VIRY.CZ

can result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-10-2017 01
Ran by pc (administrator) on PC-PC (03-10-2017 19:21:45)
Running from C:\Users\pc\Desktop
Loaded Profiles: pc (Available Profiles: pc)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
() C:\Windows\SysWOW64\ASGT.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe
(Spotify Ltd) C:\Users\pc\AppData\Roaming\Spotify\Spotify.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Spotify Ltd) C:\Users\pc\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\pc\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\pc\AppData\Roaming\Spotify\Spotify.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
(Spotify Ltd) C:\Users\pc\AppData\Roaming\Spotify\Spotify.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(ROCCAT GmbH Co., Ltd.) C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
(Google Inc.) C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-09-12] (AVAST Software)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [RoccatKone+] => C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [557056 2013-10-25] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatIsku] => C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [536576 2013-10-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1380506220-1166265625-1735509145-1000\...\Run: [Google Update] => C:\Users\pc\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-29] (Google Inc.)
HKU\S-1-5-21-1380506220-1166265625-1735509145-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.)
HKU\S-1-5-21-1380506220-1166265625-1735509145-1000\...\Run: [Spotify] => C:\Users\pc\AppData\Roaming\Spotify\Spotify.exe [20803184 2017-09-30] (Spotify Ltd)
HKU\S-1-5-21-1380506220-1166265625-1735509145-1000\...\Run: [Spotify Web Helper] => C:\Users\pc\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-30] (Spotify Ltd)
HKU\S-1-5-21-1380506220-1166265625-1735509145-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
AppInit_DLLs-x32: => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk [2015-04-03]
ShortcutTarget: Roccat Talk.lnk -> C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe (ROCCAT GmbH Co., Ltd.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{55F09B12-83FC-4D53-A790-CCA2CCBE97DB}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1380506220-1166265625-1735509145-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-09-12] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-09-12] (AVAST Software)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-08-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-08-22] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1380506220-1166265625-1735509145-1000: @tools.google.com/Google Update;version=3 -> C:\Users\pc\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-1380506220-1166265625-1735509145-1000: @tools.google.com/Google Update;version=9 -> C:\Users\pc\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default [2017-10-03]
CHR Extension: (Prezentácie Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-17]
CHR Extension: (Dokumenty Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-17]
CHR Extension: (Disk Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Tabuľky Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-17]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Autofill for Chrome by Fillr) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhegjfmbbpahdggoekcbmejnifimeca [2017-09-19]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-27]
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-07-10]
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 4 [2017-07-10]
CHR Extension: (Tabuľky Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-05]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-05]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-05]
CHR Extension: (Chrome Media Router) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-05]
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 5 [2017-07-24]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-23]
CHR Extension: (Adobe Acrobat) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-07-23]
CHR Extension: (Tabuľky Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-23]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-23]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-23]
CHR Extension: (Chrome Media Router) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-23]
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\System Profile [2017-07-24]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.XGYMCQYR4N5NZ2ECUEP4UQTHO4 - C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7452288 2017-09-12] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-09-12] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [322976 2017-09-12] (AVAST Software)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [175136 2014-10-03] (EasyAntiCheat Ltd)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [513144 2017-08-22] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [513144 2017-08-22] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-22] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-08-22] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2098528 2017-09-12] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2977640 2017-09-12] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2017-07-10] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2017-07-10] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [320528 2017-09-12] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-09-12] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343296 2017-09-12] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-09-12] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47016 2017-09-12] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147784 2017-09-12] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2017-07-10] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [555072 2017-09-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110376 2017-09-12] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-09-12] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1016384 2017-09-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [590880 2017-09-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [199312 2017-09-18] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361784 2017-09-25] (AVAST Software)
