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{C704A829-192C-473B-AB3C-D13B46264FA1}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [UDP Query User{72811D2D-FF96-41E2-AF0C-72496D607B8C}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [{B531FBA4-05FB-40E1-B0AB-A08C0EEDF51B}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{65D47CFE-69D2-4854-AF9D-E076C4C71B32}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{EDFAA04A-3B35-49F6-93C1-8F548FC83AA3}C:\users\doma\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\doma\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{6AA8B16E-A1D8-437B-803C-26C170A3958B}C:\users\doma\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\doma\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]

==================== Restore Points =========================

07-04-2020 22:57:21 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: ========================

Application errors:
==================
Error: (04/15/2020 01:59:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/14/2020 10:36:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/14/2020 06:28:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/14/2020 06:21:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/14/2020 03:54:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/14/2020 03:46:22 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-3153835651-1892699775-2217729689-1001}/>.

Error: (04/14/2020 03:42:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/14/2020 03:36:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

System errors:
=============
Error: (04/15/2020 02:12:37 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (04/15/2020 02:12:37 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (04/15/2020 02:10:36 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (04/15/2020 02:10:35 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (04/15/2020 02:10:31 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (04/15/2020 02:10:31 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (04/15/2020 02:10:09 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (04/15/2020 02:10:09 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

CodeIntegrity:
===================================

Date: 2020-04-15 13:59:19.778
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\MarvinBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-15 13:59:19.497
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\MarvinBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-14 22:36:10.677
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\MarvinBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-14 22:36:10.334
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\MarvinBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-14 18:27:46.490
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\MarvinBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-14 18:27:46.209
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\MarvinBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-14 18:20:43.017
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\MarvinBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-14 18:20:42.705
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\MarvinBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 6.18 06/15/2011
Motherboard: PEGATRON CORPORATION 2A99
Processor: AMD Athlon(tm) II X4 635 Processor
Percentage of memory in use: 87%
Total physical RAM: 4095.3 MB
Available physical RAM: 506.29 MB
Total Virtual: 8188.75 MB
Available Virtual: 4109.71 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.56 GB) (Free:22.08 GB) NTFS
Drive d: () (Fixed) (Total:833.86 GB) (Free:435.43 GB) NTFS

\\?\Volume{55654044-8771-11e3-97ae-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0507077E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=833.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

#7 Příspěvek od **Conder** » 16 dub 2020 01:15

Malo by sa to dat vypnut v nastaveniach danych programov, ale nevadi, v ramci nasledujuceho fixlistu odstranime aj zaznamy, vdaka ktorym sa tie 2 programy automaticky spustaju.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
File: C:\Windows\System32\DRIVERS\MarvinBus64.sys

HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\...\Run: [AvastBrowserAutoLaunch_75FB0DFF46A3918D104EF3B6503EF98A] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1875592 2020-03-19] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\...\MountPoints2: {06e62a80-cbb3-11e8-aa98-7071bcc8c232} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\...\MountPoints2: {91163e9c-a625-11e9-90c1-7071bcc8c232} - F:\HiSuiteDownLoader.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {0D5DDDF2-5AC1-4CB2-9240-27E5F296B25B} - System32\Tasks\{DBDCA945-F36E-4AA2-858E-EF5B64D63186} => C:\Windows\system32\pcalua.exe -a C:\Users\doma\Downloads\MSVBVM50.EXE -d C:\Users\doma\Downloads
Task: {2FBCA2CD-FF07-4AD9-BA79-A77D7DE1DD0F} - System32\Tasks\{62C540AB-6265-405C-B028-69202085FFEE} => E:\setup.exe
Task: {38201600-17DA-4BB4-BE0E-E7B724D2F21C} - System32\Tasks\{5987CF32-F115-46B3-B23E-3E1CBF29D6D8} => C:\Program Files (x86)\Magic 2015\DotP_D15.exe
Task: {39F7EC67-CC67-46C1-96F6-F5ECFFA6A1BC} - System32\Tasks\{5631E135-AA8B-4EEC-8FDD-1029C364E03B} => C:\Users\doma\Desktop\byt\BYT_P2.EXE
Task: {4BD48B25-5E98-4C6D-BD57-968B2F2DD0BE} - System32\Tasks\{DBCBD086-4C5E-46B3-9BAE-483B91874050} => C:\Windows\system32\pcalua.exe -a C:\Users\doma\AppData\Roaming\istartsurf\UninstallManager.exe -c  -ptid=smt
Task: {4CCE713F-F7E0-4646-A23E-6E66A1782BCB} - System32\Tasks\{4A9972DB-094F-47BB-B405-048924F0DCC0} => C:\Users\doma\Desktop\byt\BYT_P2.EXE
Task: {58A15BEA-8E59-426F-AF3E-6010506D849F} - System32\Tasks\{8915AB97-9140-4D1A-8EC4-C1BEB2767052} => C:\Users\doma\Desktop\byt\BYT_P2.EXE
Task: {5A2E8309-70E9-4616-A6D4-39DD4D1FB529} - System32\Tasks\{5BC5738E-4B2E-44ED-9167-70C4C8F9628E} => C:\Program Files (x86)\Magic 2015\DotP_D15.exe
Task: {77B5CEE6-DE84-4859-881D-7B0EAAECDCE6} - System32\Tasks\{B2FF17D3-2E10-4B0F-9866-4CCFE0C8442F} => C:\Windows\system32\pcalua.exe -a E:\Setup\rsrc\Autorun.exe -d E:\
Task: {8003BA1B-2D79-49AB-AA50-420036B76E18} - System32\Tasks\{D19BF509-7E11-4AE4-835A-0A7ADBCD8774} => C:\Program Files (x86)\Magic 2015\DotP_D15.exe
Task: {B1F8992A-F08A-41E3-9581-526092EB385F} - System32\Tasks\{8A240A8F-7E48-4261-8AB1-3F08EC1124DC} => C:\Program Files (x86)\Magic 2015\DotP_D15.exe
Task: {F38DAEFA-0870-4C99-A044-5D6931AEFC1B} - System32\Tasks\{52C5A6B6-EA08-45B8-8C6A-4032F3B00C9D} => C:\Users\doma\Desktop\byt\BYT_P2.EXE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]
2020-04-14 16:06 - 2020-04-14 16:06 - 000000000 ____D C:\rsit
2020-04-14 16:06 - 2020-04-14 16:06 - 000000000 ____D C:\Program Files\trend micro
2020-04-14 16:05 - 2020-04-14 16:05 - 001222144 _____ C:\Users\doma\Downloads\RSITx64.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

Hosts:
EmptyTemp:
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

afro-0 · #8 Příspěvek od **afro-0** » 16 dub 2020 13:41

Děkuji moc, to je mi jasné že v nastavení, hodně věcí se snažím řešit svépomoci jako samouk, většinou googlím, ale u damonu jsem to v nastavení nenašel a prohlížeč sem našel vypnutí ale nefungovalo to tak jsem nevěděl už.

LOG:

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-04-2020
Ran by doma (16-04-2020 14:34:30) Run:1
Running from C:\Users\doma\Desktop
Loaded Profiles: doma (Available Profiles: doma)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
File: C:\Windows\System32\DRIVERS\MarvinBus64.sys

HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\...\Run: [AvastBrowserAutoLaunch_75FB0DFF46A3918D104EF3B6503EF98A] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1875592 2020-03-19] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\...\MountPoints2: {06e62a80-cbb3-11e8-aa98-7071bcc8c232} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\...\MountPoints2: {91163e9c-a625-11e9-90c1-7071bcc8c232} - F:\HiSuiteDownLoader.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {0D5DDDF2-5AC1-4CB2-9240-27E5F296B25B} - System32\Tasks\{DBDCA945-F36E-4AA2-858E-EF5B64D63186} => C:\Windows\system32\pcalua.exe -a C:\Users\doma\Downloads\MSVBVM50.EXE -d C:\Users\doma\Downloads
Task: {2FBCA2CD-FF07-4AD9-BA79-A77D7DE1DD0F} - System32\Tasks\{62C540AB-6265-405C-B028-69202085FFEE} => E:\setup.exe
Task: {38201600-17DA-4BB4-BE0E-E7B724D2F21C} - System32\Tasks\{5987CF32-F115-46B3-B23E-3E1CBF29D6D8} => C:\Program Files (x86)\Magic 2015\DotP_D15.exe
Task: {39F7EC67-CC67-46C1-96F6-F5ECFFA6A1BC} - System32\Tasks\{5631E135-AA8B-4EEC-8FDD-1029C364E03B} => C:\Users\doma\Desktop\byt\BYT_P2.EXE
Task: {4BD48B25-5E98-4C6D-BD57-968B2F2DD0BE} - System32\Tasks\{DBCBD086-4C5E-46B3-9BAE-483B91874050} => C:\Windows\system32\pcalua.exe -a C:\Users\doma\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=smt
Task: {4CCE713F-F7E0-4646-A23E-6E66A1782BCB} - System32\Tasks\{4A9972DB-094F-47BB-B405-048924F0DCC0} => C:\Users\doma\Desktop\byt\BYT_P2.EXE
Task: {58A15BEA-8E59-426F-AF3E-6010506D849F} - System32\Tasks\{8915AB97-9140-4D1A-8EC4-C1BEB2767052} => C:\Users\doma\Desktop\byt\BYT_P2.EXE
Task: {5A2E8309-70E9-4616-A6D4-39DD4D1FB529} - System32\Tasks\{5BC5738E-4B2E-44ED-9167-70C4C8F9628E} => C:\Program Files (x86)\Magic 2015\DotP_D15.exe
Task: {77B5CEE6-DE84-4859-881D-7B0EAAECDCE6} - System32\Tasks\{B2FF17D3-2E10-4B0F-9866-4CCFE0C8442F} => C:\Windows\system32\pcalua.exe -a E:\Setup\rsrc\Autorun.exe -d E:\
Task: {8003BA1B-2D79-49AB-AA50-420036B76E18} - System32\Tasks\{D19BF509-7E11-4AE4-835A-0A7ADBCD8774} => C:\Program Files (x86)\Magic 2015\DotP_D15.exe
Task: {B1F8992A-F08A-41E3-9581-526092EB385F} - System32\Tasks\{8A240A8F-7E48-4261-8AB1-3F08EC1124DC} => C:\Program Files (x86)\Magic 2015\DotP_D15.exe
Task: {F38DAEFA-0870-4C99-A044-5D6931AEFC1B} - System32\Tasks\{52C5A6B6-EA08-45B8-8C6A-4032F3B00C9D} => C:\Users\doma\Desktop\byt\BYT_P2.EXE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]
2020-04-14 16:06 - 2020-04-14 16:06 - 000000000 ____D C:\rsit
2020-04-14 16:06 - 2020-04-14 16:06 - 000000000 ____D C:\Program Files\trend micro
2020-04-14 16:05 - 2020-04-14 16:05 - 001222144 _____ C:\Users\doma\Downloads\RSITx64.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========

Count : 11
Average :
Sum : 12777217
Maximum :
Minimum :
Property : Length

========= End of Powershell: =========

========================= File: C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe ========================

C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
File not signed
MD5: 87A00FAEDD703D8D2BDCB29CE5EEEA6B
Creation and modification date: 2006-11-10 20:18 - 2006-11-10 20:18
Size: 000774144
Attributes: ----A
Company Name: Nero AG
Internal Name: Nero BackItUp
Original Name: NBService.EXE
Product: Nero BackItUp
Description: Nero BackItUp
File Version: 2, 7, 2, 0
Product Version: 2, 7, 2, 0
Copyright: Copyright (c) 1995-2006 Nero AG and its licensors
VirusTotal: https://www.virustotal.com/file/5d568ad ... 580134937/

====== End of File: ======

========================= File: C:\Windows\System32\DRIVERS\MarvinBus64.sys ========================

C:\Windows\System32\DRIVERS\MarvinBus64.sys
File not signed
MD5: 024DA28053D57E9E32BEE52600576BBB
Creation and modification date: 2005-09-23 22:18 - 2005-09-23 22:18
Size: 000261120
Attributes: ----A
Company Name: Pinnacle Systems GmbH
Internal Name: MarvinBus.sys
Original Name: MarvinBus.sys
Product: Pinnacle Marvin Discrete
Description: Pinnacle Marvin Discrete Bus Enumerator
File Version: 2.1.29.0
Product Version: 2.1.29.0
Copyright: Copyright © 2002-2005 Pinnacle Systems, Inc.
VirusTotal: https://www.virustotal.com/file/8ec636d ... 584497872/

