VIRY.CZ

Logfile of random's system information tool 1.10 (written by random/random)
Run by Daldous at 2018-04-22 13:06:18
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 140 GB (58%) free of 241 GB
Total RAM: 3673 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:06:21, on 22.4.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18838)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Users\Daldous\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\Daldous\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe
C:\Users\Daldous\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe
C:\Program Files (x86)\FreeCommander\FreeCommander.exe
C:\The KMPlayer\KMPlayer.exe
C:\Program Files\trend micro\Daldous.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [DelaypluginInstall] C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
O4 - HKLM\..\RunOnce: [SBrowserCheck] "%ALLUSERSPROFILE%\Avast Software\Avast\SecureBrowser\avast_browser_setup_checker.exe" /s /run_source=av_update /runonce /cgid 101
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5B84B165-F6DE-4126-B3F8-5EDCD447EFF4} (ZyWALL SecuExtender Control) - https://212.24.156.6/ext-js/web-pages/p ... tender.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B26C9018-F5F4-4EAF-9914-055B35775648}: NameServer = 192.168.202.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: WSWSVCUchrome - (no CLSID) - (no file)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Nalpeiron Control Service (NalServ) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nalserv.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
O23 - Service: ZyWALL SecuExtender Helper - Unknown owner - C:\Program Files (x86)\ZyXEL\ZyWALL SecuExtender\SecuExtenderHelper.exe

--
End of file - 9609 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 4319856
\??\C:\Windows\system32\conhost.exe "-936480529-1160249875-1567203892-597076857476304439-1877614788-1806445752487594435
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\SysWOW64\nalserv.exe
C:\Windows\SysWOW64\nlssrv32.exe
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files (x86)\ZyXEL\ZyWALL SecuExtender\SecuExtenderHelper.exe"
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b08b9f7d-72c4-4aa9-9fbd-e951174c85c2 -SystemEventPortName:HostProcess-497b787b-4171-49b3-8b1a-f2df3bf8509a -IoCancelEventPortName:HostProcess-6f2cb6b5-e595-4f61-912a-83896e3cd97e -NonStateChangingEventPortName:HostProcess-fb60c958-d4f5-41e2-93ee-305b6486030a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6ceb1c38-d997-4e4f-a189-a3a2046dd2ad -DeviceGroupId:WpdFsGroup
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
AvastUI.exe /nogui
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe" EXPRESS
"C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"taskhost.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Users\Daldous\AppData\Roaming\uTorrent\uTorrent.exe" /RELOCATED
"C:\Users\Daldous\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe" uTorrent_11628_00392810_1627169013 µTorrent4823DF041B09 uTorrent
"C:\Users\Daldous\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe" uTorrent_11628_00392188_434553926 µTorrent4823DF041B09 uTorrent

"C:\Program Files (x86)\FreeCommander\FreeCommander.exe"
"C:\The KMPlayer\KMPlayer.exe" "G:\Filmy\_Sofinka\Despicable.Me.3.2017.BRRip.XviD.AC3.CZ-PiRaTE.avi"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Daldous\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Daldous\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=65.0.3325.181 --initial-client-data=0x88,0x8c,0x90,0x84,0x94,0x7fef87df1e8,0x7fef87df1f8,0x7fef87df208
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=8120 --on-initialized-event-handle=360 --parent-handle=368 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1268,13311469155262225544,17249661396412444262,131072 --gpu-preferences=KAAAAAAAAAAABwAAAQAAAAAAAAAAAGAAAQAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.4229 --gpu-driver-date=5-26-2015 --service-request-channel-token=38545D9AD7E959F9F8B3A69F530828EA --mojo-platform-channel-handle=1328 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1268,13311469155262225544,17249661396412444262,131072 --service-pipe-token=BCD81C8279B94D7E15E47B79B7CDE35E --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=BCD81C8279B94D7E15E47B79B7CDE35E --renderer-client-id=3 --mojo-platform-channel-handle=2328 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1268,13311469155262225544,17249661396412444262,131072 --service-pipe-token=EC98BFA0DBC5F993BB33DE5043F364B4 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=EC98BFA0DBC5F993BB33DE5043F364B4 --renderer-client-id=7 --mojo-platform-channel-handle=4320 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1268,13311469155262225544,17249661396412444262,131072 --service-pipe-token=37DFD2C4F17EBEABBC5155A7B7ED1EB2 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=37DFD2C4F17EBEABBC5155A7B7ED1EB2 --renderer-client-id=12 --mojo-platform-channel-handle=5024 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1268,13311469155262225544,17249661396412444262,131072 --lang=cs --service-sandbox-type=utility --service-request-channel-token=8A8B4601A11D36320AFE74B92B4B6E0E --mojo-platform-channel-handle=5808 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1268,13311469155262225544,17249661396412444262,131072 --service-pipe-token=2C9D203EF04369C8C365FCC22CEB3208 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=2C9D203EF04369C8C365FCC22CEB3208 --renderer-client-id=18 --mojo-platform-channel-handle=2776 /prefetch:1
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1268,13311469155262225544,17249661396412444262,131072 --disable-databases --service-pipe-token=CD73342991B7FA129979B26581BE81C9 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=CD73342991B7FA129979B26581BE81C9 --renderer-client-id=22 --mojo-platform-channel-handle=5552 /prefetch:1
"C:\Users\Daldous\Desktop\udrzba\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-02-25 938712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-06 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-02-25 812248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-06 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2015-06-01 183216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2015-06-01 411056]
"Persistence"=C:\Windows\system32\igfxpers.exe [2015-06-01 453552]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-03-16 245608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-07-13 8891608]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2018-03-27 3198752]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2018-03-27 1462184]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe []
"DelaypluginInstall"=C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"SBrowserCheck"=C:\ProgramData\Avast Software\Avast\SecureBrowser\avast_browser_setup_checker.exe [2018-04-04 4788840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2015-06-01 451584]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2018-04-22 12:58:50 ----D---- C:\rsit
2018-04-16 19:19:47 ----A---- C:\Windows\system32\aswBoot.exe
2018-04-06 21:31:14 ----D---- C:\Program Files (x86)\Prison Architect