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2013-07-02] (ASUSTeK Computer Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-08-22] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48248 2017-08-22] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57976 2017-08-22] (NVIDIA Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-03 19:21 - 2017-10-03 19:22 - 000015191 _____ C:\Users\pc\Desktop\FRST.txt
2017-10-03 19:21 - 2017-10-03 19:21 - 000000000 ____D C:\Users\pc\Desktop\FRST-OlderVersion
2017-10-03 17:49 - 2017-10-03 18:43 - 000000000 ____D C:\Users\pc\AppData\LocalLow\uTorrent
2017-10-03 09:10 - 2017-10-03 09:11 - 000000000 ____D C:\Users\pc\Desktop\Mario Cyklo preteky
2017-09-30 17:39 - 2017-09-30 17:39 - 000218533 _____ C:\Users\pc\Desktop\S_und_U-Bahnnetz_mit_Regionalbahn_Berlin_ABC.pdf
2017-09-30 15:25 - 2017-09-30 15:30 - 000000000 ____D C:\Users\pc\Desktop\passat
2017-09-30 11:16 - 2017-10-03 09:09 - 000000000 ____D C:\Users\pc\Desktop\Berlin
2017-09-22 18:44 - 2017-09-22 18:44 - 000347348 _____ C:\Users\pc\Desktop\zasielacie-podmienky-medzinarodneho-styku.xlsx
2017-09-21 19:16 - 2017-09-21 19:16 - 000885945 _____ C:\Users\pc\Desktop\hydroxyderivaty-13870 (1).pdf
2017-09-18 14:31 - 2017-09-18 14:31 - 000000000 ____D C:\Users\pc\AppData\Local\CrashDumps
2017-09-17 17:25 - 2017-09-17 17:25 - 000000874 _____ C:\Users\Public\Desktop\FIFA 17 DEMO.lnk
2017-09-17 17:25 - 2017-09-17 17:25 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2017-09-17 16:52 - 2017-09-17 16:52 - 000000000 ____D C:\67379e481567881906cb6544f5c4cb21
2017-09-17 16:52 - 2017-09-17 16:52 - 000000000 ____D C:\1531a180dbd1c5d25e5739a86c16
2017-09-17 16:40 - 2017-09-17 16:40 - 000000000 ____D C:\e6f9ba9675f17dd7a2722d099ff604
2017-09-17 15:57 - 2017-09-17 15:57 - 000000000 ____D C:\7b5bfa5773cdc538ce3f3589
2017-09-13 16:46 - 2017-09-13 16:46 - 000003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-13 16:46 - 2017-09-13 16:46 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-13 16:46 - 2017-08-22 02:40 - 001923192 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-09-13 16:46 - 2017-08-22 02:40 - 001755256 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-09-13 16:46 - 2017-08-22 02:40 - 001505912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-09-13 16:46 - 2017-08-22 02:40 - 001317496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-09-13 16:46 - 2017-08-22 02:40 - 000121464 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-09-13 16:45 - 2017-09-13 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-09-13 16:45 - 2017-09-13 16:45 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-13 16:45 - 2017-09-13 16:45 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-13 16:45 - 2017-09-13 16:45 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-13 16:45 - 2017-09-13 16:45 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-13 16:45 - 2017-09-13 16:45 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-13 16:45 - 2017-09-13 16:45 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-13 16:45 - 2017-08-22 02:40 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-09-13 16:44 - 2017-09-13 16:44 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-09-13 16:44 - 2017-08-22 00:33 - 000135800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-09-13 16:44 - 2017-06-15 21:32 - 000541984 _____ C:\Windows\system32\vulkan-1.dll
2017-09-13 16:44 - 2017-06-15 21:32 - 000525088 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-09-13 16:44 - 2017-06-15 21:32 - 000254240 _____ C:\Windows\system32\vulkaninfo.exe
2017-09-13 16:44 - 2017-06-15 21:32 - 000233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-09-13 16:43 - 2017-08-22 02:40 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2017-09-13 16:38 - 2017-08-22 02:40 - 040240248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 035881592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 035314112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 028985976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 023132184 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 018849272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 017807096 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 015409088 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-09-13 16:38 - 2017-08-22 02:40 - 014687256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 013782904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 012225984 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 011692528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 010072768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 003802048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 003354560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 001988216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438541.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 001597888 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438541.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 001067456 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 001005176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 000972920 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 000924280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 000690320 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 000609728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 000578056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 000512672 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 000499136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 000491720 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 000429920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 000407064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 000218712 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-09-13 16:38 - 2017-08-22 02:40 - 000171384 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 000154208 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 000149040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 000132072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 000057976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-09-13 16:38 - 2017-08-22 02:40 - 000048248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-09-13 16:38 - 2017-08-22 02:40 - 000045976 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-09-13 16:38 - 2017-08-22 02:40 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-09-13 16:38 - 2017-08-22 02:40 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2017-09-13 10:08 - 2017-09-13 10:08 - 000003886 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1453066320
