ZDE FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04.03.2018
Ran by Bary (administrator) on BARY_PC (08-03-2018 16:12:32)
Running from C:\Users\Bary\Desktop
Loaded Profiles: Bary (Available Profiles: Bary & Janyška)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [245608 2018-03-06] (AVAST Software)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2439072 2010-05-24] (VIA)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2795746050-3627135712-4210470686-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-2795746050-3627135712-4210470686-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2016-09-11]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2016-09-11]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-08-09]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CBBAB301-0DCB-4042-A109-0090B32835E6}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{EACCA239-F44C-4AB8-B89B-2F6BBF11AC2C}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2795746050-3627135712-4210470686-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-2795746050-3627135712-4210470686-1000 -> {73ED3DC4-6B10-4048-B641-783ABC7DEDA1} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_2
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-02-15] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-02-15] (AVAST Software)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\Bary\AppData\Roaming\Mozilla\Firefox\Profiles\s5blaom8.default [2018-03-08]
FF Homepage: Mozilla\Firefox\Profiles\s5blaom8.default -> hxxps://
www.google.cz/?gws_rd=ssl
FF Extension: (Avast SafePrice) - C:\Users\Bary\AppData\Roaming\Mozilla\Firefox\Profiles\s5blaom8.default\Extensions\
sp@avast.com.xpi [2018-03-08]
FF Extension: (Avast Online Security) - C:\Users\Bary\AppData\Roaming\Mozilla\Firefox\Profiles\s5blaom8.default\Extensions\
wrc@avast.com.xpi [2017-10-07]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-06] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-06] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-27] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7556704 2018-03-06] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [303728 2018-03-06] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [357760 2018-03-06] (AVAST Software)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [360448 2011-08-19] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]
R2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-09-17] (NVIDIA Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [51112 2016-06-17] (Microsoft)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-09-17] (NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196648 2018-03-06] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-03-06] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-03-06] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-03-06] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-03-06] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-03-06] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41800 2017-07-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [146656 2018-03-06] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2017-12-14] (AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [619984 2018-03-06] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110328 2018-03-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84368 2018-03-06] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026696 2018-03-06] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-03-06] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-03-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380528 2018-03-06] (AVAST Software)
R3 AVerIT13x; C:\Windows\System32\Drivers\AVerIT13x_x64.sys [198272 2012-12-06] (AVerMedia TECHNOLOGIES, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-08 16:12 - 2018-03-08 16:13 - 000013759 _____ C:\Users\Bary\Desktop\FRST.txt
2018-03-08 15:27 - 2018-03-08 15:27 - 008222496 _____ (Malwarebytes) C:\Users\Bary\Desktop\adwcleaner_7.0.8.0.exe
2018-03-08 14:16 - 2018-03-08 14:16 - 012557201 _____ C:\Users\Bary\Desktop\HERON MARTIN.zip
2018-03-06 21:54 - 2018-03-06 21:54 - 000380768 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-02-10 21:52 - 2018-02-10 21:52 - 000000796 _____ C:\Users\Bary\Desktop\SOLIUS – zástupce.lnk
2018-02-10 15:35 - 2018-02-10 15:35 - 002291360 _____ C:\Users\Bary\Downloads\katalog(1).pdf
2018-02-10 09:49 - 2018-02-10 09:49 - 000299903 _____ C:\Users\Bary\Downloads\d_d__ps_300Sunrise_ESC.PDF
2018-02-10 09:07 - 2018-02-10 09:07 - 000042987 _____ C:\Users\Bary\Downloads\Volba_motoru_RAY_G2_doporucene_vrtule.pdf
2018-02-10 09:06 - 2018-02-10 09:06 - 000374031 _____ C:\Users\Bary\Downloads\RAY_G2_technicka_data.pdf
2018-02-10 09:06 - 2018-02-10 09:06 - 000023402 _____ C:\Users\Bary\Downloads\Nahrada_motoru_RAY_novou_generaci_G2.pdf
2018-02-08 21:48 - 2018-02-08 21:48 - 000036865 _____ C:\Users\Bary\Downloads\Volba_vrtule_pro_motory_FOXY_G2.pdf
2018-02-08 21:48 - 2018-02-08 21:48 - 000036384 _____ C:\Users\Bary\Downloads\Volba_motoru_FOXY_G2.pdf
2018-02-08 18:33 - 2018-02-08 18:33 - 002291360 _____ C:\Users\Bary\Downloads\katalog.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-08 16:12 - 2016-05-21 10:31 - 000000000 ____D C:\FRST