======List of files/folders modified in the last 1 month======

2018-04-22 13:06:20 ----D---- C:\Program Files\trend micro
2018-04-22 13:04:33 ----D---- C:\Users\Daldous\AppData\Roaming\uTorrent
2018-04-22 13:03:23 ----D---- C:\Windows\Temp
2018-04-22 12:58:43 ----D---- C:\Windows\Prefetch
2018-04-22 11:57:21 ----D---- C:\Windows\system32\config
2018-04-22 09:02:36 ----SHD---- C:\System Volume Information
2018-04-19 07:30:16 ----D---- C:\Windows\System32
2018-04-19 07:30:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-04-19 07:30:15 ----D---- C:\Windows\inf
2018-04-16 19:20:39 ----D---- C:\Windows\system32\drivers
2018-04-16 19:20:21 ----D---- C:\Windows\system32\Tasks
2018-04-11 15:36:38 ----D---- C:\Windows\SysWOW64
2018-04-11 15:36:31 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-04-11 15:36:22 ----D---- C:\Windows\system32\Macromed
2018-04-11 15:36:15 ----D---- C:\Windows\SYSWOW64\Macromed
2018-04-06 21:31:14 ----RD---- C:\Program Files (x86)
2018-04-03 07:24:50 ----SHD---- C:\Windows\Installer
2018-04-03 07:24:50 ----D---- C:\ProgramData\Package Cache
2018-04-03 07:24:49 ----SHD---- C:\Config.Msi
2018-04-03 07:24:08 ----D---- C:\Program Files (x86)\Garmin
2018-03-28 19:07:01 ----D---- C:\Program Files (x86)\Steam
2018-03-25 16:11:38 ----D---- C:\Program Files (x86)\TeamViewer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-03-16 199440]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-03-16 343752]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-03-16 57680]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-04-16 84368]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-04-16 380528]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-04-16 196640]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-03-16 227504]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-04-16 227784]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-09-09 41832]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-04-16 111352]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-04-16 1026696]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-04-16 460520]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-02-15 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-04-16 147224]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-04-16 205976]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2017-06-10 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2017-06-10 43680]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2013-08-30 5443688]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2013-04-28 44800]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-06-01 5384176]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-03-26 342528]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-10-25 769168]
R3 tap0901_zyxel;TAP-Windows Adapter V9 for ZyXEL SecuExtender; C:\Windows\system32\DRIVERS\tap0901_zyxel.sys [2014-01-15 36408]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-04-16 46968]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2013-10-17 36928]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-02-09 83984]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-03-16 303728]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-02-26 626960]
R2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2018-03-27 1175056]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2013-04-28 61224]
R2 NalServ;Nalpeiron Control Service; C:\Windows\SysWOW64\nalserv.exe [2012-06-29 135168]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2012-06-29 66560]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-02-26 148752]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-03-02 6942480]
R2 WsAppService;Wondershare Application Framework Service; C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe [2016-03-31 411648]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-02-26 2669840]
R2 ZyWALL SecuExtender Helper;ZyWALL SecuExtender Helper; C:\Program Files (x86)\ZyXEL\ZyWALL SecuExtender\SecuExtenderHelper.exe [2014-03-28 44928]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-03-16 7556704]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-04-11 272384]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-10-14 116224]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-02-26 273168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2018-03-27 1671968]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-09-01 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------
Díky

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

Uloz na plochu a ukonci vsetky programy
Spusti AdwCleaner ako spravca
Odsuhlas licencne podmienky
Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
Otvori sa log, jeho obsah sem skopiruj

Ahoj...done

# -------------------------------
# Malwarebytes AdwCleaner 7.1.0.0
# -------------------------------
# Build: 04-12-2018
# Database: 2018-04-19.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-22-2018
# Duration: 00:00:17
# OS: Windows 7 Home Premium
# Cleaned: 12
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\516B9146AD1B8A41
Deleted C:\ProgramData\YOUTUBEADBLOCKER
Deleted C:\ProgramData\SURF AAND KEEOPA
Deleted C:\Program Files (x86)\YOUTUBEADBLOCKER
Deleted C:\Program Files (x86)\sk-enhancer
Deleted C:\Program Files (x86)\PANDORA.TV

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Wow6432Node\FutureGames
Deleted HKLM\Software\Classes\INETCTLS.INET
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}

***** [ Chromium (and derivatives) ] *****

Deleted Save Tabs

***** [ Chromium URLs ] *****

Deleted Spirální stabilizace páteře - Na Úbočí 10, Praha 8, Czech Republic, 00420-284 810 231, spirstab@spirstab.com
Deleted Web

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.

Antivir mi zablokoval stranku Odkaz ke stažení: http://viry.xf.cz/pro_usery/FRSTLauncher.exe
Mam to ignorovat?

ignore...mam problem cist vse do konce...