2017-09-12 22:42 - 2017-09-12 22:42 - 000000000 ____D C:\Users\pc\AppData\Local\NVIDIA
2017-09-12 22:38 - 2017-08-22 02:40 - 000179320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-09-12 22:38 - 2017-08-22 02:40 - 000146552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-09-12 22:36 - 2017-09-12 22:35 - 000401488 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-09-12 22:24 - 2017-09-12 22:24 - 000000000 ____D C:\Users\pc\Documents\FIFA 18 Demo
2017-09-04 20:19 - 2017-09-04 20:19 - 008182736 _____ (Malwarebytes) C:\Users\pc\Desktop\adwcleaner_7.0.2.1.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-03 19:21 - 2015-12-19 01:40 - 002399744 _____ (Farbar) C:\Users\pc\Desktop\FRST64.exe
2017-10-03 19:21 - 2015-03-14 17:41 - 000000000 ____D C:\FRST
2017-10-03 19:21 - 2015-02-09 19:24 - 000000000 ____D C:\AdwCleaner
2017-10-03 19:17 - 2014-06-07 10:57 - 000000000 ____D C:\Users\pc\AppData\Roaming\Skype
2017-10-03 19:16 - 2009-07-14 06:45 - 000014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-03 19:16 - 2009-07-14 06:45 - 000014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-03 19:13 - 2016-04-08 16:02 - 000000000 ____D C:\Users\pc\AppData\Roaming\Spotify
2017-10-03 19:04 - 2016-04-08 16:03 - 000000000 ____D C:\Users\pc\AppData\Local\Spotify
2017-10-03 19:03 - 2014-06-05 21:23 - 000000000 ____D C:\ProgramData\NVIDIA
2017-10-03 19:02 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-03 19:01 - 2015-12-19 16:05 - 000000000 ____D C:\Users\pc\AppData\Roaming\uTorrent
2017-10-03 18:42 - 2015-11-08 00:36 - 000000000 ____D C:\Users\pc\AppData\Roaming\vlc
2017-10-03 09:15 - 2016-09-18 09:56 - 000000000 ____D C:\Users\pc\Desktop\TATO Dokumenty
2017-10-02 16:38 - 2009-07-14 17:18 - 000668866 _____ C:\Windows\system32\perfh005.dat
2017-10-02 16:38 - 2009-07-14 17:18 - 000141526 _____ C:\Windows\system32\perfc005.dat
2017-10-02 16:38 - 2009-07-14 07:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-02 16:38 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-09-30 22:48 - 2017-03-18 16:58 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-09-27 11:36 - 2014-06-05 21:41 - 000002339 _____ C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-26 14:19 - 2014-06-07 10:56 - 000000000 ____D C:\ProgramData\Origin
2017-09-26 13:22 - 2014-06-07 20:09 - 000000000 ____D C:\Users\pc\AppData\Roaming\Origin
2017-09-25 10:37 - 2014-06-05 22:46 - 000361784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-09-22 14:01 - 2016-09-13 19:49 - 000000000 ____D C:\Users\pc\AppData\Local\NVIDIA Corporation
2017-09-18 21:11 - 2014-06-05 22:46 - 000199312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2017-09-17 16:19 - 2015-09-07 19:28 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-17 13:57 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-09-17 13:40 - 2017-05-01 21:40 - 000000000 ____D C:\Users\pc\Desktop\Patrik
2017-09-17 13:40 - 2017-03-08 16:43 - 000000000 ____D C:\Users\pc\Desktop\Chem
2017-09-16 22:49 - 2009-07-14 07:08 - 000032624 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-09-13 18:26 - 2014-06-14 18:58 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-09-13 18:26 - 2014-06-14 18:58 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-13 18:26 - 2014-06-14 18:58 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-09-13 18:26 - 2014-06-14 18:58 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-09-13 18:26 - 2014-06-14 18:58 - 000000000 ____D C:\Windows\system32\Macromed
2017-09-13 16:46 - 2014-06-05 21:20 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-09-13 16:45 - 2014-06-05 21:22 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-09-13 16:45 - 2014-06-05 21:22 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-09-12 22:35 - 2016-01-17 23:35 - 000590880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-09-12 22:35 - 2016-01-17 23:35 - 000147784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-09-12 22:35 - 2014-08-15 11:53 - 000047016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-09-12 22:35 - 2014-06-05 22:46 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-09-12 22:35 - 2014-06-05 22:46 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-09-12 22:34 - 2017-03-18 16:58 - 000343296 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-09-12 22:34 - 2017-03-18 16:58 - 000320528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-09-12 22:34 - 2017-03-18 16:58 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-09-12 22:34 - 2017-03-18 16:58 - 000057736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-09-12 22:34 - 2016-02-13 12:35 - 000555072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2017-09-12 22:34 - 2014-06-05 22:46 - 001016384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-09-12 22:34 - 2014-06-05 22:46 - 000041832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-09-12 22:02 - 2014-06-07 10:55 - 000000000 ____D C:\Program Files (x86)\Origin
2017-09-06 19:13 - 2015-11-11 20:24 - 000000000 ____D C:\Users\pc\Desktop\ost
2017-09-05 19:08 - 2014-06-07 10:57 - 000000000 ___RD C:\Program Files (x86)\Skype
2017-09-05 19:08 - 2014-06-07 10:57 - 000000000 ____D C:\ProgramData\Skype
2017-09-04 20:19 - 2016-06-10 12:26 - 000000000 _____ C:\Windows\SysWOW64\last.dump