2018-03-08 16:06 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-03-08 15:41 - 2009-07-14 05:45 - 000023392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-08 15:41 - 2009-07-14 05:45 - 000023392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-08 15:35 - 2016-11-18 10:14 - 000000000 ____D C:\Users\Bary\AppData\LocalLow\Mozilla
2018-03-08 15:33 - 2013-08-05 13:28 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-08 15:33 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-08 15:32 - 2017-04-16 10:54 - 000000000 ____D C:\AdwCleaner
2018-03-08 13:57 - 2017-04-16 09:35 - 002403328 _____ (Farbar) C:\Users\Bary\Desktop\FRST64.exe
2018-03-08 13:56 - 2013-08-09 16:53 - 000000000 ____D C:\Users\Bary\Desktop\Nepoužívané odkazy
2018-03-08 08:41 - 2016-11-23 20:09 - 000000000 ____D C:\Users\Janyška\AppData\LocalLow\Mozilla
2018-03-07 04:23 - 2015-07-04 17:21 - 000000000 ____D C:\Users\Bary\AppData\Local\CrashDumps
2018-03-06 23:42 - 2015-03-09 19:18 - 000000000 ____D C:\Users\Bary\Documents\AVerTV
2018-03-06 22:07 - 2009-07-14 16:18 - 000668640 _____ C:\Windows\system32\perfh005.dat
2018-03-06 22:07 - 2009-07-14 16:18 - 000141300 _____ C:\Windows\system32\perfc005.dat
2018-03-06 22:07 - 2009-07-14 06:13 - 001583642 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-06 21:54 - 2017-12-14 17:03 - 000619984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2018-03-06 21:54 - 2017-12-14 16:54 - 000196648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-03-06 21:54 - 2017-03-01 16:06 - 000343752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-03-06 21:54 - 2017-03-01 16:06 - 000227504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-03-06 21:54 - 2017-03-01 16:06 - 000199440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-03-06 21:54 - 2017-03-01 16:06 - 000057680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-03-06 21:54 - 2017-03-01 16:06 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-03-06 21:54 - 2015-02-01 23:56 - 001026696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-03-06 21:54 - 2015-02-01 23:56 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-03-06 21:54 - 2015-02-01 23:56 - 000380528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-03-06 21:54 - 2015-02-01 23:56 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-03-06 21:54 - 2015-02-01 23:56 - 000146656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-03-06 21:54 - 2015-02-01 23:56 - 000110328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-03-06 21:54 - 2015-02-01 23:56 - 000084368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-03-06 21:54 - 2015-02-01 23:56 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-02-28 19:22 - 2014-12-26 08:46 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-25 19:07 - 2015-11-06 22:11 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-15 20:02 - 2015-03-09 17:27 - 000000000 ____D C:\Users\Bary\AppData\Local\AVerMedia
2018-02-12 18:30 - 2013-08-08 09:54 - 000000000 ____D C:\Users\Bary\AppData\Local\Microsoft Help
2018-02-09 09:25 - 2017-05-20 11:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-02-09 09:25 - 2013-08-09 16:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-06 20:11 - 2013-08-08 08:52 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-02-06 20:11 - 2013-08-08 08:52 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-06 20:11 - 2013-08-08 08:52 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-02-06 20:11 - 2013-08-08 08:52 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-02-06 20:11 - 2013-08-08 08:52 - 000000000 ____D C:\Windows\system32\Macromed
==================== Files in the root of some directories =======
2017-04-16 09:40 - 2017-04-16 09:40 - 000029696 _____ () C:\Users\Bary\AppData\Local\MSGBOX.EXE
2014-11-17 06:43 - 2014-11-17 06:43 - 000000017 _____ () C:\Users\Bary\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-02-27 16:24
==================== End of FRST.txt ============================
ZDE Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04.03.2018
Ran by Bary (08-03-2018 16:13:17)
Running from C:\Users\Bary\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-08-05 09:52:33)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2795746050-3627135712-4210470686-500 - Administrator - Disabled)
Bary (S-1-5-21-2795746050-3627135712-4210470686-1000 - Administrator - Enabled) => C:\Users\Bary
Guest (S-1-5-21-2795746050-3627135712-4210470686-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2795746050-3627135712-4210470686-1005 - Limited - Enabled)
Janyška (S-1-5-21-2795746050-3627135712-4210470686-1003 - Limited - Enabled) => C:\Users\Janyška
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 16.04 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Aktualizace NVIDIA 16.13.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 16.13.42 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 18.2.2328 - AVAST Software)
AVerMedia A835 USB DVB-T 2.3.64.28 (HKLM-x32\...\AVerMedia A835 USB DVB-T) (Version: 2.3.64.28 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV 3D (HKLM-x32\...\{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.9.1.9.16032501 - AVerMedia Technologies, Inc.) Hidden
AVerTV 3D (HKLM-x32\...\InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.9.1.9.16032501 - AVerMedia Technologies, Inc.)