Log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2018
Ran by Daldous (administrator) on DALDOUS-PC (22-04-2018 16:53:12)
Running from C:\Users\Daldous\Desktop
Loaded Profiles: Daldous (Available Profiles: Daldous)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Malwarebytes) C:\Users\Daldous\Desktop\adwcleaner_7.1.0.0.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nalserv.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() C:\Program Files (x86)\ZyXEL\ZyWALL SecuExtender\SecuExtenderHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Daldous\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-04-16] (AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
HKLM-x32\...\RunOnce: [SBrowserCheck] => C:\ProgramData\Avast Software\Avast\SecureBrowser\avast_browser_setup_checker.exe [4788840 2018-04-04] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8891608 2016-07-13] (Piriform Ltd)
HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3199776 2018-04-03] (Valve Corporation)
HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1462184 2018-03-27] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1462184 2018-03-27] (Garmin Ltd. or its subsidiaries)
CHR HKU\S-1-5-21-1897870398-3820753920-757805072-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.96.160.7 212.96.161.6
Tcpip\..\Interfaces\{0B9BB5B1-79D0-468F-AFC9-1CE3C39BEE73}: [DhcpNameServer] 212.96.160.7 212.96.161.6
Tcpip\..\Interfaces\{67DFB584-BFBB-40B2-B7F8-DF9C30512552}: [DhcpNameServer] 212.96.160.7 212.96.161.6
Tcpip\..\Interfaces\{B26C9018-F5F4-4EAF-9914-055B35775648}: [NameServer] 192.168.202.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1897870398-3820753920-757805072-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&r ... d=ie7&rlz=
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-02-25] (AVAST Software)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-06] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-02-25] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-06] (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {5B84B165-F6DE-4126-B3F8-5EDCD447EFF4} hxxps://212.24.156.6/ext-js/web-pages/portal/SecuExtender.cab
Handler: WSWSVCUchrome - No CLSID Value

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2012-11-02] (GARMIN Corp.)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1897870398-3820753920-757805072-1000: @powerchallenge.com/PowerLoader -> C:\Users\Daldous\AppData\LocalLow\POWERC~1\nppowerloader.dll [2011-03-15] (Power Challenge Sweden AB)
FF Plugin HKU\S-1-5-21-1897870398-3820753920-757805072-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Daldous\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2018-01-23] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "","www.google.com","hxxp://www.google.com/"
CHR Profile: C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default [2018-04-22]
CHR Extension: (Dokumenty) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-04-20]
CHR Extension: (Vyhledávání Google) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-01-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Avast Online Security) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-21]
CHR Extension: (SearchPreview) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo [2016-10-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-30]
CHR Profile: C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-12-21]
CHR Extension: (Prezentace) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-21]
CHR Extension: (Dokumenty) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-21]
CHR Extension: (Disk Google) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-21]
CHR Extension: (YouTube) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-21]
CHR Extension: (Avast SafePrice) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-21]
CHR Extension: (Tabulky) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-21]
CHR Extension: (Avast Online Security) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-12-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-21]
CHR Extension: (Gmail) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-21]
CHR Extension: (Chrome Media Router) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-21]
CHR Profile: C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\System Profile [2017-12-21]
CHR HKU\S-1-5-21-1897870398-3820753920-757805072-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7603408 2018-04-16] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [313640 2018-04-16] (AVAST Software)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1175056 2018-03-27] (Garmin Ltd. or its subsidiaries)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 NalServ; C:\Windows\SysWOW64\nalserv.exe [135168 2012-06-29] (Nalpeiron Ltd.) [File not signed]
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2012-06-29] (Nalpeiron Ltd.) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe [411648 2016-03-31] (Wondershare) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)
R2 ZyWALL SecuExtender Helper; C:\Program Files (x86)\ZyXEL\ZyWALL SecuExtender\SecuExtenderHelper.exe [44928 2014-03-28] ()