Some files in TEMP:
====================
2016-09-13 19:47 - 2014-05-20 01:10 - 001203248 _____ (NVIDIA Corporation) C:\Users\pc\AppData\Local\Temp\nvSCPAPI.dll
2017-09-12 22:41 - 2014-05-20 01:10 - 000413128 _____ (NVIDIA Corporation) C:\Users\pc\AppData\Local\Temp\nvSCPAPISvr.exe
2017-09-12 22:38 - 2014-05-20 01:10 - 000822216 _____ (NVIDIA Corporation) C:\Users\pc\AppData\Local\Temp\nvStInst.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-13 16:18

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2017 01
Ran by pc (03-10-2017 19:23:13)
Running from C:\Users\pc\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-06-05 19:16:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1380506220-1166265625-1735509145-500 - Administrator - Disabled)
Guest (S-1-5-21-1380506220-1166265625-1735509145-501 - Limited - Disabled)
pc (S-1-5-21-1380506220-1166265625-1735509145-1000 - Administrator - Enabled) => C:\Users\pc

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1380506220-1166265625-1735509145-1000\...\uTorrent) (Version: 3.4.9.43388 - BitTorrent Inc.)
7-Zip 4.57 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Aktualizace NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.41 - NVIDIA Corporation) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
ASUS GPU Tweak (HKLM-x32\...\{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.7.1.8 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.7.1.8 - ASUSTek COMPUTER INC.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 17.6.2310 - AVAST Software)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.1.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM-x32\...\CCleaner) (Version: 2.36 - Piriform)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DEMO FIFA 17 (HKLM-x32\...\{39C00B2C-EA3C-4A6B-AECF-DADA0F09C2AE}) (Version: 1.0.45.26330 - Electronic Arts)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
Foxit Reader (HKLM-x32\...\Foxit Reader) (Version: - )
Google Chrome (HKU\S-1-5-21-1380506220-1166265625-1735509145-1000\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
NVIDIA GeForce Experience 3.9.0.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.61 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.41 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.41 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.2.49155 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 385.41 - NVIDIA Corporation) Hidden
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
ROCCAT Isku Keyboard Driver (HKLM-x32\...\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}) (Version: - Roccat GmbH)
ROCCAT Kone[+] Mouse Driver (HKLM-x32\...\{B99CB207-4704-4C51-9309-0FA90AA26DD4}) (Version: - Roccat GmbH)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0015 - Roccat GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.9 - Rockstar Games)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1380506220-1166265625-1735509145-1000\...\Spotify) (Version: 1.0.64.399.g4637b02a - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51 - Ghisler Software GmbH)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version: - Haemimont Games)
Vegas Pro 12.0 (64-bit) (HKLM\...\{87CEB7C0-1D35-11E2-8F19-F04DA23A5C58}) (Version: 12.0.394 - Sony)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1380506220-1166265625-1735509145-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\pc\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1380506220-1166265625-1735509145-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\pc\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1380506220-1166265625-1735509145-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\pc\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1380506220-1166265625-1735509145-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\pc\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-12] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-12] (AVAST Software)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2007-12-06] (Igor Pavlov)
ContextMenuHandlers1-x32: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1-x32: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-12] (AVAST Software)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-12] (AVAST Software)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2007-12-06] (Igor Pavlov)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-08-22] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-12] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1A19C053-843F-4EAE-87F1-D3ADDD0FC971} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-08-22] (NVIDIA Corporation)
Task: {269D8469-2179-4DCE-9C66-2C543B93F04D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-22] (NVIDIA Corporation)
Task: {36D158AE-B9FB-4337-9F84-FC8AC223658C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-22] (NVIDIA Corporation)
Task: {549470CE-2CA0-4A01-8B86-537CE8A0A835} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-22] (NVIDIA Corporation)
Task: {7541CF97-720C-441B-9A7B-C1D28904F161} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-13] (Adobe Systems Incorporated)
Task: {79BCA717-E5B5-49AE-9888-81E0E52F25B8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1380506220-1166265625-1735509145-1000Core => C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {95E3EF0C-B477-4759-8837-91DABA76F840} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-22] (NVIDIA Corporation)
Task: {A0E69EC4-76B5-4AC3-92AD-6461BB7EB53A} - System32\Tasks\SafeZone scheduled Autoupdate 1453066320 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {A2D65FCF-CDC1-4E03-92EB-495987AFE7D8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-09-12] (AVAST Software)
Task: {E89411F8-E968-4A8F-A17E-074184F34B23} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {F2FA290F-E83E-4539-B541-9D3BDE7A1B1F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1380506220-1166265625-1735509145-1000UA => C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {F41150EF-9DD1-4D37-8FF3-94F5579F2874} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-08-22] (NVIDIA Corporation)
Task: {F603E080-21D9-4F56-B54C-037B23C6D688} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-08-22] (NVIDIA Corporation)
Task: {F762B087-A9A3-4B2C-9923-A72BA1A4F50D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {F8A91F1B-3806-43D9-AF80-29F2F20D8AF6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-08-22] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\a598db91dd1cc7df\A - Chrome.lnk -> C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4"