Avidemux 2.5 (HKLM-x32\...\Avidemux 2.5 (64-bit)) (Version: 2.5.6.7716 - )
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (HKLM-x32\...\{363CEA5C-C9D0-45DD-9511-A461DBDEE94B}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
doPDF (HKLM\...\{F64C9051-AF79-4416-9522-EDBE765F062C}) (Version: 8.6.942 - Softland) Hidden
EPC (HKLM-x32\...\{A178B2C6-4062-11D6-90AA-00001CDD353B}) (Version: - )
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.02.01 - )
F4200 (HKLM-x32\...\{C2524280-A5CF-4458-B809-167F13FAB56D}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{A00C9114-40E6-4C70-A619-7DF264B23485}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
IL-2 Sturmovik 1946 (HKLM-x32\...\{758AF648-0B6C-4593-BDF1-9BF4CB50A359}) (Version: 1.00.0000 - Název společnosti:) Hidden
IL-2 Sturmovik 1946 (HKLM-x32\...\InstallShield_{758AF648-0B6C-4593-BDF1-9BF4CB50A359}) (Version: 1.00.0000 - Název společnosti:)
Jpeg Resampler Vs 6+ (HKLM-x32\...\JpegResampler2010_is1) (Version: - Jpeg Resampler)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Manager (HKLM-x32\...\{38251B9A-C44B-42D9-9A6A-0697986E334A}) (Version: 4.1.4.27792 - 2015 pdfforge GmbH. All rights reserved) Hidden
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0405-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Mozilla Firefox 58.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 58.0.2 (x64 cs)) (Version: 58.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 58.0.2.6611 - Mozilla)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{A53F3DB0-ECBA-4CA0-A4AC-518FA7347A02}) (Version: 8.6.942 - Softland)
novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{A0B71772-5AC4-47D5-A175-99238C057B37}) (Version: 8.6.942 - Softland)
novaPDF 8 Printer Driver (HKLM\...\{1A9E9E77-B29B-47C6-ADEB-9E7D6F7A08CE}) (Version: 8.6.942 - Softland)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
Ovládací panel NVIDIA 347.52 (HKLM\...\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 347.52 - NVIDIA Corporation) Hidden
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) Hidden
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0009 - Realtek)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 16.13.42 - NVIDIA Corporation) Hidden
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2795746050-3627135712-4210470686-1000_Classes\CLSID\{01D70133-25B3-429A-41D6-3F6339922EA2}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-06] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-06] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-06] (AVAST Software)
ContextMenuHandlers1-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\Program Files (x86)\JpegResampler2010\JRcm.dll [2010-08-19] ()
ContextMenuHandlers1-x32: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResampler2010\JRcm64.dll [2010-09-07] ()
ContextMenuHandlers1-x32-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger)
ContextMenuHandlers1-x32-x32: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-06] (AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-02-05] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-06] (AVAST Software)
ContextMenuHandlers6-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\Program Files (x86)\JpegResampler2010\JRcm.dll [2010-08-19] ()
ContextMenuHandlers6-x32: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResampler2010\JRcm64.dll [2010-09-07] ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0313C39B-2EF5-4A8A-9ED1-31120071BFF4} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {0313C39B-2EF5-4A8A-9ED1-31120071BFF4} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2015-07-04] (Microsoft Corporation)
