VIRY.CZ

Počítač i internet se poslední dobou strašně zpomalil, tak jsem chtěl poprosit o kontrolu logu. Děkuju

Logfile of random's system information tool 1.16 (written by random/random)
Run by Tom78 at 2017-06-30 22:19:17
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 63 GB (48%) free of 130 GB
Total RAM: 8098 MB (74% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:19:27, on 30.6.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18525)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Tom78_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.ru/cnt/10445?gp=811040
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [script_fcbd] "D:\Games\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\fcbd.bat" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [script_fcbd] "D:\Games\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\fcbd.bat" (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: GalaxyClientService - GOG.com - D:\Games\GOG Galaxy\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Origin Client Service - Electronic Arts - D:\Games\EA-Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - D:\Games\EA-Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Služba Windows Media Player Network Sharing (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6977 bytes

====== Enumerating Processes ======

C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\Program Files\AVAST Software\Avast\AvastUI.exe
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -c
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\Windows\system32\conhost.exe "-433067321-106255768520462870772657599734761581011839203143111363244377591945
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Windows\system32\NOTEPAD.EXE" C:\Moje\něco.txt
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="2532.0.863151205\1269927522" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 2532 "\\.\pipe\gecko-crash-server-pipe.2532" gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="2532.2.777158795\603521015" -childID 1 -isForBrowser -intPrefs 5:50|6:-1|28:1000|33:20|34:10|43:128|44:10000|48:0|50:400|51:1|52:0|53:0|58:0|59:120|60:120|133:2|134:1|147:5000|157:0|159:0|170:10000|182:-1|187:128|188:10000|189:0|195:24|196:32768|198:0|199:0|207:5|211:1048576|212:100|213:5000|215:600|217:1|226:1|231:0|241:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|35:1|36:0|37:0|38:0|39:1|40:0|41:1|42:1|45:0|46:0|47:0|49:0|54:1|55:1|56:0|57:1|61:1|62:1|63:0|64:1|65:1|66:0|67:1|70:0|71:0|74:1|75:1|79:1|80:1|81:0|82:0|84:0|85:0|86:1|87:0|90:0|91:1|92:1|93:1|94:1|95:1|96:0|97:0|98:1|99:0|100:0|101:0|102:1|103:1|104:0|105:1|106:1|107:0|108:0|109:1|110:1|111:1|112:0|113:1|114:1|115:1|116:1|117:1|118:1|119:1|120:1|122:0|123:0|124:0|125:1|126:0|127:1|131:1|132:1|135:1|136:0|141:0|146:0|149:1|152:1|154:1|158:0|161:1|164:1|165:1|171:0|172:0|173:1|175:0|181:0|183:1|184:0|185:0|186:0|193:0|194:0|197:1|200:1|202:0|204:1|205:0|210:0|214:1|219:0|220:0|221:0|222:1|224:1|225:1|228:0|233:0|234:0|235:1|236:1|237:0|238:1|239:1|240:0|242:0|243:0|245:0|253:1|254:1|255:0|256:0|257:0| -stringPrefs "3:7;release|174:3;1.0|191:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻　。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞．／｡ﾠ�|192:8;moderate|227:38;{2eb7052b-8514-46f9-b933-a3a2cedb9751}|" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 2532 "\\.\pipe\gecko-crash-server-pipe.2532" tab
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe23_ Global\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Tom78\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

====== Scheduled tasks folder ======

C:\Windows\system32\tasks\Adobe Flash Player PPAPI Notifier - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe -check pepperplugin
C:\Windows\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\Windows\system32\tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
C:\Windows\system32\tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
C:\Windows\system32\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
C:\Windows\system32\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\Windows\system32\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\Windows\system32\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
C:\Windows\system32\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
C:\Windows\system32\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
C:\Windows\system32\tasks\Opera scheduled Autoupdate 1498851699 - C:\Moje\Opera_znovu\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1478469413 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs

=========Mozilla firefox=========

ProfilePath - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\7s4bl2ji.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.171 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.171 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\7s4bl2ji.default\addons.json
uBlock Origin - extension - uBlock0@raymondhill.net
Video DownloadHelper - extension - {b9db16a4-6edc-47ec-a1f4-b86292ed211d}

C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\7s4bl2ji.default\extensions.json
Video DownloadHelper - extension - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\7s4bl2ji.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
Avast Online Security - webextension - wrc@avast.com - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\7s4bl2ji.default\extensions\wrc@avast.com.xpi
Avast SafePrice - webextension - sp@avast.com - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\7s4bl2ji.default\extensions\sp@avast.com.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Firefox Screenshots - extension - screenshots@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
uBlock Origin - extension - uBlock0@raymondhill.net - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\7s4bl2ji.default\extensions\uBlock0@raymondhill.net.xpi

C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\7s4bl2ji.default\pluginreg.dat
Plugin - Shockwave Flash - 25.0.0.171 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll

=========Google Chrome=========


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=


======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-06-26 896048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-06-26 774440]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-11-11 8899592]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-06-26 213832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2017-05-03 1893496]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux2"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2017-06-30 22:19:18 ----D---- C:\Program Files\trend micro
2017-06-30 22:19:17 ----D---- C:\rsit
2017-06-30 11:03:36 ----D---- C:\ProgramData\SWCUTemp
2017-06-26 15:39:31 ----A---- C:\Windows\system32\aswBoot.exe
2017-06-17 16:53:57 ----D---- C:\Users\Tom78\AppData\Roaming\NVIDIA
2017-06-13 23:36:32 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2017-06-13 23:36:31 ----A---- C:\Windows\system32\user.exe
2017-06-13 23:36:31 ----A---- C:\Windows\system32\setupSNK.exe
2017-06-13 23:36:30 ----A---- C:\Windows\system32\setup16.exe
2017-06-13 23:36:30 ----A---- C:\Windows\system32\regedit.exe
2017-06-13 23:36:29 ----A---- C:\Windows\system32\perfhost.exe
2017-06-13 23:36:29 ----A---- C:\Windows\system32\ntkrnlpa.exe
2017-06-13 23:36:21 ----A---- C:\Windows\system32\instnm.exe
2017-06-13 23:36:21 ----A---- C:\Windows\system32\hh.exe
2017-06-13 23:36:20 ----A---- C:\Windows\system32\explorer.exe
2017-06-13 23:36:15 ----A---- C:\Windows\system32\dplaysvr.exe
2017-06-13 23:36:14 ----A---- C:\Windows\SYSWOW64\vsocklib.dll
2017-06-13 23:36:14 ----A---- C:\Windows\SYSWOW64\vmhgfs.dll
2017-06-13 23:36:14 ----A---- C:\Windows\SYSWOW64\vmGuestLibJava.dll
2017-06-13 23:36:14 ----A---- C:\Windows\SYSWOW64\vmGuestLib.dll
2017-06-13 23:36:14 ----A---- C:\Windows\SYSWOW64\vm3dum.dll
2017-06-13 23:36:13 ----A---- C:\Windows\SYSWOW64\vm3dgl.dll
2017-06-13 23:36:08 ----A---- C:\Windows\SYSWOW64\mstime.dll
2017-06-13 23:36:06 ----A---- C:\Windows\SYSWOW64\mfc71u.dll
2017-06-13 23:36:04 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2017-06-13 23:36:03 ----A---- C:\Windows\SYSWOW64\LegitCheckControl.DLL
2017-06-13 23:36:00 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2017-06-13 23:35:59 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2017-06-13 23:35:59 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2017-06-13 23:35:58 ----A---- C:\Windows\SYSWOW64\corpol.dll
2017-06-13 23:35:58 ----A---- C:\Windows\SYSWOW64\admparse.dll
2017-06-13 23:35:58 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2017-06-13 23:35:57 ----A---- C:\Windows\system32\wow32.dll
2017-06-13 23:35:57 ----A---- C:\Windows\system32\vsocklib.dll
2017-06-13 23:35:55 ----A---- C:\Windows\system32\vmhgfs.dll
2017-06-13 23:35:55 ----A---- C:\Windows\system32\vmGuestLibJava.dll
2017-06-13 23:35:55 ----A---- C:\Windows\system32\vmGuestLib.dll
2017-06-13 23:35:54 ----A---- C:\Windows\system32\vm3dum.dll
2017-06-13 23:35:54 ----A---- C:\Windows\system32\vm3dgl.dll
2017-06-13 23:35:48 ----A---- C:\Windows\system32\vfpodbc.dll
2017-06-13 23:35:47 ----A---- C:\Windows\system32\vdmdbg.dll
2017-06-13 23:35:47 ----A---- C:\Windows\system32\vbajet32.dll
2017-06-13 23:35:47 ----A---- C:\Windows\system32\typelib.dll
2017-06-13 23:35:46 ----A---- C:\Windows\system32\storage.dll
2017-06-13 23:35:46 ----A---- C:\Windows\system32\sqlwoa.dll
2017-06-13 23:35:46 ----A---- C:\Windows\system32\sqlwid.dll
2017-06-13 23:35:46 ----A---- C:\Windows\system32\sqlunirl.dll
2017-06-13 23:35:45 ----A---- C:\Windows\system32\olethk32.dll
2017-06-13 23:35:44 ----A---- C:\Windows\system32\olesvr32.dll
2017-06-13 23:35:44 ----A---- C:\Windows\system32\olepro32.dll
2017-06-13 23:35:44 ----A---- C:\Windows\system32\olecli32.dll
2017-06-13 23:35:43 ----A---- C:\Windows\system32\ole2nls.dll
2017-06-13 23:35:43 ----A---- C:\Windows\system32\ole2disp.dll
2017-06-13 23:35:42 ----A---- C:\Windows\system32\ole2.dll
2017-06-13 23:35:42 ----A---- C:\Windows\system32\odtext32.dll
2017-06-13 23:35:41 ----A---- C:\Windows\system32\odpdx32.dll
2017-06-13 23:35:40 ----A---- C:\Windows\system32\odfox32.dll
2017-06-13 23:35:39 ----A---- C:\Windows\system32\odexl32.dll
2017-06-13 23:35:39 ----A---- C:\Windows\system32\oddbse32.dll
2017-06-13 23:35:39 ----A---- C:\Windows\system32\odbcjt32.dll
2017-06-13 23:35:38 ----A---- C:\Windows\system32\odbcji32.dll
2017-06-13 23:35:38 ----A---- C:\Windows\system32\mtxlegih.dll
2017-06-13 23:35:37 ----A---- C:\Windows\system32\msxbde40.dll
2017-06-13 23:35:36 ----A---- C:\Windows\system32\mswstr10.dll
2017-06-13 23:35:35 ----A---- C:\Windows\system32\mswdat10.dll
2017-06-13 23:35:33 ----A---- C:\Windows\system32\msvcrt40.dll
2017-06-13 23:35:32 ----A---- C:\Windows\system32\msvcrt20.dll
2017-06-13 23:35:32 ----A---- C:\Windows\system32\msvcr71.dll
2017-06-13 23:35:31 ----A---- C:\Windows\system32\msvbvm60.dll
2017-06-13 23:35:28 ----A---- C:\Windows\system32\mstime.dll
2017-06-13 23:35:27 ----A---- C:\Windows\system32\mstext40.dll
2017-06-13 23:35:26 ----A---- C:\Windows\system32\msrepl40.dll
2017-06-13 23:35:24 ----A---- C:\Windows\system32\msrd3x40.dll
2017-06-13 23:35:23 ----A---- C:\Windows\system32\msrd2x40.dll
2017-06-13 23:35:22 ----A---- C:\Windows\system32\mspbde40.dll
2017-06-13 23:35:21 ----A---- C:\Windows\system32\msorcl32.dll
2017-06-13 23:35:21 ----A---- C:\Windows\system32\msorc32r.dll
2017-06-13 23:35:20 ----A---- C:\Windows\system32\msltus40.dll
2017-06-13 23:35:20 ----A---- C:\Windows\system32\msjtes40.dll
2017-06-13 23:35:19 ----A---- C:\Windows\system32\msjter40.dll
2017-06-13 23:35:19 ----A---- C:\Windows\system32\msjint40.dll
2017-06-13 23:35:18 ----A---- C:\Windows\system32\msjetoledb40.dll
2017-06-13 23:35:17 ----A---- C:\Windows\system32\msjet40.dll
2017-06-13 23:35:13 ----A---- C:\Windows\system32\msexcl40.dll
2017-06-13 23:35:12 ----A---- C:\Windows\system32\msexch40.dll
2017-06-13 23:35:11 ----A---- C:\Windows\system32\mscpxl32.dLL
2017-06-13 23:35:11 ----A---- C:\Windows\system32\mscpx32r.dLL
2017-06-13 23:35:11 ----A---- C:\Windows\system32\mfc71u.dll
2017-06-13 23:35:09 ----A---- C:\Windows\system32\mfc71.dll
2017-06-13 23:35:07 ----A---- C:\Windows\system32\mfc40u.dll
2017-06-13 23:35:05 ----A---- C:\Windows\system32\mfc40.dll
2017-06-13 23:35:03 ----A---- C:\Windows\system32\LegitCheckControl.DLL
2017-06-13 23:35:00 ----A---- C:\Windows\system32\ir50_qcx.dll
2017-06-13 23:35:00 ----A---- C:\Windows\system32\ir50_qc.dll
2017-06-13 23:34:59 ----A---- C:\Windows\system32\ir50_32.dll
2017-06-13 23:34:57 ----A---- C:\Windows\system32\ir41_qcx.dll
2017-06-13 23:34:57 ----A---- C:\Windows\system32\ir41_qc.dll
2017-06-13 23:34:56 ----A---- C:\Windows\system32\ir32_32.dll
2017-06-13 23:34:56 ----A---- C:\Windows\system32\iprop.dll
2017-06-13 23:34:55 ----A---- C:\Windows\system32\ieakui.dll
2017-06-13 23:34:55 ----A---- C:\Windows\system32\ieaksie.dll
2017-06-13 23:34:54 ----A---- C:\Windows\system32\ieakeng.dll
2017-06-13 23:34:54 ----A---- C:\Windows\system32\iccvid.dll
2017-06-13 23:34:53 ----A---- C:\Windows\system32\FXSXP32.dll
2017-06-13 23:34:52 ----A---- C:\Windows\system32\FXSEXT32.dll
2017-06-13 23:34:52 ----A---- C:\Windows\system32\expsrv.dll
2017-06-13 23:34:51 ----A---- C:\Windows\system32\dpwsockx.dll
2017-06-13 23:34:50 ----A---- C:\Windows\system32\dpmodemx.dll
2017-06-13 23:34:50 ----A---- C:\Windows\system32\dplayx.dll
2017-06-13 23:34:49 ----A---- C:\Windows\system32\dmstyle.dll
2017-06-13 23:34:49 ----A---- C:\Windows\system32\dmscript.dll
2017-06-13 23:34:48 ----A---- C:\Windows\system32\dmime.dll
2017-06-13 23:34:48 ----A---- C:\Windows\system32\dmcompos.dll
2017-06-13 23:34:47 ----A---- C:\Windows\system32\dmband.dll
2017-06-13 23:34:47 ----A---- C:\Windows\system32\d3dxof.dll
2017-06-13 23:34:47 ----A---- C:\Windows\system32\d3dramp.dll
2017-06-13 23:34:46 ----A---- C:\Windows\system32\d3dim700.dll
2017-06-13 23:34:44 ----A---- C:\Windows\system32\d3dim.dll
2017-06-13 23:34:43 ----A---- C:\Windows\system32\d3d8.dll
2017-06-13 23:34:41 ----A---- C:\Windows\system32\ctl3d32.dll
2017-06-13 23:34:40 ----A---- C:\Windows\system32\crtdll.dll
2017-06-13 23:34:40 ----A---- C:\Windows\system32\corpol.dll
2017-06-13 23:34:39 ----A---- C:\Windows\system32\compobj.dll
2017-06-13 23:34:39 ----A---- C:\Windows\system32\audiodev.dll
2017-06-13 23:34:38 ----A---- C:\Windows\system32\admparse.dll
2017-06-13 23:34:38 ----A---- C:\Windows\system32\aaclient.dll
2017-06-13 22:58:22 ----A---- C:\Windows\NvTelemetryContainerRecovery.bat
2017-06-13 22:57:54 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2017-06-13 22:57:42 ----A---- C:\Windows\SYSWOW64\vulkaninfo.exe
2017-06-13 22:57:42 ----A---- C:\Windows\SYSWOW64\vulkan-1.dll
2017-06-13 22:57:42 ----A---- C:\Windows\system32\vulkaninfo.exe
2017-06-13 22:57:42 ----A---- C:\Windows\system32\vulkan-1.dll
2017-06-13 22:57:29 ----A---- C:\Windows\system32\nvsvcr.dll
2017-06-13 22:57:29 ----A---- C:\Windows\system32\nvsvc64.dll
2017-06-13 22:57:29 ----A---- C:\Windows\system32\nvshext.dll
2017-06-13 22:57:29 ----A---- C:\Windows\system32\nvmctray.dll
2017-06-13 22:57:29 ----A---- C:\Windows\system32\nvcpl.dll
2017-06-13 22:57:29 ----A---- C:\Windows\system32\nv3dappshextr.dll
2017-06-13 22:57:29 ----A---- C:\Windows\system32\nv3dappshext.dll
2017-06-13 22:57:14 ----A---- C:\Windows\NvContainerRecovery.bat
2017-06-13 22:57:05 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2017-06-13 22:57:05 ----A---- C:\Windows\system32\OpenCL.dll
2017-06-13 22:54:42 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2017-06-13 22:54:42 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2017-06-13 22:54:42 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2017-06-13 22:54:42 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2017-06-13 22:54:42 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2017-06-13 22:54:42 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2017-06-13 22:54:42 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2017-06-13 22:54:42 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2017-06-13 22:54:42 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2017-06-13 22:54:42 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2017-06-13 22:54:42 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2017-06-13 22:54:42 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2017-06-13 22:54:42 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2017-06-13 22:54:42 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2017-06-13 22:54:42 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2017-06-13 22:54:42 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2017-06-13 22:54:42 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2017-06-13 22:54:42 ----A---- C:\Windows\system32\nvwgf2umx.dll
2017-06-13 22:54:42 ----A---- C:\Windows\system32\nvumdshimx.dll
2017-06-13 22:54:42 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2017-06-13 22:54:42 ----A---- C:\Windows\system32\nvopencl.dll
2017-06-13 22:54:42 ----A---- C:\Windows\system32\nvoglv64.dll
2017-06-13 22:54:42 ----A---- C:\Windows\system32\nvoglshim64.dll
2017-06-13 22:54:42 ----A---- C:\Windows\system32\nvinitx.dll
2017-06-13 22:54:42 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2017-06-13 22:54:42 ----A---- C:\Windows\system32\NvIFR64.dll
2017-06-13 22:54:42 ----A---- C:\Windows\system32\nvhdap64.dll
2017-06-13 22:54:42 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2017-06-13 22:54:42 ----A---- C:\Windows\system32\NvFBC64.dll
2017-06-13 22:54:42 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2017-06-13 22:54:42 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2017-06-13 22:54:42 ----A---- C:\Windows\system32\nvdispgenco6438253.dll
2017-06-13 22:54:42 ----A---- C:\Windows\system32\nvdispco6438253.dll
2017-06-13 22:54:42 ----A---- C:\Windows\system32\nvd3dumx.dll
2017-06-13 22:54:42 ----A---- C:\Windows\system32\nvcuvid.dll
2017-06-13 22:54:42 ----A---- C:\Windows\system32\nvcuda.dll
2017-06-13 22:54:42 ----A---- C:\Windows\system32\nvcompiler.dll
2017-06-13 22:54:42 ----A---- C:\Windows\system32\nvapi64.dll
2017-06-13 22:54:42 ----A---- C:\Windows\system32\drivers\nvvhci.sys
2017-06-13 22:54:42 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2017-06-13 22:54:42 ----A---- C:\Windows\system32\drivers\nvhda64v.sys