==================== Loaded Modules (Whitelisted) ==============

2012-01-17 11:24 - 2012-01-17 11:24 - 000055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2014-06-07 21:38 - 2017-07-10 18:58 - 000075064 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-07 21:38 - 2017-07-10 18:59 - 000189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2017-09-12 22:35 - 2017-09-12 22:35 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
2017-09-12 22:34 - 2017-09-12 22:34 - 000169832 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-09-27 17:07 - 2017-09-27 17:06 - 000834224 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2017-09-12 22:35 - 2017-09-12 22:35 - 000286712 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2017-09-27 11:36 - 2017-09-21 09:29 - 004022616 _____ () C:\Users\pc\AppData\Local\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
2017-09-27 11:36 - 2017-09-21 09:29 - 000100184 _____ () C:\Users\pc\AppData\Local\Google\Chrome\Application\61.0.3163.100\libegl.dll
2017-09-12 22:34 - 2017-09-12 22:34 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-09-12 22:34 - 2017-09-12 22:34 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-09-12 22:34 - 2017-09-12 22:34 - 000211904 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-09-12 22:34 - 2017-09-12 22:34 - 000241960 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-09-12 22:34 - 2017-09-12 22:34 - 000149568 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
2017-10-03 17:56 - 2017-10-03 17:56 - 005890864 _____ () C:\Program Files\AVAST Software\Avast\defs\17100302\algo.dll
2017-09-27 17:07 - 2017-09-27 17:06 - 000692408 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-09-12 22:34 - 2017-09-12 22:34 - 000241448 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-07-10 20:25 - 2017-07-10 20:25 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-09-12 22:34 - 2017-09-12 22:34 - 000233768 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2014-09-16 22:49 - 2014-09-16 22:49 - 000278528 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Vender.dll
2014-08-28 18:49 - 2014-08-28 18:49 - 000057344 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Exeio.dll
2016-04-08 16:03 - 2017-09-30 14:59 - 071818864 _____ () C:\Users\pc\AppData\Roaming\Spotify\libcef.dll
2016-04-08 16:03 - 2017-09-30 14:58 - 002969200 _____ () C:\Users\pc\AppData\Roaming\Spotify\libglesv2.dll
2016-04-08 16:03 - 2017-09-30 14:58 - 000086640 _____ () C:\Users\pc\AppData\Roaming\Spotify\libegl.dll
2014-06-28 11:42 - 2010-06-22 13:50 - 000061440 _____ () C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\hiddriver.dll
2014-06-28 11:43 - 2010-11-04 11:48 - 000061440 _____ () C:\Program Files (x86)\ROCCAT\Isku Keyboard\hiddriver.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 002144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 007955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-04-30 14:03 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1380506220-1166265625-1735509145-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\pc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{E74F6D9E-D77B-4C85-8C64-92872FA165E0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{69A26A11-7CF6-4D53-BDC2-771DAD9466C0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{4D00B605-FC6E-47D7-9035-86582013B6E2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4DB249CC-2FFF-4E76-90D8-A08724CA4528}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B328CA7D-B970-4980-A935-018A448D10CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{7328D00D-9C07-47A5-892A-5E8BD0A4156E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{A2C23A2D-9F50-429E-81A4-A9A04A340F9F}] => (Allow) D:\Program Files (x86)\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{8AFC3AA2-C8A6-499E-875D-61BD844DF9FF}] => (Allow) D:\Program Files (x86)\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{6D6472C6-71D9-434B-9BDC-212AFEA39012}] => (Allow) D:\Program Files (x86)\SteamLibrary\SteamApps\common\Tropico 4\Tropico4.exe