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196640 2018-04-16] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-03-16] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-03-16] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-03-16] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-03-16] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [227784 2018-04-16] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-04-16] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [147224 2018-04-16] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111352 2018-04-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84368 2018-04-16] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026696 2018-04-16] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-04-16] (AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-04-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380528 2018-04-16] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2017-06-10] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-15] (Disc Soft Ltd)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2017-06-10] ()
R3 tap0901_zyxel; C:\Windows\System32\DRIVERS\tap0901_zyxel.sys [36408 2014-01-15] (The OpenVPN Project)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-22 16:53 - 2018-04-22 16:54 - 000018430 _____ C:\Users\Daldous\Desktop\FRST.txt
2018-04-22 16:52 - 2018-04-22 16:51 - 000112640 _____ (forum.viry.cz) C:\Users\Daldous\Desktop\FRSTLauncher.exe
2018-04-22 16:52 - 2018-04-22 16:33 - 002404352 _____ (Farbar) C:\Users\Daldous\Desktop\FRST64.exe
2018-04-22 15:25 - 2018-04-22 15:24 - 007256272 _____ (Malwarebytes) C:\Users\Daldous\Desktop\adwcleaner_7.1.0.0.exe
2018-04-22 12:58 - 2018-04-22 12:59 - 000000000 ____D C:\rsit
2018-04-16 19:19 - 2018-04-16 19:19 - 000376536 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-04-06 21:42 - 2018-04-06 21:42 - 000000000 ____D C:\Users\Daldous\Documents\SkidRow
2018-04-06 21:42 - 2018-04-06 21:42 - 000000000 ____D C:\Users\Daldous\AppData\Local\Introversion
2018-04-06 21:33 - 2018-04-06 21:33 - 000001311 _____ C:\Users\Public\Desktop\Prison Architect (safe mode).lnk
2018-04-06 21:33 - 2018-04-06 21:33 - 000001237 _____ C:\Users\Public\Desktop\Prison Architect.lnk
2018-04-06 21:31 - 2018-04-06 21:31 - 000000000 ____D C:\Program Files (x86)\Prison Architect
2018-04-03 07:23 - 2018-04-03 07:23 - 000001890 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2018-04-03 07:23 - 2018-04-03 07:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-22 16:53 - 2013-11-19 20:06 - 000000000 ____D C:\FRST
2018-04-22 16:51 - 2015-07-20 19:09 - 000000000 ____D C:\Users\Daldous\Desktop\udrzba
2018-04-22 15:44 - 2017-10-15 09:34 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-04-22 15:44 - 2017-10-15 09:34 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-04-22 15:41 - 2009-07-14 06:45 - 000025536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-04-22 15:41 - 2009-07-14 06:45 - 000025536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-04-22 15:38 - 2016-08-21 22:21 - 000000000 ____D C:\Program Files (x86)\Steam
2018-04-22 15:38 - 2011-04-12 10:34 - 000669116 _____ C:\Windows\system32\perfh005.dat
2018-04-22 15:38 - 2011-04-12 10:34 - 000141744 _____ C:\Windows\system32\perfc005.dat
2018-04-22 15:38 - 2009-07-14 07:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-22 15:38 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-04-22 15:30 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-22 15:27 - 2013-11-19 21:37 - 000000000 ____D C:\AdwCleaner
2018-04-22 13:07 - 2014-10-25 10:46 - 000000000 ____D C:\Users\Daldous\AppData\Roaming\uTorrent
2018-04-22 13:06 - 2013-11-19 20:34 - 000000000 ____D C:\Program Files\trend micro
2018-04-17 20:18 - 2017-03-17 09:27 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-04-16 19:20 - 2013-08-30 08:16 - 000147224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-04-16 19:19 - 2017-11-18 14:41 - 000196640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-04-16 19:19 - 2014-05-06 06:55 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-04-16 19:19 - 2014-01-04 13:17 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-04-16 19:19 - 2013-08-30 08:17 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-04-16 19:19 - 2013-08-30 08:17 - 000380528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-04-16 19:19 - 2013-08-30 08:17 - 000111352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-04-16 19:19 - 2013-08-30 08:17 - 000084368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-04-16 19:18 - 2018-01-05 17:26 - 000227784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-04-16 19:18 - 2013-08-30 08:17 - 001026696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-04-16 19:14 - 2017-09-28 20:45 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2018-04-16 07:05 - 2018-01-30 22:31 - 000003556 _____ C:\Windows\System32\Tasks\GarminUpdaterTask
2018-04-16 07:05 - 2018-01-22 21:32 - 000003210 _____ C:\Windows\System32\Tasks\{F6A687CE-EF87-4186-BCF2-696E86BC6EC3}
2018-04-16 07:05 - 2017-10-15 09:31 - 000004550 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-04-16 07:05 - 2017-10-15 09:31 - 000004410 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-04-16 07:05 - 2017-09-25 19:54 - 000003898 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1468513134
2018-04-16 07:05 - 2017-01-14 15:57 - 000002932 _____ C:\Windows\System32\Tasks\{77529009-2249-437E-A8F4-8DE23F298101}
2018-04-16 07:05 - 2015-12-03 19:42 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-04-16 07:05 - 2014-12-24 14:08 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-04-16 07:05 - 2014-09-10 22:52 - 000003036 _____ C:\Windows\System32\Tasks\{FA53C2BA-1CDE-4819-ADB3-6AF1FAEC8AD9}
2018-04-16 07:05 - 2014-09-10 22:51 - 000003036 _____ C:\Windows\System32\Tasks\{111CDC67-B0F0-4673-8A43-48B483F4E6EF}
2018-04-16 07:05 - 2014-09-10 22:18 - 000003036 _____ C:\Windows\System32\Tasks\{D4BDACFC-16FC-4983-AAEE-7E48790067F2}
2018-04-16 07:05 - 2014-09-10 22:17 - 000003036 _____ C:\Windows\System32\Tasks\{4546AF5C-2C07-4168-BF5E-F2611F61A3F3}
2018-04-16 07:05 - 2014-01-12 01:14 - 000003068 _____ C:\Windows\System32\Tasks\{D704FA25-5DAE-4600-8C32-853A2AF0699A}
2018-04-16 07:05 - 2013-12-16 23:11 - 000002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-04-16 07:05 - 2013-08-30 08:07 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-04-16 07:05 - 2013-08-30 08:07 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-04-11 15:36 - 2017-10-15 09:31 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-04-11 15:36 - 2017-10-15 09:31 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-04-11 15:36 - 2015-01-24 19:10 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-04-11 15:36 - 2015-01-24 19:10 - 000000000 ____D C:\Windows\system32\Macromed
2018-04-03 07:24 - 2013-10-27 19:47 - 000000000 ____D C:\ProgramData\Package Cache
2018-04-03 07:24 - 2013-08-31 17:59 - 000000000 ____D C:\Program Files (x86)\Garmin
2018-03-25 16:11 - 2016-04-11 09:56 - 000000000 ____D C:\Program Files (x86)\TeamViewer

==================== Files in the root of some directories =======

2015-02-09 23:06 - 2015-02-09 23:06 - 000003584 _____ () C:\Users\Daldous\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
2018-01-18 13:54 - 2018-01-18 13:55 - 039570392 _____ (PandoraTV) C:\Users\Daldous\AppData\Local\Temp\KMP_4.2.2.6.exe
2018-01-05 22:06 - 2015-07-25 07:00 - 000110495 _____ () C:\Users\Daldous\AppData\Local\Temp\Uninstall.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Windows:netNLSPreferences [0]
AlternateDataStreams: C:\Windows:nlsPreferences [0]