====== List of files/folders modified in the last 1 month ======

2017-06-30 22:19:27 ----D---- C:\Windows\Prefetch
2017-06-30 22:19:18 ----RD---- C:\Program Files
2017-06-30 22:12:11 ----D---- C:\Windows\Temp
2017-06-30 21:42:10 ----D---- C:\Windows\system32\Tasks
2017-06-30 21:41:42 ----D---- C:\Users\Tom78\AppData\Roaming\Opera Software
2017-06-30 21:41:18 ----D---- C:\Moje
2017-06-30 21:36:35 ----D---- C:\Windows
2017-06-30 12:25:17 ----D---- C:\ProgramData\NVIDIA
2017-06-30 11:10:52 ----D---- C:\Windows\system32\drivers
2017-06-30 11:03:36 ----HD---- C:\ProgramData
2017-06-29 13:43:57 ----D---- C:\Users\Tom78\AppData\Roaming\uTorrent
2017-06-27 23:19:50 ----D---- C:\Windows\inf
2017-06-26 20:07:10 ----SHD---- C:\System Volume Information
2017-06-26 17:51:21 ----D---- C:\Windows\system32\config
2017-06-26 15:39:31 ----D---- C:\Windows\System32
2017-06-26 15:39:29 ----D---- C:\ProgramData\AVAST Software
2017-06-21 11:58:33 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-06-20 13:59:23 ----D---- C:\Users\Tom78\AppData\Roaming\DAEMON Tools Lite
2017-06-18 15:33:20 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-06-18 15:31:50 ----D---- C:\Program Files (x86)\Common Files
2017-06-16 23:58:06 ----D---- C:\ProgramData\Origin
2017-06-16 23:58:05 ----D---- C:\Users\Tom78\AppData\Roaming\Origin
2017-06-14 17:11:35 ----D---- C:\Program Files (x86)\Rockstar Games
2017-06-14 17:11:26 ----D---- C:\Program Files\Rockstar Games
2017-06-13 23:37:17 ----D---- C:\Windows\SYSWOW64\config
2017-06-13 23:36:32 ----D---- C:\Windows\SysWOW64
2017-06-13 23:28:02 ----RD---- C:\Program Files (x86)
2017-06-13 23:02:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-06-13 22:58:25 ----D---- C:\Windows\system32\DriverStore
2017-06-13 22:58:23 ----D---- C:\Program Files\NVIDIA Corporation
2017-06-13 22:58:22 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2017-06-13 22:58:21 ----D---- C:\ProgramData\NVIDIA Corporation
2017-06-13 22:57:42 ----D---- C:\Program Files (x86)\VulkanRT
2017-06-13 22:57:27 ----D---- C:\Windows\Help
2017-06-13 22:56:53 ----D---- C:\Windows\system32\catroot2
2017-06-10 14:13:12 ----D---- C:\Program Files (x86)\SpeedFan
2017-06-08 22:44:51 ----D---- C:\Users\Tom78\AppData\Roaming\vlc
2017-06-07 14:22:22 ----SHD---- C:\Windows\Installer
2017-06-07 14:22:20 ----SD---- C:\Users\Tom78\AppData\Roaming\Microsoft
2017-06-03 12:12:53 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-06-03 12:12:51 ----D---- C:\Windows\system32\Macromed
2017-06-03 12:12:40 ----D---- C:\Windows\SYSWOW64\Macromed

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2017-06-26 198944]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2017-06-26 343264]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2017-06-26 57704]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-06-26 84392]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-06-26 360792]
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2016-11-07 118560]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2016-11-11 1469952]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2016-11-11 31712]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2013-10-21 213848]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2016-11-07 276256]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2017-04-22 381440]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2017-06-26 319984]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-06-26 41800]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-06-26 110352]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-06-26 1015848]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-06-26 585608]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2016-12-02 283064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO64A.SYS [2016-11-08 27552]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-06-26 146664]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-06-26 198768]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2016-11-11 5276168]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2016-11-11 823816]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2016-12-20 199760]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2017-06-08 218712]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2017-05-03 48248]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2017-06-08 57792]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2016-12-20 1037832]
S1 ZAM;ZAM Helper Driver; \??\C:\Windows\System32\drivers\zam64.sys []
S1 ZAM_Guard;ZAM Guard Driver; \??\C:\Windows\System32\drivers\zamguard64.sys []
S3 an0ldm2h;an0ldm2h; C:\Windows\system32\drivers\an0ldm2h.sys []
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-06-26 46984]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-05-03 30328]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 semav6msr64;semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [2015-06-04 21984]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-10-21 42496]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-06-26 263312]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-10-16 207648]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-10-16 415520]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03 495224]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-06-08 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-06-08 449984]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-06-26 7430992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2017-01-26 104448]
S2 Origin Web Helper Service;Origin Web Helper Service; D:\Games\EA-Origin\OriginWebHelperService.exe [2017-06-16 3127192]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2017-04-22 383016]
S3 GalaxyClientService;GalaxyClientService; D:\Games\GOG Galaxy\GalaxyClientService.exe [2017-06-14 513088]
S3 GalaxyCommunication;GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [2017-06-14 8077376]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-10-27 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2016-12-14 4317648]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03 495224]
S3 Origin Client Service;Origin Client Service; D:\Games\EA-Origin\OriginClientService.exe [2017-06-16 2157456]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-06-08 1607968]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-11-10 1255736]
S4 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2014-05-30 943136]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------

Zdravim

Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Zdravim, tady jsou ty logy.