FirewallRules: [{95194B19-7DB3-40A8-95BD-8AFFD80923F4}] => (Allow) D:\Program Files (x86)\SteamLibrary\SteamApps\common\Tropico 4\Tropico4.exe
FirewallRules: [{57065AAC-1A1A-4F30-88FD-26CF4B91F5A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{3CDB18B8-1E91-4DA2-9DC6-F718AD60EE1D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{0602BBB5-88AA-4C5D-872D-6945CDCD5008}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tropico 4\Tropico4.exe
FirewallRules: [{42FF1DBE-3313-4CA2-BCC7-27EFB15602FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tropico 4\Tropico4.exe
FirewallRules: [{FB1920CC-726B-4802-A876-33A406CEDE48}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{825A3667-3F60-46FB-9558-B8102E479BA0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{058D1EE7-4905-4F96-85C5-549ECD4C438D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{E59DA6CF-B070-479B-A76A-DA5A51349BE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{F9D1D8BF-92BF-4540-8CE5-9C4B7360ECBA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{172AD217-BBC4-4109-A504-8BA93BACF0D4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{31D68421-7597-40D0-9979-2038E40DF218}C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe] => (Allow) C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe
FirewallRules: [UDP Query User{E659B8B3-4FA8-480F-9CFF-4B40DE30AEF8}C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe] => (Allow) C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe
FirewallRules: [TCP Query User{E3371B54-DD76-4017-B806-5B8EF9C035D1}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{D9BF1FE8-62D4-4D1E-995E-A14072876B06}C:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) C:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{E9653C47-1695-42CF-A8BB-AF1900462353}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{419220C3-20C2-4C30-8996-24354296EFD2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{E1EB3D79-C8A2-4462-836C-57CC942CAF3C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{93857B7B-E15F-47DB-B17E-C01EFB09FBB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{7348BBE9-0E10-4487-9EEA-864592575A3A}] => (Allow) C:\Users\pc\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E9568356-93E7-4521-9546-310E5738BC43}] => (Allow) C:\Users\pc\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{B5B3B973-359A-4CAD-B6D1-A3BB9E12F269}D:\program files (x86)\farcry 4\far cry 4\bin\farcry4.exe] => (Block) D:\program files (x86)\farcry 4\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{1B924897-C74D-42FF-AD53-43255C3721A1}D:\program files (x86)\farcry 4\far cry 4\bin\farcry4.exe] => (Block) D:\program files (x86)\farcry 4\far cry 4\bin\farcry4.exe
FirewallRules: [{F3BDBEA0-DB0F-4EFC-82E6-73DF5D1FFA4F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E9801817-66C0-485E-A70C-00AFC587158E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{D7EDDCC6-EAA2-4510-B412-2C850D46FACA}D:\program files (x86)\rockstar games\gta v\gta5.exe] => (Allow) D:\program files (x86)\rockstar games\gta v\gta5.exe
FirewallRules: [UDP Query User{71D26E15-00E4-4CF4-A1CD-69F2DD8854BB}D:\program files (x86)\rockstar games\gta v\gta5.exe] => (Allow) D:\program files (x86)\rockstar games\gta v\gta5.exe
FirewallRules: [{13F0212E-EFBD-440B-8111-1A96B042ECAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{88BD7F81-408E-44C6-B067-50E52F0E86DF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [TCP Query User{EA63B982-A5E0-4255-95AF-7B3C62DA1902}D:\program files (x86)\rockstar games\gta v\gta5.exe] => (Allow) D:\program files (x86)\rockstar games\gta v\gta5.exe
FirewallRules: [UDP Query User{84BC91F7-662E-4268-86C5-D445D83FC2FE}D:\program files (x86)\rockstar games\gta v\gta5.exe] => (Allow) D:\program files (x86)\rockstar games\gta v\gta5.exe