==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Daldous\Desktop" je 1180 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.04.2018
Ran by Daldous (22-04-2018 16:55:55)
Running from C:\Users\Daldous\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-08-29 19:57:49)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1897870398-3820753920-757805072-500 - Administrator - Disabled)
Daldous (S-1-5-21-1897870398-3820753920-757805072-1000 - Administrator - Enabled) => C:\Users\Daldous
Guest (S-1-5-21-1897870398-3820753920-757805072-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1897870398-3820753920-757805072-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\uTorrent) (Version: 3.5.3.44396 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (HKLM\...\{3DE56A70-06BA-4863-8FBB-45D041AF0C7A}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.3.2333 - AVAST Software)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.20.55.57 - Broadcom Corporation)
Brothers in Arms - Pekelná dálnice (HKLM-x32\...\Brothers in Arms - Hell's Highway) (Version: 1.0.0.0 - Ubisoft)
Call of Duty (HKLM-x32\...\Call of Duty) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.20 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Company of Heroes - Complete Edition (HKLM-x32\...\Company of Heroes - Complete Edition_is1) (Version: - )
Counter-Strike 1.6 (HKLM-x32\...\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}) (Version: 1.6 - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Elevated Installer (HKLM-x32\...\{B7768089-44E1-4B51-9213-737959C689E5}) (Version: 6.3.0.0 - Garmin Ltd or its subsidiaries) Hidden
Factorio version 0.14.22 (HKLM\...\Factorio_is1) (Version: - )
Fallout Tactics (HKLM-x32\...\{78A62183-20AB-4333-ACA7-08BDAD9368A3}) (Version: 1.00.000 - Interplay) Hidden
Fallout Tactics (HKLM-x32\...\InstallShield_{78A62183-20AB-4333-ACA7-08BDAD9368A3}) (Version: 1.00.000 - Interplay)
FreeCommander 2009.02b (HKLM-x32\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{178D3388-656C-4326-BFFF-3607481CA5BB}) (Version: 6.3.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{aa902576-9ab8-4371-98d1-efde885f775b}) (Version: 6.3.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{C6C8A534-050C-40E9-92FC-4D06A8A487C8}) (Version: 6.3.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Drive (HKLM-x32\...\{9BC95947-92FD-438B-A168-C01F9A5B7292}) (Version: 2.34.7529.6838 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.117 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel Driver Update Utility (HKLM-x32\...\{fe92d390-13ee-4660-a2f8-39a066fdffe0}) (Version: 2.2.0.5 - Intel)
Intel(R) Driver Update Utility 2.2.0.5 (HKLM-x32\...\{C4FB3CF4-C845-4746-A9F5-476908266433}) (Version: 2.2.0.1 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java(TM) 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024F0}) (Version: 6.0.240 - Oracle)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.00.02 - )
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft WSE 2.0 SP3 Runtime (HKLM-x32\...\{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}) (Version: 2.0.5050.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9 - Notepad++ Team)
NVIDIA GAME System Software 2.8.1 (HKLM-x32\...\{4F0C7CCF-5666-474B-B02E-AC514A95EC93}) (Version: 2.8.1 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
Open XML SDK 2.0 for Microsoft Office (HKLM-x32\...\{171D8D76-3F05-455A-A8AF-C561C2679905}) (Version: 2.0.5022 - Microsoft Corporation)
Power Challenge Game Plugin (HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\Power Loader) (Version: - )
Prison Architect (HKLM\...\{203FDA07-E643-4E87-916A-B0CD31415713}_is1) (Version: Update 10b - Introversion Software)
Railroad Tycoon II - Platinum (HKLM-x32\...\{BED27751-CD2A-4C2F-9813-00B9B60C76FE}) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Sherlock Holmes vs Jack Rozparovač (HKLM-x32\...\{3F64C088-9A45-41B3-8B99-71AFAB720A56}) (Version: 1.00.0777 - Frogwares)
Software Intel® PROSet/Wireless WiFi (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.0.127 - PandoraTV)
The Testament of Sherlock Holmes čeština 1.00 (HKLM-x32\...\The Testament of Sherlock Holmes čeština 1.00) (Version: - )
ThinkPad Wireless LAN Adapter Software (HKLM-x32\...\{9D3D2C60-A55F-4fed-B2B9-17311226DF01}) (Version: 1.00.0031.1 - REALTEK Semiconductor Corp.)
Unity Web Player (HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unreal Tournament G.O.T.Y. Edition (HKLM-x32\...\UnrealTournament) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 26.1 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
YoutubeAdblocker (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: 1.1.0.1902 - YoutubeAdblocker) <==== ATTENTION
ZyWALL SecuExtender (HKLM-x32\...\{644421AA-C633-4508-AC2C-0EA631C165E6}) (Version: 3.0.20.0 - ZyXEL Communications Corp.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1897870398-3820753920-757805072-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Daldous\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => No File
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-16] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-16] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2011-04-18] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-02-21] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-16] (AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-16] (AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2011-04-18] (Igor Pavlov)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-16] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B7F6C0D-93AC-41B2-A4F7-FAC98E980DCD} - System32\Tasks\{111CDC67-B0F0-4673-8A43-48B483F4E6EF} => C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
Task: {119FF0B0-85ED-4155-9A8B-BE6A749BF9BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {1CB4B498-3B5B-4A64-95CC-7155B9BF2DC7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {1CFCBFCE-5FBC-4C5E-BB0D-EBD43E57A9FC} - System32\Tasks\{D4BDACFC-16FC-4983-AAEE-7E48790067F2} => C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
Task: {228E3F9C-8C14-4871-8F87-222ACB196B3C} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-03-27] ()
Task: {52AEB9B2-221D-4BF1-B969-5043370C4E2E} - System32\Tasks\{77529009-2249-437E-A8F4-8DE23F298101} => G:\Hry\Battlefield 3\bf3.exe
Task: {63558671-79A7-4113-8646-E79C197F29CF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {6B07B79F-0BBF-40C4-AC72-700516058E93} - System32\Tasks\{F6A687CE-EF87-4186-BCF2-696E86BC6EC3} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe -c /M{78A62183-20AB-4333-ACA7-08BDAD9368A3}
Task: {6D0B9A95-BB11-4CF1-A476-453490A22B82} - System32\Tasks\{D704FA25-5DAE-4600-8C32-853A2AF0699A} => G:\Docasne_soubory\Unreal Tournament (1999)\Unreal Tournament (1999)\SYSTEM\UnrealTournament.exe
Task: {91E64D21-77FE-43CD-A707-5F4994CFB7EA} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {9F33481F-3B52-4635-A1F2-AC31861E1BF9} - System32\Tasks\{4546AF5C-2C07-4168-BF5E-F2611F61A3F3} => C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
Task: {9FA09094-B7B8-456F-BC42-D8A614C3B0B6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {9FA09094-B7B8-456F-BC42-D8A614C3B0B6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Adobe Flash Player PPAPI Notifier" /ENABLE
Task: {9FA09094-B7B8-456F-BC42-D8A614C3B0B6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\Adobe Flash Player Updater" /ENABLE
Task: {9FA09094-B7B8-456F-BC42-D8A614C3B0B6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {9FA09094-B7B8-456F-BC42-D8A614C3B0B6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GarminUpdaterTask" /ENABLE