----------------------------------------------------------------------------
CrystalDiskInfo 7.0.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2017/07/01 10:11:52

-- Controller Map ----------------------------------------------------------
+ Intel(R) 8 Series/C220 Chipset Family SATA AHCI Controller [ATA]
- WDC WD10PURX-64D85Y0 SCSI Disk Device
- HL-DT-ST DVDRAM GH24NSC0 SCSI CdRom Device
- WDC WD10PURX-64D85Y0 SCSI Disk Device
+ ACKKUDGG IDE Controller [SCSI]
- QHMPYP 238LAFGXQZ SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) WDC WD10PURX-64D85Y0 : 1000,2 GB [0/0/0, pd1] - wd
(2) WDC WD10PURX-64D85Y0 : 1000,2 GB [1/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD10PURX-64D85Y0
----------------------------------------------------------------------------
Model : WDC WD10PURX-64D85Y0
Firmware : 01.01A01
Serial Number : WD-WCC4J2VD3019
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ----
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 10554 hod.
Power On Count : 840 krát
Temperature : 29 C (84 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----
Drive Letter : F:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 144 142 _21 000000000EB6 Čas na roztočení ploten
04 _95 _95 __0 0000000016F6 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _86 _86 __0 00000000293A Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C 100 100 __0 000000000348 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000003 Počet vypnutí disku
C1 199 199 __0 0000000016F2 Počet cyklů načítání/vymazání
C2 114 101 __0 00000000001D Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4334 4A32 5644 3330 3139
020: 0000 0000 0000 3031 2E30 3141 3031 5744 4320 5744
030: 3130 5055 5258 2D36 3444 3835 5930 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 9F0E 0006 004C 004C
080: 03FE 0000 746B 7D61 6733 7469 BC41 6723 407F 0047
090: 0047 0000 FFFE 0000 0000 0008 0000 0000 86A0 0001
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5001 4EE2
110: 60F8 25E4 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0400
130: 0001 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 A1A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 90 8E B6 0E 00 00 00 00 00 04 32 00 5F 5F F6
020: 16 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 56 56 3A 29 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 64 64 48 03 00 00 00 00 00 C0 32
070: 00 C8 C8 03 00 00 00 00 00 00 C1 32 00 C7 C7 F2
080: 16 00 00 00 00 00 C2 22 00 72 65 1D 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 64 FD 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 64 FD 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 80 34 01 7B
170: 03 00 01 00 02 99 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 18

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 9D

----------------------------------------------------------------------------
(2) WDC WD10PURX-64D85Y0
----------------------------------------------------------------------------
Model : WDC WD10PURX-64D85Y0
Firmware : 01.01A01
Serial Number : WD-WCC4J4412725
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ----
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 16176 hod.
Power On Count : 1169 krát
Temperature : 31 C (87 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----
Drive Letter : C: D: E: H:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 137 132 _21 000000001036 Čas na roztočení ploten
04 _99 _99 __0 000000000491 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _78 _78 __0 000000003F30 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 000000000491 Počet cyklů zapnutí zařízení
C0 200 200 __0 00000000003D Počet vypnutí disku
C1 200 200 __0 0000000004EC Počet cyklů načítání/vymazání
C2 112 _99 __0 00000000001F Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4334 4A34 3431 3237 3235
020: 0000 0000 0000 3031 2E30 3141 3031 5744 4320 5744
030: 3130 5055 5258 2D36 3444 3835 5930 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 9F0E 0004 004C 004C
080: 03FE 0000 746B 7D61 6733 7469 BC41 6723 407F 0047
090: 0047 0000 FFFE 0000 0000 0008 0000 0000 86A0 0001
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5001 4EE2
110: B4EF A845 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0400
130: 0001 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 A4A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 89 84 36 10 00 00 00 00 00 04 32 00 63 63 91
020: 04 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 4E 4E 30 3F 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 91 04 00 00 00 00 00 C0 32
070: 00 C8 C8 3D 00 00 00 00 00 00 C1 32 00 C8 C8 EC
080: 04 00 00 00 00 00 C2 22 00 70 63 1F 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 64 FD 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 64 FD 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 08 34 01 7B
170: 03 00 01 00 02 98 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 29

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 9D

----------------------------------------------------------------------
# AdwCleaner v6.047 - Log vytvořen 01/07/2017 v 10:15:20
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-06-29.3 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Tom78 - STROJ
# Spuštěno z : C:\Users\Tom78\Desktop\adwcleaner_6.047.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****

[-] Složka smazána: C:\ProgramData\Mail.Ru
[#] Složka smazána po restartu: C:\ProgramData\Application Data\Mail.Ru
[-] Složka smazána: C:\Program Files (x86)\Mail.Ru
[-] Složka smazána: C:\Program Files (x86)\Common Files\freemake shared


***** [ Soubory ] *****

[-] Soubor smazán: C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk
[#] Soubor smazán: C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MAIL.RU.LNK
[-] Soubor smazán: C:\Users\Tom78\Favorites\Mail.Ru.url
[-] Soubor smazán: C:\Users\Tom78\Favorites\Mail.Ru Агент - используй для общения!.url


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****

[!] Zástupce nelze smazat: C:\Users\Tom78\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk


***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{C69276F0-9BC1-404F-8566-FCB14D0ED4B8}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E8F97CD-60B5-456F-A201-73065652D099}
[-] Klíč smazán: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Mail.Ru
[-] Klíč smazán: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\AppDataLow\Software\Mail.Ru
[#] Klíč smazán po restartu: HKCU\Software\Mail.Ru
[#] Klíč smazán po restartu: HKCU\Software\AppDataLow\Software\Mail.Ru
[-] Klíč smazán: HKLM\SOFTWARE\Mail.Ru
[#] Klíč smazán po restartu: [x64] HKCU\Software\Mail.Ru
[#] Klíč smazán po restartu: [x64] HKCU\Software\AppDataLow\Software\Mail.Ru
[-] Data obnovena: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Klíč smazán: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2977 Bajty] - [01/07/2017 10:15:20]
C:\AdwCleaner\AdwCleaner[S0].txt - [3371 Bajty] - [01/07/2017 10:14:28]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3123 Bajty] ##########

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 01.07.17
Čas skenování: 18:19
Logovací soubor: mbam_log.txt
Správce: Ano

-Informace o softwaru-
Verze: 3.1.2.1733
Verze komponentů: 1.0.160
Aktualizovat verzi balíku komponent: 1.0.2270
Licence: Bezplatný

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: Stroj\Tom78

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 266772
Zjištěné hrozby: 37
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 1 hod, 11 min, 18 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 1
PUP.Optional.DLLSuite, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E557052E-9828-40E4-BFF6-311D3E89DB81}_is1, Žádná uživatelská akce, [1001], [396341],1.0.2270