Task: {0A341606-7CF2-4255-A65E-C845784D73A3} - System32\Tasks\{4EE4B67C-6C7A-427B-B751-6E2C03B2F797} => C:\Windows\system32\pcalua.exe -a "D:\Letecké simulátory\Mody na Sturmovik od Big Joea\zasilka-FB2YINTHL847F9HS\409m.exe" -d "D:\Letecké simulátory\Mody na Sturmovik od Big Joea\zasilka-FB2YINTHL847F9HS"
Task: {0D183448-569E-434F-889E-AB783F4BCEC5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-03-06] (AVAST Software)
Task: {1412137C-96E7-4B31-9FD8-F2703DA32790} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-01-05] (AVAST Software)
Task: {1B41D6C2-9143-4ECB-B40A-260D85583C84} - System32\Tasks\{E00FD4D2-71A6-4338-BFB0-0334D4E89682} => C:\Program Files (x86)\MOBIS\EPC\EPC.EXE [2002-03-26] (Kia)
Task: {1B64DBAB-6D07-49BC-8FC9-FF43DA2A78B3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {1E671025-8B3A-4A5D-8701-229A921E15F7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {1FB91FBF-E1AB-4E7D-83DF-A20C8F9F96BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {2FB2E473-FE54-467E-B922-8124B13EC3EE} - System32\Tasks\{9F37918D-6259-4D34-B31D-4E553333AC38} => C:\Windows\system32\pcalua.exe -a "D:\Letecké simulátory\Mody na Sturmovik od Big Joea\zasilka-FB2YINTHL847F9HS\Il2_412_2_INT.exe" -d "D:\Letecké simulátory\Mody na Sturmovik od Big Joea\zasilka-FB2YINTHL847F9HS"
Task: {35E24E52-4CE0-4FDF-99C5-10F044EBB609} - System32\Tasks\{CD06D807-AE64-4938-B469-39C0740648E0} => C:\Windows\system32\pcalua.exe -a E:\Imgedit_register\imgedit_register.exe -d E:\Imgedit_register
Task: {375808D1-61F8-40AC-8D01-FDE0EDDB35D9} - System32\Tasks\{BECF5D7E-6443-41A3-A71D-ED9617D5A7F5} => D:\Letecké simulátory\Záloha Sturm verze 4.10.m\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe [2006-12-22] ()
Task: {3BAAE5C6-6A3B-421C-B36B-5E26CF9559BE} - System32\Tasks\{57D5A4E6-48A2-45DB-8869-E43C2D88299B} => D:\Letecké simulátory\Záloha Sturm verze 4.10.m\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe [2006-12-22] ()
Task: {42DF52B4-A009-4309-A19F-7E15180CD2E1} - System32\Tasks\{80BAADEA-3AA9-443D-9CAB-314ED2AEC500} => C:\Program Files (x86)\MOBIS\EPC\EPC.EXE [2002-03-26] (Kia)
Task: {44145D29-5D57-43EF-A890-53ACE614A99C} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate
Task: {44145D29-5D57-43EF-A890-53ACE614A99C} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(2): %windir%\system32\rundll32.exe -> invagent.dll,RunUpdate -noappraiser
Task: {45B06AF5-F42B-4B73-A718-D70E861659D9} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {45B06AF5-F42B-4B73-A718-D70E861659D9} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2015-07-04] (Microsoft Corporation)
Task: {4705F293-688A-43C2-B914-041625A93C20} - System32\Tasks\{6BF0C10C-0FEC-4CD1-9612-267420127A6F} => C:\Windows\system32\pcalua.exe -a "D:\Letecké simulátory\Mody na Sturmovik od Big Joea\zasilka-FB2YINTHL847F9HS\Il2_411_INT.exe" -d "D:\Letecké simulátory\Mody na Sturmovik od Big Joea\zasilka-FB2YINTHL847F9HS"
Task: {5042989E-4220-49EA-BD6F-ABEB6B455A50} - System32\Tasks\{CC15A69B-79E8-4CAF-8E73-DFA52EEA5669} => C:\Program Files (x86)\MOBIS\EPC\EPC.EXE [2002-03-26] (Kia)
Task: {52C6E940-857D-4FE1-83FB-AC5E8F99F75D} - System32\Tasks\{8AA42B20-3F6D-408D-B030-84DCBB0362BB} => C:\Windows\system32\pcalua.exe -a "D:\Letecké simulátory\Mody na Sturmovik od Big Joea\zasilka-FB2YINTHL847F9HS\Il2_410_1.exe" -d "D:\Letecké simulátory\Mody na Sturmovik od Big Joea\zasilka-FB2YINTHL847F9HS"
Task: {55F2F13E-BFF6-4E24-B68B-240436DC7612} - System32\Tasks\SafeZone scheduled Autoupdate 1468288476 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {56F59FC6-176D-4EBD-B10A-1245044329D3} - System32\Tasks\{8EAB665E-EC7C-4E4C-A5BC-61536CA4E313} => E:\WINNT\Setup.exe