FirewallRules: [{ED1FBDF8-F0AA-480B-A283-D8AE3991675D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{67CAA043-856E-4162-97F7-DA3902839802}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{96D8DE8A-574F-4EBE-A932-6F661525D426}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{29D66301-3AE3-4701-97FF-0AB4BBB2DC42}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [TCP Query User{B7C0ECBF-8D04-4F61-B29B-1EB0C4EC8982}C:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe] => (Allow) C:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe
FirewallRules: [UDP Query User{43FC8D91-B833-4A4B-91DD-5EC7066D34E9}C:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe] => (Allow) C:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe
FirewallRules: [{4E4EEE6E-1C37-4FA4-BB82-DF0362A38C22}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{88FAD549-1680-4999-82AD-815F602C68AD}D:\program files (x86)\r.g. mechanics\simcity\simcity\simcity.exe] => (Block) D:\program files (x86)\r.g. mechanics\simcity\simcity\simcity.exe
FirewallRules: [UDP Query User{F70AB861-56A9-47BE-BFA9-FC6A981938D9}D:\program files (x86)\r.g. mechanics\simcity\simcity\simcity.exe] => (Block) D:\program files (x86)\r.g. mechanics\simcity\simcity\simcity.exe
FirewallRules: [TCP Query User{D9614ACA-8693-4DE1-B9CF-DA60B3BA2D14}C:\users\pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pc\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{BB55D0DA-2742-4190-8418-02BC8195B4DB}C:\users\pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pc\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{252B37A6-F0D2-4D64-9263-8C2CC8271480}C:\users\pc\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\pc\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{EE36DDC7-E3B2-4896-9F09-5B65E4C8140B}C:\users\pc\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\pc\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0D25534D-D52D-4D30-8925-C10FED95F7E1}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{E24CE78D-B110-4DFB-89AF-06D24AE15905}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [TCP Query User{C9B602B3-FA6D-46CB-A306-C7D7F6074C8C}D:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) D:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{7D37C955-1B21-4107-B1D0-162066AEF0F8}D:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) D:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{37595DE0-D7CE-4CED-8B94-09AA10B23C53}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C9720987-E050-41BD-AD78-AA139B412D03}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DD72CCB8-AB22-439F-8747-557CEEB9D221}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DF14EF2F-F23A-4594-9026-331645CA3420}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DD15E36E-AF61-4A3E-B7E1-3AC72958A995}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{1892114B-9393-4C9A-8235-13B7C40D5B80}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{AD59928F-7A60-4368-BD8F-B1F68C4B5652}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{B78217EF-D358-478E-B531-20818BD7FC3A}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{9F065C84-260B-4596-AED5-BC769301D767}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{72BCF63C-7080-4F27-A319-296C474D58C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{43830D69-754B-4B66-8EC1-920E2AD0ED54}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{7C0A324D-1DCF-473B-98EA-09A03A038A5F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E9537847-9EDB-4243-A201-CF0D2EF824E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{213FC563-D236-42AA-83BA-3E8BF3D0F4EF}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 17 DEMO\FIFASetup\fifaconfig.exe
FirewallRules: [{37999BAA-D684-444C-8C7C-1663E51D37C4}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 17 DEMO\FIFASetup\fifaconfig.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/21/2017 09:37:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Origin.exe verze 10.5.2.49155 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 16ec