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 36
PUP.Optional.DLLSuite, H:\TORRENTY Z UBUNTU\DLL SUITE 9.0.0.14 (CZ).RAR, Žádná uživatelská akce, [1001], [396352],1.0.2270
HackTool.GamesCheat.Gen, F:\HRY - INSTAL+++\HEROES OF MIGHT AND MAGIC 5 +++\HOMAM_5_V1.6_EU_4_TRAINER.RAR, Žádná uživatelská akce, [16746], [296086],1.0.2270
CheatTool.CETTrainer, F:\HRY - INSTAL+++\SPINTIRES TRAINER (+8) [03.03.16] [X32X64BIT]-3.RAR, Žádná uživatelská akce, [9089], [116813],1.0.2270
RiskWare.GameHack, F:\HRY - INSTAL+++\ETS 2 - MODS\EURO TRUCK SIMULATOR 2 TRAINER V1.22.2.3S-LIRW\ETS2X64.EXE, Žádná uživatelská akce, [471], [332456],1.0.2270
RiskWare.GameHack, F:\HRY - INSTAL+++\ETS 2 - MODS\EURO TRUCK SIMULATOR 2 TRAINER V1.22.1.1\EURO TRUCK SIMULATOR 2 TRAINER V1.22.1.1S-LIRW.RAR, Žádná uživatelská akce, [471], [332456],1.0.2270
CrackTool.Agent, F:\HRY - INSTAL+++\FABLE III CZ\FABLE III CZ\FABLE III CRACK & UPDATE ONLY-SKIDROW.RAR, Žádná uživatelská akce, [321], [84096],1.0.2270
RiskWare.GameHack, F:\HRY - INSTAL+++\ETS 2 - MODS\EURO TRUCK SIMULATOR 2 TRAINER V1.22.1.1\ETS2__.EXE, Žádná uživatelská akce, [471], [332456],1.0.2270
RiskWare.GameHack, F:\HRY - INSTAL+++\ETS 2 - MODS\EURO TRUCK SIMULATOR 2 TRAINER V1.22.2.3S-LIRW\EURO TRUCK SIMULATOR 2 TRAINER V1.22.2.3S-LIRW.RAR, Žádná uživatelská akce, [471], [332456],1.0.2270
CheatTool.CETTrainer, F:\HRY - INSTAL+++\FAR CRY\FC4 - TRAINERS\FC4_GIR489.RAR, Žádná uživatelská akce, [9089], [116813],1.0.2270
RiskWare.GameHack.Generic, F:\HRY - INSTAL+++\GTA V\POSLEDNí\GRAND THEFT AUTO V V1.0.323.1-V1.0.877.1 PLUS 19 TRAINER.EXE, Žádná uživatelská akce, [1822], [339459],1.0.2270
CheatTool.CETTrainer, F:\HRY - INSTAL+++\MAFIA 3\M3 - TRAINERS\MAFIA III V1.060 TRAINER +9.RAR, Žádná uživatelská akce, [9089], [116813],1.0.2270
CheatTool.CETTrainer, F:\HRY - INSTAL+++\MAFIA 3\M3 - TRAINERS\MAFIA III V1.060 TRAINER +9 MRANTIFUN.EXE, Žádná uživatelská akce, [9089], [116813],1.0.2270
RiskWare.GameHack.Generic, F:\HRY - INSTAL+++\MAFIA 3\M3 - TRAINERS\MAFIA III V1.0-V1.06 PLUS 16 TRAINER.EXE, Žádná uživatelská akce, [1822], [339459],1.0.2270
RiskWare.GameHack.Generic, F:\HRY - INSTAL+++\MAFIA 3\M3 - TRAINERS\MAFIA.III.V1.0-V1.06.PLUS.16.TRAINER-FLING.RAR, Žádná uživatelská akce, [1822], [339459],1.0.2270
RiskWare.GameHack, F:\HRY - INSTAL+++\S.T.A.L.K.E.R. - SHADOW OF CHERNOBYL\TRAINERY\STALKER-V1.0001-TRAINER-PLUS12.ZIP, Žádná uživatelská akce, [471], [363831],1.0.2270
RiskWare.GameHack, F:\HRY - INSTAL+++\S.T.A.L.K.E.R. - SHADOW OF CHERNOBYL\TRAINERY\STALKER_TRAINER.ZIP, Žádná uživatelská akce, [471], [363831],1.0.2270
CheatTool.CETTrainer, F:\HRY - INSTAL+++\TCGR WILDLANDS\!!!! TCGR WILDLANDS V1.00 TRIANER - DOVEDNOSTNÍ BODY\TOM CLANCYS GHOST RECON WILDLANDS V1.00 TRIANER +5.RAR, Žádná uživatelská akce, [9089], [116813],1.0.2270
CheatTool.CETTrainer, F:\HRY - INSTAL+++\TCGR WILDLANDS\Z MRANTIFUN\NE-TOM CLANCYS GHOST RECON WILDLANDS V2199047 TRIANER +7 MRANTIFUN\TOM CLANCYS GHOST RECON WILDLANDS V2199047 TRIANER +7 MRANTIFUN.EXE, Žádná uživatelská akce, [9089], [116813],1.0.2270
CheatTool.CETTrainer, F:\HRY - INSTAL+++\TCGR WILDLANDS\!!!! TCGR WILDLANDS V1.00 TRIANER - DOVEDNOSTNÍ BODY\TOM CLANCYS GHOST RECON WILDLANDS V1.00 TRIANER +5 MRANTIFUN.EXE, Žádná uživatelská akce, [9089], [116813],1.0.2270
CheatTool.CETTrainer, F:\HRY - INSTAL+++\TCGR WILDLANDS\Z MRANTIFUN\TOM CLANCYS GHOST RECON WILDLANDS V1.00 TRIANER +5 MRANTIFUN\TOM CLANCYS GHOST RECON WILDLANDS V1.00 TRIANER +5 MRANTIFUN.ZIP, Žádná uživatelská akce, [9089], [116813],1.0.2270
CheatTool.CETTrainer, F:\HRY - INSTAL+++\TCGR WILDLANDS\Z MRANTIFUN\JO-TOM CLANCYS GHOST RECON WILDLANDS V1.00 TRIANER +6 MRANTIFUN\TOM CLANCYS GHOST RECON WILDLANDS V1.00 TRIANER +6 MRANTIFUN.EXE, Žádná uživatelská akce, [9089], [116813],1.0.2270
CheatTool.CETTrainer, F:\HRY - INSTAL+++\TCGR WILDLANDS\Z MRANTIFUN\NE-TOM CLANCYS GHOST RECON WILDLANDS V2199047 TRIANER +7 MRANTIFUN\TOM CLANCYS GHOST RECON WILDLANDS V2199047 TRIANER +7 MRANTIFUN.ZIP, Žádná uživatelská akce, [9089], [116813],1.0.2270
CheatTool.CETTrainer, F:\HRY - INSTAL+++\TCGR WILDLANDS\Z MRANTIFUN\JO-TOM CLANCYS GHOST RECON WILDLANDS V1.00 TRIANER +6 MRANTIFUN\TOM CLANCYS GHOST RECON WILDLANDS V1.00 TRIANER +6 MRANTIFUN.ZIP, Žádná uživatelská akce, [9089], [116813],1.0.2270
CheatTool.CETTrainer, F:\HRY - INSTAL+++\TCGR WILDLANDS\Z MRANTIFUN\TOM CLANCYS GHOST RECON WILDLANDS V1.00 TRIANER +5 MRANTIFUN\TOM CLANCYS GHOST RECON WILDLANDS V1.00 TRIANER +5 MRANTIFUN.EXE, Žádná uživatelská akce, [9089], [116813],1.0.2270
HackTool.GamesCheat.Gen, F:\HRY - INSTAL+++\THE SETTLERS 2 (10. VýROčí) CZ\TRAINER_4714_SETTLERS_2_TNG_V1.0_+1_TRAINER.ZIP, Žádná uživatelská akce, [16746], [296086],1.0.2270
RiskWare.Tool.CK, F:\HRY - INSTAL+++\THE SIMS™ 2 KOMPLETNí EDICE + BONUSY\[ČTI MĚ!]\SERIALS KEYS\KEY GENERATOR FOR 180 EA GAMES\KEY GENERATOR FOR 180 EA GAMES.EXE, Žádná uživatelská akce, [281], [294249],1.0.2270
CrackTool.Agent.Keygen, F:\HRY - INSTAL+++\TIGER WOODS PGA TOUR 08\HATRED\KEYGEN.EXE, Žádná uživatelská akce, [348], [386077],1.0.2270
HackTool.Agent, F:\HRY - INSTAL+++\TRAKTOR - ZETOR SIMULáTOR 2009\CRACKY-NEJSOU POTREBA\LANDWIRTSCHAFTS-SIMULATOR 2009 V1.0 [GERMAN] NO-CD PATCH 10-04-2009\RU-LWSRR.EXE, Žádná uživatelská akce, [464], [1570],1.0.2270
HackTool.Agent, F:\HRY - INSTAL+++\TRAKTOR - ZETOR SIMULáTOR 2009\CRACKY-NEJSOU POTREBA\LANDWIRTSCHAFTS-SIMULATOR 2009 V1.0 [GERMAN] NO-CD PATCH 10-04-2009\RU-LWSRR.RAR, Žádná uživatelská akce, [464], [1570],1.0.2270
HackTool.CheatEngine, F:\HRY - INSTAL+++\ZAKLÍNAČ 3\ZAKLíNAč 3 - POMOC\THE WITCHER 3 WILD HUNT V1.10 TRAINER +24 - FUNGUJE\THE WITCHER 3 WILD HUNT V1.10 TRAINER +24 MRANTIFUN.EXE, Žádná uživatelská akce, [1146], [7940],1.0.2270
PUP.Optional.OpenCandy, E:\PC\CHEATENGINE64.EXE, Žádná uživatelská akce, [540], [70383],1.0.2270
PUP.Optional.OpenCandy, E:\PC\DEAMON TOOLS\DTLITE-SETUP.EXE, Žádná uživatelská akce, [540], [297667],1.0.2270
PUP.Optional.ASK, E:\PC\ZONE ALARM 8 FREE\ZAZA_SETUP_EN.EXE, Žádná uživatelská akce, [541], [383618],1.0.2270
PUP.Optional.ASK, E:\VYPÁLIT\ZONE ALARM 8 FREE\ZAZA_SETUP_EN.EXE, Žádná uživatelská akce, [541], [383618],1.0.2270
PUP.Optional.DLLSuite, D:\DLL SUITE 9.0.0.14 (CZ).RAR, Žádná uživatelská akce, [1001], [396352],1.0.2270
PUP.Optional.DLLSuite, D:\DLL SUITE 9.0.0.14\DLLSUITE_SETUP.EXE, Žádná uživatelská akce, [1001], [396352],1.0.2270

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Ten klic registru nechte odstranit/opravit, co se tech souboru tyka, co na to rict. Nereknu vam, jestli je to oznaceno jako havet jen z principu, nebo je tam opravdu v nekterem i nejaky nechteny pridavek. Kazdopadne nalezy doporucuji odstranit.