Task: {57B2311F-6883-4767-B91C-F0A8905BDDD3} - System32\Tasks\{874BF787-0EE1-4E41-95D1-35D568E9AE09} => D:\Letecké simulátory\Záloha Sturm verze 4.10.m\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe [2006-12-22] ()
Task: {63061030-61E1-4611-8DBF-168AB7E2A58D} - System32\Tasks\{A45FDD5C-7C34-41FA-A573-4658064B61FA} => C:\Windows\system32\pcalua.exe -a "D:\Letecké simulátory\Záloha Sturm verze 4.10.m\Ubisoft\IL-2 Sturmovik 1946\il2set.exe" -d "D:\Letecké simulátory\Záloha Sturm verze 4.10.m\Ubisoft\IL-2 Sturmovik 1946"
Task: {63E47088-3F7B-4812-B1E2-D8BED572446D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {63E47088-3F7B-4812-B1E2-D8BED572446D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {63E47088-3F7B-4812-B1E2-D8BED572446D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [2015-07-04] (Microsoft Corporation)
Task: {67514BDB-7059-4A71-A908-B1219E4DFF1F} - System32\Tasks\{B946BA5B-5413-4236-A241-7F4ACD12F9A8} => C:\Program Files (x86)\MOBIS\EPC\EPC.EXE [2002-03-26] (Kia)
Task: {6E1B96B0-8C4D-40BC-8F5F-E570F08A319F} - System32\Tasks\{008B9013-DD8F-4354-8904-819202313EAF} => C:\Program Files (x86)\MOBIS\EPC\EPC.EXE [2002-03-26] (Kia)
Task: {71AB8972-AE48-4CA3-A8D3-1BA539BE7651} - System32\Tasks\{6AA46206-7638-4FEB-B093-9902E48FCB9D} => D:\Letecké simulátory\Záloha Sturm verze 4.10.m\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe [2006-12-22] ()
Task: {739FF935-952B-4F57-8DCB-AF6F05031C6C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {78686BD4-9A4D-499E-AB92-56613F22A967} - System32\Tasks\{B236AAEA-1F3E-4BCC-895A-091466B038E3} => C:\Program Files (x86)\MOBIS\EPC\EPC.EXE [2002-03-26] (Kia)
Task: {7C35BEB9-3A15-49A8-A9DF-0A983719A143} - System32\Tasks\{53E4FFB5-3C4C-442E-B1E8-CCBB0AAA971E} => D:\Letecké simulátory\Záloha Sturm verze 4.10.m\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe [2006-12-22] ()
Task: {82EEA80D-72CD-4139-952F-37744C79CA57} - System32\Tasks\{4BA329E7-8DE4-47AD-9D19-784DB5B26C60} => C:\Windows\system32\pcalua.exe -a "D:\Letecké simulátory\Mody na Sturmovik od Big Joea\zasilka-FB2YINTHL847F9HS\Il2_412_INT.exe" -d "D:\Letecké simulátory\Mody na Sturmovik od Big Joea\zasilka-FB2YINTHL847F9HS"
Task: {8B7562C2-D195-49ED-BC0B-D26111AE7CAF} - System32\Tasks\{007B923B-DA17-4421-90DF-393538BD2579} => C:\Program Files (x86)\MOBIS\EPC\EPC.EXE [2002-03-26] (Kia)
Task: {8C40224C-A4F8-4D08-9B3B-DFFDFC460F3C} - System32\Tasks\{9FC72FCD-AC48-431E-A076-CBB833D4DFE3} => C:\Windows\system32\pcalua.exe -a "D:\Letecké simulátory\Mody na Sturmovik od Big Joea\zasilka-FB2YINTHL847F9HS\skins409m.exe" -d "D:\Letecké simulátory\Mody na Sturmovik od Big Joea\zasilka-FB2YINTHL847F9HS"
Task: {8E1DC3DF-7760-49CA-975A-BBD87096C39D} - System32\Tasks\{9DD90A62-9A6D-41F1-81CE-6C682D53D3D4} => C:\Windows\system32\pcalua.exe -a C:\Users\Bary\Desktop\domaci-nasili-game-over_1.0.exe -d C:\Users\Bary\Desktop
Task: {948F34D4-537A-4B08-B39D-9CFDAA13C302} - System32\Tasks\{BE7A0320-5A9E-4E31-8E78-6D0166D7298D} => E:\WINNT\Setup.exe
Task: {99F8B248-7FE3-49CD-AC46-489A5CCCB229} - System32\Tasks\{9E3CB33E-79F8-44A4-B1B0-BB60A2C7CBFD} => D:\Letecké simulátory\Záloha Sturm verze 4.10.m\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe [2006-12-22] ()
Task: {9F7125AE-3538-4FA5-94A6-8C6327AE9682} - System32\Tasks\{036500E8-1600-43A6-8FF9-03475C575097} => D:\Letecké simulátory\Záloha Sturm verze 4.10.m\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe [2006-12-22] ()
Task: {B83ACE1A-F370-4542-8125-7304EF1624AA} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2010-02-03] (ASUSTeK Computer Inc.)