Task: {9FA09094-B7B8-456F-BC42-D8A614C3B0B6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {9FA09094-B7B8-456F-BC42-D8A614C3B0B6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {9FA09094-B7B8-456F-BC42-D8A614C3B0B6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\SafeZone scheduled Autoupdate 1468513134" /ENABLE
Task: {9FA09094-B7B8-456F-BC42-D8A614C3B0B6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\{111CDC67-B0F0-4673-8A43-48B483F4E6EF}" /ENABLE
Task: {9FA09094-B7B8-456F-BC42-D8A614C3B0B6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\{4546AF5C-2C07-4168-BF5E-F2611F61A3F3}" /ENABLE
Task: {9FA09094-B7B8-456F-BC42-D8A614C3B0B6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\{77529009-2249-437E-A8F4-8DE23F298101}" /ENABLE
Task: {9FA09094-B7B8-456F-BC42-D8A614C3B0B6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\{D4BDACFC-16FC-4983-AAEE-7E48790067F2}" /ENABLE
Task: {9FA09094-B7B8-456F-BC42-D8A614C3B0B6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\{D704FA25-5DAE-4600-8C32-853A2AF0699A}" /ENABLE
Task: {9FA09094-B7B8-456F-BC42-D8A614C3B0B6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\{F6A687CE-EF87-4186-BCF2-696E86BC6EC3}" /ENABLE
Task: {9FA09094-B7B8-456F-BC42-D8A614C3B0B6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\{FA53C2BA-1CDE-4819-ADB3-6AF1FAEC8AD9}" /ENABLE
Task: {9FA09094-B7B8-456F-BC42-D8A614C3B0B6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {A0770029-CE44-4656-B3AA-08E580343D3C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_pepper.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {B17891D1-38D6-49F7-B2A5-EBA9604639CE} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-04-16] (AVAST Software)
Task: {B68D8363-AED9-41BF-8B19-365F7C52D84E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-07-13] (Piriform Ltd)
Task: {C83CDE6A-3099-4234-9640-3478E233B096} - System32\Tasks\{FA53C2BA-1CDE-4819-ADB3-6AF1FAEC8AD9} => C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
Task: {DB4F5D94-C477-4CC7-862B-B2ECD67440AF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {FA237A87-5455-4EFC-A387-A96D18EB9D23} - System32\Tasks\SafeZone scheduled Autoupdate 1468513134 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {FC45C919-C392-49A9-8714-4028699FC341} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-04-22] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-02-21 23:38 - 2016-02-21 23:38 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2013-10-17 15:27 - 2013-10-17 15:27 - 000166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-03-28 17:50 - 2014-03-28 17:50 - 000044928 _____ () C:\Program Files (x86)\ZyXEL\ZyWALL SecuExtender\SecuExtenderHelper.exe
2012-12-14 02:42 - 2015-06-01 21:00 - 000102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2018-03-23 21:49 - 2018-03-20 08:00 - 004435288 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libglesv2.dll
2018-03-23 21:49 - 2018-03-20 08:00 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libegl.dll
2018-04-11 15:36 - 2018-04-11 15:36 - 031256576 _____ () C:\Windows\system32\Macromed\Flash\pepflashplayer64_29_0_0_140.dll
2018-04-16 19:18 - 2018-04-16 19:18 - 000349912 _____ () C:\Program Files\AVAST Software\Avast\streamback_avast.dll
2018-04-16 19:18 - 2018-04-16 19:18 - 000295640 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-04-16 19:18 - 2018-04-16 19:18 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-04-22 12:17 - 2018-04-22 12:17 - 005817488 _____ () C:\Program Files\AVAST Software\Avast\defs\18042200\algo.dll
2018-04-16 19:18 - 2018-04-16 19:18 - 000763608 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2018-04-16 19:19 - 2018-04-16 19:19 - 000911064 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-04-16 19:18 - 2018-04-16 19:18 - 000172760 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-04-16 19:18 - 2018-04-16 19:18 - 000969944 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-04-16 19:18 - 2018-04-16 19:18 - 000501464 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000325632 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll
2018-03-27 16:08 - 2018-03-27 16:08 - 000073216 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2018-03-16 20:16 - 2018-03-16 20:16 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-04-16 19:18 - 2018-04-16 19:18 - 000281816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-10-21 08:18 - 2018-01-11 04:05 - 000784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-10-21 08:17 - 2016-09-01 03:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-10-21 08:17 - 2016-09-01 03:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-10-21 08:17 - 2016-09-01 03:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-10-21 08:18 - 2018-04-03 01:34 - 002631968 _____ () C:\Program Files (x86)\Steam\video.dll
2018-02-01 18:16 - 2017-12-20 03:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-02-01 18:16 - 2017-12-20 03:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-02-01 18:16 - 2017-12-20 03:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-02-01 18:16 - 2017-12-20 03:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-02-01 18:16 - 2017-12-20 03:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2017-10-21 08:18 - 2018-04-03 01:34 - 000977184 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-10-21 08:17 - 2016-07-05 00:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-10-21 08:20 - 2017-09-07 04:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-10-21 08:20 - 2017-12-13 23:16 - 071471392 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-10-21 08:17 - 2015-09-25 01:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:netNLSPreferences [0]
AlternateDataStreams: C:\Windows:nlsPreferences [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2013-11-20 09:29 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1897870398-3820753920-757805072-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Daldous\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 212.96.160.7 - 212.96.161.6
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3276BC8C-F477-413A-A386-403B8B9112B9}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{D8F698D8-246A-4383-8525-C130B9448805}C:\program files (x86)\call of duty\codmp.exe] => (Allow) C:\program files (x86)\call of duty\codmp.exe
FirewallRules: [UDP Query User{ABC5A62D-539E-4326-AB97-26ECE174FBD3}C:\program files (x86)\call of duty\codmp.exe] => (Allow) C:\program files (x86)\call of duty\codmp.exe
FirewallRules: [TCP Query User{7B6384D9-0EDD-444C-A0DB-7FDBCCB7A3F3}C:\program files (x86)\call of duty\codmp.exe] => (Allow) C:\program files (x86)\call of duty\codmp.exe
FirewallRules: [UDP Query User{6D34E425-4485-461A-B6B0-24D3D87943FC}C:\program files (x86)\call of duty\codmp.exe] => (Allow) C:\program files (x86)\call of duty\codmp.exe
FirewallRules: [TCP Query User{6355C514-E5C8-480D-A11B-2BCD87B2CF51}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [UDP Query User{BEC17AB7-689E-4FA5-8ACC-1FD4D06A8BE5}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [{95A2F7E1-9274-40E9-8C5D-1B6967992B57}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
FirewallRules: [{AF0BA33C-81E7-4D60-A166-9EC2443A924A}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
FirewallRules: [{8B91ECB5-89B9-4344-ADD9-81EDBF892A7B}] => (Allow) C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
FirewallRules: [{001AB697-A18F-4C9C-B14C-19BC6DDF153D}] => (Allow) C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
FirewallRules: [{2417D6EB-82CD-44CD-8DAC-291D268BE7E0}] => (Allow) C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