====== End of File: ======

"HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AvastBrowserAutoLaunch_75FB0DFF46A3918D104EF3B6503EF98A" => removed successfully
"HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite" => removed successfully
HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{06e62a80-cbb3-11e8-aa98-7071bcc8c232} => removed successfully
HKU\S-1-5-21-3153835651-1892699775-2217729689-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91163e9c-a625-11e9-90c1-7071bcc8c232} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D5DDDF2-5AC1-4CB2-9240-27E5F296B25B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D5DDDF2-5AC1-4CB2-9240-27E5F296B25B}" => removed successfully
C:\Windows\System32\Tasks\{DBDCA945-F36E-4AA2-858E-EF5B64D63186} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DBDCA945-F36E-4AA2-858E-EF5B64D63186}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2FBCA2CD-FF07-4AD9-BA79-A77D7DE1DD0F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FBCA2CD-FF07-4AD9-BA79-A77D7DE1DD0F}" => removed successfully
C:\Windows\System32\Tasks\{62C540AB-6265-405C-B028-69202085FFEE} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{62C540AB-6265-405C-B028-69202085FFEE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38201600-17DA-4BB4-BE0E-E7B724D2F21C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38201600-17DA-4BB4-BE0E-E7B724D2F21C}" => removed successfully
C:\Windows\System32\Tasks\{5987CF32-F115-46B3-B23E-3E1CBF29D6D8} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5987CF32-F115-46B3-B23E-3E1CBF29D6D8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{39F7EC67-CC67-46C1-96F6-F5ECFFA6A1BC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39F7EC67-CC67-46C1-96F6-F5ECFFA6A1BC}" => removed successfully
C:\Windows\System32\Tasks\{5631E135-AA8B-4EEC-8FDD-1029C364E03B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5631E135-AA8B-4EEC-8FDD-1029C364E03B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4BD48B25-5E98-4C6D-BD57-968B2F2DD0BE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BD48B25-5E98-4C6D-BD57-968B2F2DD0BE}" => removed successfully
C:\Windows\System32\Tasks\{DBCBD086-4C5E-46B3-9BAE-483B91874050} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DBCBD086-4C5E-46B3-9BAE-483B91874050}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4CCE713F-F7E0-4646-A23E-6E66A1782BCB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CCE713F-F7E0-4646-A23E-6E66A1782BCB}" => removed successfully
C:\Windows\System32\Tasks\{4A9972DB-094F-47BB-B405-048924F0DCC0} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4A9972DB-094F-47BB-B405-048924F0DCC0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58A15BEA-8E59-426F-AF3E-6010506D849F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58A15BEA-8E59-426F-AF3E-6010506D849F}" => removed successfully
C:\Windows\System32\Tasks\{8915AB97-9140-4D1A-8EC4-C1BEB2767052} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8915AB97-9140-4D1A-8EC4-C1BEB2767052}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A2E8309-70E9-4616-A6D4-39DD4D1FB529}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A2E8309-70E9-4616-A6D4-39DD4D1FB529}" => removed successfully
C:\Windows\System32\Tasks\{5BC5738E-4B2E-44ED-9167-70C4C8F9628E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5BC5738E-4B2E-44ED-9167-70C4C8F9628E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{77B5CEE6-DE84-4859-881D-7B0EAAECDCE6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77B5CEE6-DE84-4859-881D-7B0EAAECDCE6}" => removed successfully
C:\Windows\System32\Tasks\{B2FF17D3-2E10-4B0F-9866-4CCFE0C8442F} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B2FF17D3-2E10-4B0F-9866-4CCFE0C8442F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8003BA1B-2D79-49AB-AA50-420036B76E18}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8003BA1B-2D79-49AB-AA50-420036B76E18}" => removed successfully
C:\Windows\System32\Tasks\{D19BF509-7E11-4AE4-835A-0A7ADBCD8774} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D19BF509-7E11-4AE4-835A-0A7ADBCD8774}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B1F8992A-F08A-41E3-9581-526092EB385F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B1F8992A-F08A-41E3-9581-526092EB385F}" => removed successfully
C:\Windows\System32\Tasks\{8A240A8F-7E48-4261-8AB1-3F08EC1124DC} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8A240A8F-7E48-4261-8AB1-3F08EC1124DC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F38DAEFA-0870-4C99-A044-5D6931AEFC1B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F38DAEFA-0870-4C99-A044-5D6931AEFC1B}" => removed successfully
C:\Windows\System32\Tasks\{52C5A6B6-EA08-45B8-8C6A-4032F3B00C9D} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{52C5A6B6-EA08-45B8-8C6A-4032F3B00C9D}" => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\System32\blank.htm" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\SysWOW64\blank.htm" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@photodex.com/PhotodexPresenter => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nladljmabboanhihfkjacnnkgjhnokhj => removed successfully
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\doma\Downloads\RSITx64.exe => moved successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 33379990 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 78295840 B
Edge => 0 B
Chrome => 258939840 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 256 B
LocalService => 256 B
NetworkService => 256 B
doma => 52427027 B
UpdatusUser => 52427027 B