Task: {B86B64D2-400F-48C3-82D6-E2A15CED8C32} - System32\Tasks\{2F4EA020-1DCB-4F55-B554-42DFDBCE279A} => E:\WINNT\Setup.exe
Task: {B8FD820F-05ED-4097-B04A-65EE26A8D115} - System32\Tasks\{13F2E585-E2C5-4028-A845-7274AFD90C02} => C:\Program Files (x86)\MOBIS\EPC\EPC.EXE [2002-03-26] (Kia)
Task: {C27FB208-7F0F-4634-9A34-B4074D08A2C5} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(3): %windir%\system32\rundll32.exe -> appraiser.dll,DailyGatedCheck
Task: {C27FB208-7F0F-4634-9A34-B4074D08A2C5} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(4): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate -nolegacy
Task: {C295F820-7625-44EF-89AC-91FAF883B373} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {CA145E90-35DD-40B4-B522-D84058471092} - System32\Tasks\{A7AE4564-AF92-49D8-9A67-8E1C71031FCF} => D:\Nový sturmovik\il2fb.exe
Task: {D2A7502F-22B9-4836-B5D9-655E519847C8} - System32\Tasks\{B63C4FF3-8DCC-40C5-8A31-4AC577D78CD5} => D:\Letecké simulátory\Záloha Sturm verze 4.10.m\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe [2006-12-22] ()
Task: {D41F214E-2133-49C5-ACED-82386612A951} - System32\Tasks\{F43B9E8C-93CB-4900-9F8A-4EF97F3E26C6} => D:\Letecké simulátory\Záloha Sturm verze 4.10.m\Ubisoft\IL-2 Sturmovik 1946\il2fb.exe [2006-12-22] ()
Task: {D7CA42A2-2462-42AE-A252-EC1CF7031071} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2016-06-17] ()
Task: {DB2DF3E6-C4A4-40EB-B305-8DB381371498} - System32\Tasks\{DE5535DF-D6B3-4103-8B6E-C0402D1C36E5} => C:\Users\Bary\Desktop\InstalDrv_A835_Win7_x64_V8.0.64.70_140114.exe
Task: {E3BA1AA2-7F24-459A-85FA-19D176DD4CF1} - System32\Tasks\{1B9C4DC8-E7A0-4700-AB83-E0BFB34231B0} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe
Task: {E5BC4CCB-BF88-4D31-B6EF-B26AE2A51A10} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {EC1DD72C-9FEB-40AC-ADA7-0FB27E7056F3} - System32\Tasks\{9CCBD2BD-B9B8-432C-9CE1-394349DFA5AC} => D:\Nový sturmovik\il2fb.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2013-08-05 14:54 - 2015-02-05 20:07 - 000117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-09 17:25 - 2011-04-01 07:52 - 000403456 ____R () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2016-06-17 11:43 - 2016-06-17 11:43 - 000145696 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT64.dll
2016-06-17 11:43 - 2016-06-17 11:43 - 000060840 _____ () C:\Program Files\Softland\novaPDF 8\Server\CryptUtil.dll
2016-06-17 11:44 - 2016-06-17 11:44 - 000035240 _____ () C:\Program Files\Softland\novaPDF 8\Server\WAFServicePlugin.dll
2018-03-06 21:54 - 2018-03-06 21:54 - 000721624 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2018-03-06 21:54 - 2018-03-06 21:54 - 000912088 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2018-03-06 21:54 - 2018-03-06 21:54 - 000341720 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2016-01-17 06:48 - 2010-09-07 03:21 - 000538435 _____ () C:\Program Files (x86)\JpegResampler2010\JRcm64.dll
2015-03-09 17:25 - 2012-10-17 08:24 - 000163840 ____R () C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
2013-08-05 11:13 - 2010-05-24 10:10 - 000076192 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-08-05 11:13 - 2010-05-24 10:10 - 000383904 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2013-08-05 11:13 - 2010-05-24 10:10 - 000103328 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2013-08-05 11:13 - 2010-05-24 10:10 - 064641440 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2015-01-21 03:06 - 2015-01-21 03:06 - 000053248 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-03-06 21:54 - 2018-03-06 21:54 - 000287960 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-03-06 21:54 - 2018-03-06 21:54 - 000280280 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-03-08 13:37 - 2018-03-08 13:37 - 005826192 _____ () C:\Program Files\AVAST Software\Avast\defs\18030800\algo.dll
2018-03-06 21:54 - 2018-03-06 21:54 - 000756952 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2018-03-06 21:54 - 2018-03-06 21:54 - 000172760 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-03-06 21:54 - 2018-03-06 21:54 - 000964824 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-03-06 21:54 - 2018-03-06 21:54 - 000475352 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-03-06 21:54 - 2018-03-06 21:54 - 000339672 _____ () C:\Program Files\AVAST Software\Avast\streamback_avast.dll