Pak MBAM odinstalujte.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach
(Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)

Tady je log FRST.txt a jako příloha Addition.txt (RAR). Ještě jdu pro jistotu smazat ty soubory a ten klíč.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2017
Ran by Tom78 (administrator) on STROJ (02-07-2017 12:25:06)
Running from C:\Users\Tom78\Desktop
Loaded Profiles: Tom78 (Available Profiles: Tom78)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(forum.viry.cz) C:\Users\Tom78\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-11-11] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-06-26] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-18\...\Run: [script_fcbd] => "D:\Games\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\fcbd.bat"
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-06-26] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-06-26] (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{45DF80BB-9782-4E8A-B0F0-BAB1888F7B4E}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-06-26] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-06-26] (AVAST Software)

FireFox:
========
FF DefaultProfile: xe1a07bg.default
FF DefaultProfile: 7s4bl2ji.default
FF ProfilePath: C:\Users\Tom78\AppData\Roaming\Mozilla\SeaMonkey\Profiles\xe1a07bg.default [2017-07-02]
FF Homepage: Mozilla\SeaMonkey\Profiles\xe1a07bg.default -> hxxp://www.thesettlersonline.cz/cs/domovsk%C3%A1-str%C3%A1nka
FF ProfilePath: C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\7s4bl2ji.default [2017-07-02]
FF Session Restore: Mozilla\Firefox\Profiles\7s4bl2ji.default -> is enabled.
FF Extension: (Avast SafePrice) - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\7s4bl2ji.default\Extensions\sp@avast.com.xpi [2017-06-01]
FF Extension: (Google Translator for Firefox) - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\7s4bl2ji.default\Extensions\translator@zoli.bod.xpi [2017-07-01]
FF Extension: (uBlock Origin) - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\7s4bl2ji.default\Extensions\uBlock0@raymondhill.net.xpi [2017-06-24]
FF Extension: (Avast Online Security) - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\7s4bl2ji.default\Extensions\wrc@avast.com.xpi [2017-06-01]
FF Extension: (Video DownloadHelper) - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\7s4bl2ji.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-13]
FF Extension: (Adblock Plus) - C:\Users\Tom78\AppData\Roaming\Mozilla\Firefox\Profiles\7s4bl2ji.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-07-01]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-30] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-06-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-06-08] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-4101578857-3757837661-3053645589-1000: @nsroblox.roblox.com/launcher -> C:\Users\Tom78\AppData\Local\Roblox\Versions\version-934c86ec4aa148f0\\NPRobloxProxy.dll [No File]
FF Plugin HKU\S-1-5-21-4101578857-3757837661-3053645589-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\Tom78\AppData\Local\Roblox\Versions\version-934c86ec4aa148f0\\NPRobloxProxy64.dll [No File]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-06-26] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-06-26] (AVAST Software)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [383016 2017-04-22] (EasyAntiCheat Ltd)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [104448 2017-01-26] (Freemake) [File not signed]
S3 GalaxyClientService; D:\Games\GOG Galaxy\GalaxyClientService.exe [513088 2017-06-14] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8077376 2017-06-14] (GOG.com)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-10-16] (Intel Corporation)
S3 MBAMService; C:\Moje\MalwarebytesAnti-Malware\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-08] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-06-08] (NVIDIA Corporation)
S3 Origin Client Service; D:\Games\EA-Origin\OriginClientService.exe [2157456 2017-06-16] (Electronic Arts)
S2 Origin Web Helper Service; D:\Games\EA-Origin\OriginWebHelperService.exe [3127192 2017-06-16] (Electronic Arts)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-10-21] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [319984 2017-06-26] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198944 2017-06-26] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343264 2017-06-26] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57704 2017-06-26] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [46984 2017-06-26] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41800 2017-06-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [146664 2017-06-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110352 2017-06-26] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84392 2017-06-26] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1015848 2017-06-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [585608 2017-06-26] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [198768 2017-06-26] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361336 2017-07-01] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2016-12-02] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2016-11-08] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31712 2016-11-11] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199760 2016-12-20] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-06-08] (NVIDIA Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2017-04-22] (Duplex Secure Ltd.)
U3 aof9low5; C:\Windows\System32\Drivers\aof9low5.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-02 12:25 - 2017-07-02 12:25 - 00012233 _____ C:\Users\Tom78\Desktop\FRST.txt
2017-07-02 11:30 - 2017-07-02 12:25 - 00000000 ____D C:\FRST
2017-07-02 11:26 - 2017-07-02 11:26 - 00112640 _____ (forum.viry.cz) C:\Users\Tom78\Desktop\FRSTLauncher.exe
2017-07-02 11:20 - 2017-07-02 11:20 - 00003230 _____ C:\Users\Tom78\Desktop\viry.cz.txt
2017-07-02 11:09 - 2017-07-02 11:09 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-07-02 01:30 - 2017-07-02 01:30 - 02440704 _____ (Farbar) C:\Users\Tom78\Desktop\FRST64.exe
2017-07-01 21:28 - 2017-07-01 21:28 - 00001564 _____ C:\Users\Tom78\Desktop\Mladý dřevorubec Ali baba – kopie.lnk
2017-07-01 18:18 - 2017-07-01 18:18 - 00253856 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-07-01 18:18 - 2017-07-01 18:18 - 00001870 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-01 18:18 - 2017-07-01 18:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-01 18:18 - 2017-06-27 12:06 - 00077376 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-07-01 12:55 - 2017-07-01 12:55 - 00001791 _____ C:\Users\Public\Desktop\SeaMonkey.lnk
2017-07-01 12:55 - 2017-07-01 12:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SeaMonkey
2017-07-01 10:13 - 2017-07-01 20:31 - 00000000 ____D C:\AdwCleaner
2017-07-01 10:11 - 2017-07-01 10:11 - 00001212 _____ C:\Users\Tom78\Desktop\CrystalDiskInfo.lnk
2017-07-01 10:11 - 2017-07-01 10:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-07-01 10:11 - 2017-07-01 10:11 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2017-07-01 10:09 - 2017-07-01 10:09 - 04110280 _____ C:\Users\Tom78\Desktop\adwcleaner_6.047.exe
2017-07-01 10:08 - 2017-07-02 10:35 - 00007760 _____ C:\Users\Tom78\Desktop\viry.cz_před mazanim.txt
2017-07-01 10:04 - 2017-07-01 10:04 - 03961080 _____ (Crystal Dew World ) C:\Users\Tom78\Desktop\CrystalDiskInfo7_0_5.exe
2017-06-30 22:59 - 2017-06-30 22:59 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-30 22:59 - 2017-06-30 22:59 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-30 22:19 - 2017-06-30 22:19 - 00000000 ____D C:\rsit
2017-06-30 22:19 - 2017-06-30 22:19 - 00000000 ____D C:\Program Files\trend micro
2017-06-30 22:18 - 2017-06-30 22:18 - 01329152 _____ C:\Users\Tom78\Desktop\RSITx64.exe
2017-06-26 15:39 - 2017-06-26 15:39 - 00400464 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-06-23 13:19 - 2017-06-23 13:19 - 00001291 _____ C:\Users\Tom78\Desktop\Garfield_Master7.lnk
2017-06-18 17:38 - 2017-06-18 17:38 - 00000000 ____D C:\Users\Tom78\AppData\LocalLow\Anuman Interactive
2017-06-18 17:37 - 2017-06-18 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garfield Kart
2017-06-18 15:33 - 2017-06-18 15:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HIP GAMES
2017-06-17 16:53 - 2017-06-17 16:53 - 00000000 ____D C:\Users\Tom78\AppData\Roaming\NVIDIA
2017-06-14 14:13 - 2017-06-14 14:13 - 00000000 ____D C:\Users\Tom78\AppData\Local\GOG.com
2017-06-13 23:36 - 2017-06-13 23:36 - 03966848 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2017-06-13 23:36 - 2017-06-13 23:36 - 03223152 _____ (VMware, Inc.) C:\Windows\SysWOW64\vm3dgl.dll
2017-06-13 23:36 - 2017-06-13 23:36 - 02616320 _____ (Microsoft Corporation) C:\Windows\system32\explorer.exe
2017-06-13 23:36 - 2017-06-13 23:36 - 01485176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LegitCheckControl.DLL
2017-06-13 23:36 - 2017-06-13 23:36 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2017-06-13 23:36 - 2017-06-13 23:36 - 01047552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71u.dll
2017-06-13 23:36 - 2017-06-13 23:36 - 00606208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2017-06-13 23:36 - 2017-06-13 23:36 - 00398336 _____ (Microsoft Corporation) C:\Windows\system32\regedit.exe
2017-06-13 23:36 - 2017-06-13 23:36 - 00219248 _____ (VMware, Inc.) C:\Windows\SysWOW64\vm3dum.dll
2017-06-13 23:36 - 2017-06-13 23:36 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2017-06-13 23:36 - 2017-06-13 23:36 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2017-06-13 23:36 - 2017-06-13 23:36 - 00063088 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2017-06-13 23:36 - 2017-06-13 23:36 - 00053360 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmGuestLib.dll
2017-06-13 23:36 - 2017-06-13 23:36 - 00050800 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmhgfs.dll
2017-06-13 23:36 - 2017-06-13 23:36 - 00034416 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmGuestLibJava.dll
2017-06-13 23:36 - 2017-06-13 23:36 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\dplaysvr.exe
2017-06-13 23:36 - 2017-06-13 23:36 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\setup16.exe
2017-06-13 23:36 - 2017-06-13 23:36 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\perfhost.exe
2017-06-13 23:36 - 2017-06-13 23:36 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\setupSNK.exe
2017-06-13 23:36 - 2017-06-13 23:36 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\hh.exe
2017-06-13 23:36 - 2017-06-13 23:36 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\instnm.exe
2017-06-13 23:36 - 2017-06-13 23:36 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\user.exe
2017-06-13 23:35 - 2017-06-13 23:35 - 03223152 _____ (VMware, Inc.) C:\Windows\system32\vm3dgl.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 01589248 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 01485176 _____ (Microsoft Corporation) C:\Windows\system32\LegitCheckControl.DLL
2017-06-13 23:35 - 2017-06-13 23:35 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\msvbvm60.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\mfc71.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 01047552 _____ (Microsoft Corporation) C:\Windows\system32\mfc71u.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00954752 _____ (Microsoft Corporation) C:\Windows\system32\mfc40.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00954288 _____ (Microsoft Corporation) C:\Windows\system32\mfc40u.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00618496 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\msexch40.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00364544 _____ C:\Windows\system32\msjetoledb40.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\msjtes40.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\mstext40.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt20.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00229376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00219248 _____ (VMware, Inc.) C:\Windows\system32\vm3dum.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00200192 _____ (Intel Corporation.) C:\Windows\system32\ir50_qcx.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00180800 _____ (Microsoft Corporation) C:\Windows\system32\sqlunirl.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00177856 _____ (Microsoft Corporation) C:\Windows\system32\typelib.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00169520 _____ (Microsoft Corporation) C:\Windows\system32\ole2disp.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00153008 _____ (Microsoft Corporation) C:\Windows\system32\ole2nls.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\olecli32.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\olethk32.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00063088 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt40.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00053360 _____ (VMware, Inc.) C:\Windows\system32\vmGuestLib.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00050800 _____ (VMware, Inc.) C:\Windows\system32\vmhgfs.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00049179 _____ (Microsoft Corporation) C:\Windows\system32\sqlwoa.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00042592 _____ (Microsoft Corporation) C:\Windows\system32\ole2.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00034416 _____ (VMware, Inc.) C:\Windows\system32\vmGuestLibJava.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00030749 _____ (Microsoft Corporation) C:\Windows\system32\vbajet32.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\olesvr32.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mscpxl32.dLL