RecycleBin => 2455697 B
EmptyTemp: => 463.8 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 14:35:55 ====

afro-0 · #9 Příspěvek od **afro-0** » 16 dub 2020 13:46

Ještě dotaz, při řešení potíží s vadnou fleshkou sem do menu počítač přidal jednotku F : rezervováno systémem a teď si nevím rady jak to udělat abych to F ko zase skryl. Díky moc.

#10 Příspěvek od **Conder** » 16 dub 2020 22:07

Ak myslis skrytie tohto oddielu zo zlozky Pocitac, tak staci odobrat pismeno danemu oddielu. To sa da urobit nasledovne:
Otvor Spravu diskov (Win+R -> napis "diskmgmt.msc" -> enter)
V zozname klikni pravym tlacitkom mysi na oddiel Rezervovano systemom a vyber moznost Zmenit pismeno jednotky a cesty
V novom okne klikni na Odstranit a potom na OK

Inak ako to vyzera s PC? Su este nejake problemy?

afro-0 · #11 Příspěvek od **afro-0** » 17 dub 2020 13:14

Děkuji moc, přesně takto jsem to udělal ale vystrašilo mě po okno kliku na odebrat, které hlásilo že odebráním mohou nastat potíže, některé programy nebudou fungovat atd. atd. , tak sem to zrušil a radši se zeptal.

PC je o poznání rychlejší, i start systému což je velmi příjemné. Řekl bych že teď snad na nějaký čas bude zas klid.
Jen se zeptám, co mohu sám používat za čistidla aniž bych jako amatér poškodil pc nebo programy apod. , myslím programy. Raz za čas projedu ccleanerem ale očividně to nestačí. Díky.

#12 Příspěvek od **Conder** » 20 dub 2020 02:04

Pardon za zdrzanie. Na pravidelne cistenie systemu pre bezneho uzivatela mozem odporucit len spominany CCleaner. Preistotu upozornujem, ze programy od IObit, ako napr. Driver Booster alebo Advanced SystemCare, sa rozhodne neodporuca pouzivat, kedze su to smejdy, ktore mozu poskodit system.

afro-0 · #13 Příspěvek od **afro-0** » 21 dub 2020 17:50

V tom případě to je vše, opět díky vašemu webu můj pc zas pracuje ne jako hlemýžď

mnohokráte děkuji

#14 Příspěvek od **Conder** » 22 dub 2020 18:51

To som rad

Tak este upraceme po pouzitych nastrojoch:

Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
Uloz na plochu a spusti
Nechaj oznacenu moznost "Remove disinfection tools"
Klikni na "Run"

VIRY.CZ

kontrola - kde je problém

kontrola - kde je problém

Re: kontrola - kde je problém

Re: kontrola - kde je problém

Re: kontrola - kde je problém

Re: kontrola - kde je problém

Re: kontrola - kde je problém

Re: kontrola - kde je problém

Re: kontrola - kde je problém

Re: kontrola - kde je problém

Re: kontrola - kde je problém

Re: kontrola - kde je problém

Re: kontrola - kde je problém

Re: kontrola - kde je problém

Re: kontrola - kde je problém