2016-09-11 12:34 - 2012-06-09 17:33 - 000053248 _____ () C:\Program Files (x86)\Common Files\AVerMedia\dll\MsgLog.DLL
2013-08-05 11:40 - 2009-03-19 21:35 - 000208896 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll
2013-08-05 11:40 - 2009-03-19 21:35 - 000008704 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll
2013-08-05 11:40 - 2009-01-15 13:55 - 000565248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
2013-08-05 11:40 - 2009-03-25 15:53 - 000053248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
2018-03-06 21:54 - 2018-03-06 21:54 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-03-06 21:54 - 2018-03-06 21:54 - 000275160 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2795746050-3627135712-4210470686-1000\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2015-02-08 10:54 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2795746050-3627135712-4210470686-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bary\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9FCB0EC0-3442-40EA-927B-49FC4AEAF2AC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{26E45136-D7F7-47B6-9FF7-6B7A24FF0174}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{4608F19E-0863-4DBD-8B6C-61069A2857F3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{E698442C-6049-497E-BF9B-8E22754BAD7E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{1869D280-4EBD-4994-8E79-D71E5EFF4B11}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{079ADBD4-7E71-42B7-BBFD-5E1EF81D55C2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{4D06028D-EF76-45B6-8619-1DE55F62B47D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{8516E130-D06F-4F93-9012-FBCF655D7A70}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2A126655-28DF-4D1E-BDCA-983690106FC2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9E5FD1D6-782E-434A-B3EA-34A53A154C90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{BEC78198-9F83-4EB2-8FEC-1E18C0FDB335}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1379E2D8-9D73-4965-88FB-9AF9CD6150CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C2A1352F-45A2-4E28-A9E3-797CBE66C81C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{F4804431-1654-488B-A8A9-3FC92F470318}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{1B6A19CF-9309-4514-9E41-90A1A5E29A70}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{F18B6CDA-6D63-4938-8CD6-93F40B97CB85}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B3F5FF75-273E-4CCE-8E03-F2515B19AE3F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4248A73B-46C8-4019-A077-1B332D9356F5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{33ECB57E-2111-4B40-92B3-49CF32981CC9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{907C08F2-74F8-4367-935F-F8D5322FAA39}] => (Allow) LPort=8501
FirewallRules: [{3DBA08C6-F19B-48EB-9F04-F24E1F52EAF8}] => (Allow) LPort=8501
FirewallRules: [TCP Query User{F79CE133-E208-4F19-A39D-0E96901BAB5F}D:\letecké simulátory\nový sturmovik\il2fb.exe] => (Allow) D:\letecké simulátory\nový sturmovik\il2fb.exe
FirewallRules: [UDP Query User{F232A457-4DC8-4231-A377-3A356622AFE4}D:\letecké simulátory\nový sturmovik\il2fb.exe] => (Allow) D:\letecké simulátory\nový sturmovik\il2fb.exe
FirewallRules: [{BAE7C789-0833-4F29-B02C-C3967A75A67E}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe
FirewallRules: [{4908AEA1-34BA-48C8-8BE9-3AAD7EC363A8}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
==================== Restore Points =========================
15-11-2017 03:36:43 Windows Update
23-11-2017 20:20:16 Naplánovaný kontrolní bod
29-11-2017 05:32:51 Windows Update
14-12-2017 17:47:00 Revo Uninstaller's restore point - Steam
14-12-2017 17:58:23 Revo Uninstaller's restore point - doPDF 8
14-12-2017 17:59:07 Revo Uninstaller's restore point - doPDF 8
25-12-2017 03:33:09 Naplánovaný kontrolní bod
01-01-2018 21:17:31 Naplánovaný kontrolní bod
14-01-2018 21:35:20 Naplánovaný kontrolní bod
23-01-2018 23:18:52 Naplánovaný kontrolní bod
04-02-2018 21:12:39 Naplánovaný kontrolní bod
12-02-2018 23:13:03 Naplánovaný kontrolní bod