2017-06-13 23:35 - 2017-06-13 23:35 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\mtxlegih.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00024603 _____ (Microsoft Corporation) C:\Windows\system32\sqlwid.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\odbcji32.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00020535 _____ (Microsoft Corporation) C:\Windows\system32\vfpodbc.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\odtext32.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\odpdx32.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\odfox32.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\odexl32.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\oddbse32.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\corpol.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\vdmdbg.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\msorc32r.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\mscpx32r.dLL
2017-06-13 23:35 - 2017-06-13 23:35 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wow32.dll
2017-06-13 23:35 - 2017-06-13 23:35 - 00004208 _____ (Microsoft Corporation) C:\Windows\system32\storage.dll
2017-06-13 23:35 - 2017-06-13 23:34 - 00200192 _____ (Intel Corporation.) C:\Windows\system32\ir50_qc.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 01036800 _____ (Microsoft Corporation) C:\Windows\system32\d3d8.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\d3dim700.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00746496 _____ (Intel Corporation) C:\Windows\system32\ir50_32.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\d3dramp.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\FXSXP32.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00386048 _____ (Microsoft Corporation) C:\Windows\system32\d3dim.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00380957 _____ (Microsoft Corporation) C:\Windows\system32\expsrv.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\audiodev.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\dplayx.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00197632 _____ C:\Windows\system32\ir32_32.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dmime.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00149019 _____ (Microsoft Corporation) C:\Windows\system32\crtdll.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00120320 _____ (Intel Corporation.) C:\Windows\system32\ir41_qcx.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00120320 _____ (Intel Corporation.) C:\Windows\system32\ir41_qc.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\dmstyle.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\dmscript.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00082944 _____ (Radius Inc.) C:\Windows\system32\iccvid.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\dmcompos.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\d3dxof.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dpwsockx.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\FXSEXT32.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\dmband.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00027792 _____ (Microsoft Corporation) C:\Windows\system32\compobj.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\ctl3d32.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\dpmodemx.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2017-06-13 23:34 - 2017-06-13 23:34 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\iprop.dll
2017-06-13 22:58 - 2017-06-08 03:35 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-06-13 22:57 - 2017-06-08 03:35 - 00512960 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-06-13 22:57 - 2017-06-08 03:35 - 00418936 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2017-06-13 22:57 - 2017-06-08 02:01 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-06-13 22:57 - 2017-06-08 01:55 - 06467008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-06-13 22:57 - 2017-06-08 01:55 - 02479552 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-06-13 22:57 - 2017-06-08 01:55 - 01762936 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-06-13 22:57 - 2017-06-08 01:55 - 00549312 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-06-13 22:57 - 2017-06-08 01:55 - 00392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-06-13 22:57 - 2017-06-08 01:55 - 00082040 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-06-13 22:57 - 2017-06-08 01:55 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-06-13 22:57 - 2017-06-08 01:38 - 00134592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-06-13 22:57 - 2017-06-07 14:42 - 08075477 _____ C:\Windows\system32\nvcoproc.bin
2017-06-13 22:57 - 2017-03-10 23:17 - 00536864 _____ C:\Windows\system32\vulkan-1.dll
2017-06-13 22:57 - 2017-03-10 23:17 - 00525600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-06-13 22:57 - 2017-03-10 23:17 - 00254240 _____ C:\Windows\system32\vulkaninfo.exe
2017-06-13 22:57 - 2017-03-10 23:17 - 00233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-06-13 22:54 - 2017-06-08 03:35 - 40201664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 35350136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 35281344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 28593272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 20064880 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 17424984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 16436488 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 14276216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-06-13 22:54 - 2017-06-08 03:35 - 13402816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 11056272 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 11027968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 10551072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 09248144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 09014976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 08808488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 04090528 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 03604368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 03437504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 03020920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 01988216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438253.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 01615448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 01606776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438253.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 01056192 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 00993728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 00964032 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 00914880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 00688784 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 00609728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 00577728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 00507688 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 00499136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 00491024 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 00426128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 00406552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 00218712 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-06-13 22:54 - 2017-06-08 03:35 - 00170360 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 00057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-06-13 22:54 - 2017-06-08 03:35 - 00045976 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-06-13 22:54 - 2017-06-08 03:35 - 00042999 _____ C:\Windows\system32\nvinfo.pb
2017-06-13 22:54 - 2017-06-08 03:35 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-06-13 22:54 - 2017-06-08 03:35 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-06-10 11:12 - 2017-06-10 11:12 - 00000926 _____ C:\Users\Tom78\Desktop\Angel - komplet – zástupce.lnk
2017-06-10 11:12 - 2017-06-10 11:12 - 00000846 _____ C:\Users\Tom78\Desktop\buffy – zástupce.lnk
2017-06-07 14:22 - 2017-06-07 14:22 - 00003133 _____ C:\Users\Tom78\Desktop\Organizér.lnk
2017-06-07 14:22 - 2017-06-07 14:22 - 00000000 ____D C:\Users\Tom78\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fireluke Software
2017-06-04 22:43 - 2017-06-12 22:46 - 00011700 _____ C:\Users\Tom78\Desktop\steam chat.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-02 12:25 - 2016-11-07 00:33 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-02 12:24 - 2017-04-07 12:37 - 00000000 ____D C:\Users\Tom78\AppData\LocalLow\Mozilla
2017-07-02 10:56 - 2017-04-07 12:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-02 09:12 - 2009-07-14 06:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-02 09:12 - 2009-07-14 06:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-02 09:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-02 01:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-07-01 18:18 - 2016-12-13 01:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-01 18:18 - 2016-11-07 00:25 - 00000000 ____D C:\Moje
2017-07-01 18:13 - 2016-12-28 22:13 - 00000000 ____D C:\Users\Tom78\AppData\Local\CrashDumps
2017-07-01 12:55 - 2017-04-07 12:37 - 00000000 ____D C:\Users\Tom78\AppData\Roaming\Mozilla
2017-07-01 12:55 - 2017-04-07 12:37 - 00000000 ____D C:\Users\Tom78\AppData\Local\Mozilla
2017-07-01 10:05 - 2016-11-07 03:49 - 00000000 ____D C:\Users\Tom78\AppData\Roaming\Opera Software
2017-07-01 10:05 - 2016-11-07 03:49 - 00000000 ____D C:\Users\Tom78\AppData\Local\Opera Software
2017-07-01 09:45 - 2016-11-06 23:54 - 00361336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-06-30 22:59 - 2017-02-09 22:49 - 00000000 ____D C:\Users\Tom78\AppData\Local\Adobe
2017-06-30 22:59 - 2016-11-07 03:54 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-06-30 22:59 - 2016-11-07 03:54 - 00000000 ____D C:\Windows\system32\Macromed
2017-06-30 01:42 - 2016-11-08 20:00 - 00007649 _____ C:\Users\Tom78\AppData\Local\Resmon.ResmonCfg
2017-06-30 01:24 - 2016-12-24 01:19 - 00000000 ____D C:\Users\Tom78\Desktop\Progr
2017-06-29 13:43 - 2016-12-04 15:14 - 00000000 ____D C:\Users\Tom78\AppData\Roaming\uTorrent
2017-06-26 15:39 - 2017-02-07 18:53 - 00343264 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-06-26 15:39 - 2017-02-07 18:53 - 00319984 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-06-26 15:39 - 2017-02-07 18:53 - 00198944 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-06-26 15:39 - 2017-02-07 18:53 - 00057704 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-06-26 15:39 - 2017-02-07 18:53 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-06-26 15:39 - 2016-11-06 23:56 - 00041800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-06-26 15:39 - 2016-11-06 23:54 - 01015848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-06-26 15:39 - 2016-11-06 23:54 - 00585608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-06-26 15:39 - 2016-11-06 23:54 - 00198768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-06-26 15:39 - 2016-11-06 23:54 - 00146664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-06-26 15:39 - 2016-11-06 23:54 - 00110352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-06-26 15:39 - 2016-11-06 23:54 - 00084392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-06-26 15:39 - 2016-11-06 23:54 - 00046984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-06-26 15:39 - 2016-11-06 23:52 - 00000000 ____D C:\ProgramData\AVAST Software
2017-06-20 13:59 - 2016-12-02 21:30 - 00000000 ____D C:\Users\Tom78\AppData\Roaming\DAEMON Tools Lite
2017-06-19 23:45 - 2016-11-10 22:36 - 00017499 _____ C:\Users\Tom78\Desktop\Novus Inceptio - Recenze.txt
2017-06-19 00:39 - 2017-01-12 22:27 - 00005120 _____ C:\Users\Tom78\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-06-18 15:33 - 2016-11-06 23:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-06-17 16:52 - 2016-11-11 16:09 - 00000000 ____D C:\Users\Tom78\AppData\Local\Ubisoft Game Launcher
2017-06-17 16:51 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-06-16 23:58 - 2017-01-05 23:24 - 00000000 ____D C:\Users\Tom78\AppData\Roaming\Origin
2017-06-16 23:58 - 2017-01-05 23:17 - 00000000 ____D C:\ProgramData\Origin
2017-06-16 01:26 - 2016-11-07 03:32 - 00000000 ____D C:\Users\Tom78\AppData\Local\The Settlers Online
2017-06-14 17:11 - 2016-11-12 16:23 - 00000000 ____D C:\Program Files\Rockstar Games
2017-06-14 17:11 - 2016-11-12 16:23 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-06-13 23:37 - 2016-11-06 23:06 - 00000000 ____D C:\Users\Tom78
2017-06-13 23:02 - 2011-04-12 10:34 - 00668542 _____ C:\Windows\system32\perfh005.dat
2017-06-13 23:02 - 2011-04-12 10:34 - 00141202 _____ C:\Windows\system32\perfc005.dat
2017-06-13 23:02 - 2009-07-14 07:13 - 01583226 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-13 22:58 - 2016-11-07 00:33 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-06-13 22:58 - 2016-11-07 00:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-06-13 22:58 - 2016-11-07 00:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-06-13 22:58 - 2016-11-07 00:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-06-13 22:57 - 2016-11-13 22:45 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-06-13 22:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2017-06-10 14:13 - 2016-11-17 23:20 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2017-06-08 22:44 - 2016-12-31 13:53 - 00000000 ____D C:\Users\Tom78\AppData\Roaming\vlc