FirewallRules: [{AA1FA423-D72D-4CFD-9870-B07260DD4724}] => (Allow) C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
FirewallRules: [{8FEFD972-C561-48BB-B127-8B2E8088A115}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
FirewallRules: [{AD093A44-CF63-4071-B449-D305095205B5}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
FirewallRules: [TCP Query User{49EB036B-71EF-4341-B974-D5337C069C9A}C:\users\daldous\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\daldous\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{B3A5C1E6-75AF-4D5A-BF32-7F479D25B86B}C:\users\daldous\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\daldous\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{85B6B8FB-C2F1-4475-8B81-FBAF057A3940}] => (Allow) C:\Users\Daldous\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6AD3BDA3-3F45-49DF-8449-500D8643BB2E}] => (Allow) C:\Users\Daldous\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{70A90FDB-2BF7-48CD-95DC-EF97E43498CD}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDTray.exe
FirewallRules: [{029186CB-D48D-4289-B4A0-5707051C2456}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDTray.exe
FirewallRules: [{6896C646-A5EA-4C03-BC02-D228504C66FF}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDSendToExplorer.exe
FirewallRules: [{B1BA1273-1A01-4A2A-BF5F-CCBAE42EFAA4}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDSendToExplorer.exe
FirewallRules: [{855C074F-8C53-4EB1-93F8-DA6221E70C65}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDTray.exe
FirewallRules: [{020D467E-0183-4D29-B1CB-BC9DD36408F9}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDTray.exe
FirewallRules: [TCP Query User{47AA4F92-3CDB-45DC-9077-AD8D49201AF7}C:\unrealtournament\system\unrealtournament.exe] => (Block) C:\unrealtournament\system\unrealtournament.exe
FirewallRules: [UDP Query User{302BC98B-A8A0-4874-B9E3-A34C3AF76A87}C:\unrealtournament\system\unrealtournament.exe] => (Block) C:\unrealtournament\system\unrealtournament.exe
FirewallRules: [{4C60C5D7-C112-4C3C-BA8A-25CC384C1726}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0E13BECE-0EE9-41EA-A476-90EECF96E91B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{564AAFA3-A70D-4C77-813E-E7BACE8628CB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C13D703B-5F12-412D-9377-449686855D14}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5CD0E768-0194-4066-A5AE-8824AB2468BF}] => (Allow) C:\Program Files (x86)\Cyanide\Pro Cycling Manager - Season 2014\PCM.exe
FirewallRules: [{A92253CA-87C1-4B9A-B82E-D13AA214820E}] => (Allow) C:\Program Files (x86)\Cyanide\Pro Cycling Manager - Season 2014\PCM.exe
FirewallRules: [{58B64EFE-B4C1-409E-A429-782B8EE05949}] => (Allow) C:\Program Files (x86)\Cyanide\Pro Cycling Manager - Season 2014\Autorun\Exe\Autorun.exe
FirewallRules: [{B9084631-161E-4E2F-8A83-C32C3A65CADB}] => (Allow) C:\Program Files (x86)\Cyanide\Pro Cycling Manager - Season 2014\Autorun\Exe\Autorun.exe
FirewallRules: [TCP Query User{2E49915C-C30A-46A9-BC79-B50CFE45C11D}C:\program files (x86)\crossout\launcher.exe] => (Allow) C:\program files (x86)\crossout\launcher.exe
FirewallRules: [UDP Query User{7DAD7687-E741-45F2-A6A8-F6DD871EFDC7}C:\program files (x86)\crossout\launcher.exe] => (Allow) C:\program files (x86)\crossout\launcher.exe
FirewallRules: [{AFF06221-4254-4C35-BDD4-2AA2242AE6B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{07A901A1-B187-45E8-81D6-8CFF12CF67FB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{50293D52-673E-408F-A9A1-361F252B1E1F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{929C34F4-2A1A-4F4E-B746-71BF02AF1D20}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6D169C7E-AB75-4455-82B5-610A37E60A30}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{9DBEDEA8-3091-4935-A117-274EB06B6570}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{E8A6C76F-FFE5-4EAF-90A5-F9E76F9D0CBF}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{A8A4D072-58D4-4883-905F-80A5DD02E582}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{84508D3B-114D-4727-9EC8-F7ED38620377}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{EA76F203-1744-4E79-B0A0-B3AEB6C32DAC}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{2D16A2DC-DBED-49A2-B86E-C2554CCE3748}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{46162356-BCB7-48DD-BE94-8158C486F387}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{6EB46FC4-73AE-4496-9D77-4DE38DE4F0BA}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{A9DF4FD1-D403-4E2D-893C-441B2DB68A88}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{97F80D8C-9533-4A8D-9E05-A5E2BD27855F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3E1230A0-EFA7-40FA-84D9-2B4E6BCFECA7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0CC19F82-F1B2-4F64-87B1-59E4F311157C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5B61A74A-7A73-48C3-940C-51B958BCE4F0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{E6BE86DD-7F89-4B0D-8744-99F1F3AB0F1A}C:\program files (x86)\company of heroes 2\reliccoh2.exe] => (Allow) C:\program files (x86)\company of heroes 2\reliccoh2.exe
FirewallRules: [UDP Query User{F86A9D35-1B71-4C2C-B2D6-3347269E190D}C:\program files (x86)\company of heroes 2\reliccoh2.exe] => (Allow) C:\program files (x86)\company of heroes 2\reliccoh2.exe
FirewallRules: [TCP Query User{9FE6B1C1-5935-4867-A642-BE1328445F69}C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe] => (Allow) C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe
FirewallRules: [UDP Query User{A63A77E5-3036-4074-8B77-571DE54C15C3}C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe] => (Allow) C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe
FirewallRules: [TCP Query User{E4838F88-BD7F-4141-A967-50B5E1931D06}C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe] => (Allow) C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe
FirewallRules: [UDP Query User{B90CF693-96C5-4FD5-AA29-FE8D1874DA96}C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe] => (Allow) C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe
FirewallRules: [{08660C3D-DD81-4454-B862-52B32DA2E213}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{B55BD96C-3FC5-4594-A622-64E820C66D95}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_1\SZBrowser.exe
FirewallRules: [TCP Query User{2CFA9237-C7D9-4482-B34F-F2EEA9313070}C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe] => (Allow) C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe
FirewallRules: [UDP Query User{B948267A-0B53-47DA-BF05-C3752CD5D088}C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe] => (Allow) C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe
FirewallRules: [{94236AF8-F1BE-40F7-9273-170391188A2C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A6B25143-9506-4195-979F-A70E95753B4C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{606D2C99-F258-4A54-A539-2A00771A50D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe
FirewallRules: [{1665C564-19E8-41DF-83B0-DEFEA1B846AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe
FirewallRules: [TCP Query User{0F3CC8CE-5006-4E64-A423-E6E7AC8DE0A0}C:\program files (x86)\xcom enemy within\binaries\win32\xcomgame.exe] => (Allow) C:\program files (x86)\xcom enemy within\binaries\win32\xcomgame.exe
FirewallRules: [UDP Query User{9E1B5A72-526D-4355-BD5C-22ECE156841E}C:\program files (x86)\xcom enemy within\binaries\win32\xcomgame.exe] => (Allow) C:\program files (x86)\xcom enemy within\binaries\win32\xcomgame.exe
FirewallRules: [{5152E9A0-ACBE-4AD3-AAA3-D0390C7A9115}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