25-02-2018 19:21:04 Naplánovaný kontrolní bod
06-03-2018 00:20:24 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/03/2018 04:43:13 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (03/03/2018 04:43:13 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (03/03/2018 04:43:13 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (02/28/2018 12:08:11 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (02/28/2018 12:08:11 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (02/28/2018 12:08:11 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (02/17/2018 09:19:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: hpqSTE08.exe, verze: 130.0.469.0, časové razítko: 0x4ab67ca4
Název chybujícího modulu: MSVCR90.dll, verze: 9.0.30729.6161, časové razítko: 0x4dace5b9
Kód výjimky: 0xc0000417
Posun chyby: 0x0006ccd5
ID chybujícího procesu: 0x14e4
Čas spuštění chybující aplikace: 0x01d3a757aff3cab1
Cesta k chybující aplikaci: C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
Cesta k chybujícímu modulu: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
ID zprávy: 46e7562a-13bb-11e8-88c8-20cf30e830a5
Error: (02/15/2018 12:11:24 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
System errors:
=============
Error: (03/08/2018 03:34:32 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.
Error: (03/08/2018 03:34:32 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (03/08/2018 03:32:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (03/08/2018 03:32:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (03/08/2018 03:32:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AVerUpdateServer byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/08/2018 03:32:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Network Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/08/2018 03:32:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (03/08/2018 03:32:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA GeForce Experience Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
===================================
Date: 2015-01-31 04:10:20.216
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{FAB3E7C7-3E9D-4C65-BD00-E6EF261CC2E4}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
Date: 2014-09-23 05:17:05.447
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{99764629-BA61-456F-A216-F090C5D7A40D}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
Date: 2014-08-27 05:15:30.683
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{69E58F76-6540-4811-81C6-544B3F9FA751}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
Date: 2015-10-20 15:14:00.391
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
Date: 2015-02-01 20:20:36.710
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
Date: 2015-02-01 20:02:47.197
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
CodeIntegrity:
===================================
Date: 2016-08-06 02:00:44.671
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-06 01:59:36.083
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-06 01:59:35.724
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-05 23:48:21.290
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-05 23:47:06.348
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-05 23:47:06.098
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-05 17:50:15.208
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-05 17:50:14.864
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Percentage of memory in use: 29%
Total physical RAM: 4087.05 MB
Available physical RAM: 2876.79 MB
Total Virtual: 8172.29 MB
Available Virtual: 6120.3 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:175.68 GB) (Free:86.07 GB) NTFS
Drive d: (DATA) (Fixed) (Total:755.73 GB) (Free:365.12 GB) NTFS
\\?\Volume{c3b0d801-fdb3-11e2-b583-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F2CE75AB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=175.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=755.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Dál?
S62
Prosím o kontrolu přiloženého logu-dofám,že toho správného. Díky. S62
Hlaska o nestandardnom vypnuti je sposobena vypnutim natvrdo 
Přispějete na provoz fóra?