==================== Files in the root of some directories =======

2017-01-12 22:27 - 2017-06-19 00:39 - 0005120 _____ () C:\Users\Tom78\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-11-08 20:00 - 2017-06-30 01:42 - 0007649 _____ () C:\Users\Tom78\AppData\Local\Resmon.ResmonCfg
2016-11-06 23:33 - 2016-11-06 23:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-12-25 18:40 - 2017-01-20 14:32 - 0005307 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-25 18:40 - 2017-01-20 02:09 - 0005307 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-02 10:18

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:126.95 GB) (Free:60.42 GB) NTFS
Drive d: (Hry) (Fixed) (Total:226.74 GB) (Free:28.97 GB) NTFS
Drive e: () (Fixed) (Total:134.65 GB) (Free:31.97 GB) NTFS
Drive f: () (Fixed) (Total:931.41 GB) (Free:46.36 GB) NTFS
Drive h: (Záloha) (Fixed) (Total:443.16 GB) (Free:31.44 GB) NTFS

Available physical RAM: 6224.18 MB
Total physical RAM: 8097.73 MB
Percentage of memory in use: 23%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 82382C7D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 12DF12DE)
Partition 1: (Not Active) - (Size=127 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=804.6 GB) - (Type=OF Extended)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Tom78\Desktop" je 11 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay
"C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 02-07-2017
Ran by Tom78 (02-07-2017 19:11:43) Run:1
Running from C:\Users\Tom78\Desktop
Loaded Profiles: Tom78 (Available Profiles: Tom78)
Boot Mode: Normal
==============================================

fixlist content:
*****************
K�d:
Start
CloseProcesses:
CreateRestorePoint:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-18\...\Run: [script_fcbd] => "D:\Games\Ubisoft\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\fcbd.bat"
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION

FF Homepage: Mozilla\SeaMonkey\Profiles\xe1a07bg.default -> hxxp://www.thesettlersonline.cz/cs/domo ... r%C3%A1nka
FF Plugin HKU\S-1-5-21-4101578857-3757837661-3053645589-1000: @nsroblox.roblox.com/launcher -> C:\Users\Tom78\AppData\Local\Roblox\Versions\version-934c86ec4aa148f0\\NPRobloxProxy.dll [No File]
FF Plugin HKU\S-1-5-21-4101578857-3757837661-3053645589-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\Tom78\AppData\Local\Roblox\Versions\version-934c86ec4aa148f0\\NPRobloxProxy64.dll [No File]

S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [104448 2017-01-26] (Freemake) [File not signed]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

Hosts:
EmptyTemp:
Reboot:
End
*****************

Kód: => Error: No automatic fix found for this entry.
Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key removed successfully
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\script_fcbd => value removed successfully
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
Firefox "homepage" removed successfully
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\MozillaPlugins\@nsroblox.roblox.com/launcher => key removed successfully
C:\Users\Tom78\AppData\Local\Roblox\Versions\version-934c86ec4aa148f0\\NPRobloxProxy.dll => not found.
HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Software\MozillaPlugins\@nsroblox.roblox.com/launcher64 => key removed successfully
C:\Users\Tom78\AppData\Local\Roblox\Versions\version-934c86ec4aa148f0\\NPRobloxProxy64.dll => not found.
HKLM\System\CurrentControlSet\Services\Freemake Improver => key removed successfully
Freemake Improver => service removed successfully
HKLM\System\CurrentControlSet\Services\ZAM => key removed successfully
ZAM => service removed successfully
HKLM\System\CurrentControlSet\Services\ZAM_Guard => key removed successfully
ZAM_Guard => service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17104169 B
Java, Flash, Steam htmlcache => 699449133 B
Windows/system/drivers => 324693 B
Edge => 0 B
Chrome => 0 B
Firefox => 378639914 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
systemprofile32 => 33058 B
LocalService => 0 B
NetworkService => 0 B
Tom78 => 262965053 B

RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:12:04 ====

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak to s pc vypada.

Všechno splněno a myslím že celkově je to s pc lepší.

A je to uz v norme, nebo je to sice lepsi, ale do normalu to ma jeste daleko?

Zkouším různé programy, aplikace a hry jak ted fungují a zdá se že už je to v pořádku. Tak teda děkuju za pomoc!

Tak to jsem rad

Nemate zac!

Mejte se a treba zase nekdy