Čas spuštění: 01d332eaa12f73a8

Čas ukončení: 1596

Cesta k aplikaci: C:\Program Files (x86)\Origin\Origin.exe

ID hlášení: 2aa6d57b-9f04-11e7-9bc1-5404a64c8c4c

Error: (09/18/2017 06:08:00 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\$RECYCLE.BIN\S-1-5-21-1380506220-1166265625-1735509145-1000\$RMI0YNN.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (09/18/2017 02:30:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: fifa15.exe, verze: 1.8.0.0, časové razítko: 0x55699cb1
Název chybujícího modulu: aswhooka.dll, verze: 17.6.3.12852, časové razítko: 0x59a03659
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000003318
ID chybujícího procesu: 0x16a8
Čas spuštění chybující aplikace: 0x01d33079ef3167ed
Cesta k chybující aplikaci: D:\Program Files (x86)\Origin Games\FIFA 15\fifa15.exe
Cesta k chybujícímu modulu: C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll
ID zprávy: 35f5defc-9c6d-11e7-bf3d-5404a64c8c4c

Error: (09/17/2017 04:04:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\pc\Desktop\vcredist_arm.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (09/17/2017 03:43:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Users\pc\Desktop\vcredist_arm.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (09/03/2017 09:09:32 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Skype.exe verze 7.39.0.102 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 838

Čas spuštění: 01d32480dd05a3aa

Čas ukončení: 49

Cesta k aplikaci: C:\Program Files (x86)\Skype\Phone\Skype.exe

ID hlášení: ab0ce822-9076-11e7-80c6-5404a64c8c4c

Error: (08/27/2017 11:05:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Origin.exe, verze: 10.4.17.36908, časové razítko: 0x5978e6d4
Název chybujícího modulu: Qt5WebEngineCore.dll, verze: 5.6.0.0, časové razítko: 0x58d5ce5a
Kód výjimky: 0xc0000005
Posun chyby: 0x0005ade7
ID chybujícího procesu: 0x15f0
Čas spuštění chybující aplikace: 0x01d31f6810a19a53
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin\Origin.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
ID zprávy: 79da625b-8b6b-11e7-86df-5404a64c8c4c

Error: (08/22/2017 01:55:17 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.1.7601.17514 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 594

Čas spuštění: 01d31ad6d7318ba1

Čas ukončení: 1047

Cesta k aplikaci: C:\Windows\Explorer.EXE

ID hlášení: 2c736b02-86cc-11e7-a53a-5404a64c8c4c

Error: (08/18/2017 05:51:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WinRAR.exe verze 5.1.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 218

Čas spuštění: 01d31839ce42f4f7

Čas ukončení: 7555

Cesta k aplikaci: C:\Program Files (x86)\WinRAR\WinRAR.exe

ID hlášení: 1a3d1dce-842d-11e7-841f-5404a64c8c4c

Error: (08/12/2017 03:20:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program fifaconfig.exe verze 1.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 10fc

Čas spuštění: 01d3136c46718133

Čas ukončení: 13

Cesta k aplikaci: D:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe

ID hlášení: f2c1157e-7f60-11e7-80e9-5404a64c8c4c


System errors:
=============
Error: (10/03/2017 07:09:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (10/03/2017 07:04:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswbIDSAgent neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (10/03/2017 07:04:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby aswbIDSAgent bylo dosaženo časového limitu (30000 ms).

Error: (10/03/2017 07:03:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (10/03/2017 07:03:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (30000 ms).

Error: (10/03/2017 01:56:31 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní chyby: 10

Error: (10/03/2017 01:52:36 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (10/03/2017 01:49:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Microsoft .NET Framework NGEN v4.0.30319_X86 bylo dosaženo časového limitu (30000 ms).

Error: (10/03/2017 01:46:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (10/03/2017 01:46:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (30000 ms).


==================== Memory info ===========================

Processor: AMD Athlon(tm) II X4 640 Processor
Percentage of memory in use: 56%
Total physical RAM: 4094.12 MB
Available physical RAM: 1784.46 MB
Total Virtual: 8186.42 MB
Available Virtual: 5493.05 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:195.21 GB) (Free:32.42 GB) NTFS
Drive d: () (Fixed) (Total:270.45 GB) (Free:107.52 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E3CA17B6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=270.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

# AdwCleaner 7.0.2.1 - Logfile created on Tue Oct 03 17:31:47 2017
# Updated on 2017/29/08 by Malwarebytes
# Database: 10-02-2017.1
# Running on Windows 7 Professional (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner 7.0.2.1 - Logfile created on Tue Oct 03 17:31:47 2017
# Updated on 2017/29/08 by Malwarebytes
# Database: 10-02-2017.1
# Running on Windows 7 Professional (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
C:\Users\pc\AppData\Local\Temp
CustomCLSID: HKU\S-1-5-21-1380506220-1166265625-1735509145-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\pc\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1380506220-1166265625-1735509145-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\pc\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
ContextMenuHandlers1-x32: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.