04-03-2018 21:07:29 Instalováno Sherlock Holmes vs Jack Rozparovač
04-03-2018 21:08:26 Instalováno Sherlock Holmes vs Jack Rozparovač
04-03-2018 21:14:36 Nainstalováno: NVIDIA GAME System Software 2.8.1
03-04-2018 07:21:36 Garmin Express
22-04-2018 09:02:04 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

ExportKey: HKLM\SYSTEM\CurrentControlSet\Services\AppMgmt
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}

HKLM-x32\...\RunOnce: [SBrowserCheck] => C:\ProgramData\Avast Software\Avast\SecureBrowser\avast_browser_setup_checker.exe [4788840 2018-04-04] ()
CHR HKU\S-1-5-21-1897870398-3820753920-757805072-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler: WSWSVCUchrome - No CLSID Value
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]

CustomCLSID: HKU\S-1-5-21-1897870398-3820753920-757805072-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Daldous\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
AlternateDataStreams: C:\Windows:netNLSPreferences [0]
AlternateDataStreams: C:\Windows:nlsPreferences [0]

Hosts:
EmptyTemp:
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Fix result of Farbar Recovery Scan Tool (x64) Version: 22.04.2018
Ran by Daldous (22-04-2018 21:20:08) Run:1
Running from C:\Users\Daldous\Desktop
Loaded Profiles: Daldous (Available Profiles: Daldous)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

ExportKey: HKLM\SYSTEM\CurrentControlSet\Services\AppMgmt
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}

HKLM-x32\...\RunOnce: [SBrowserCheck] => C:\ProgramData\Avast Software\Avast\SecureBrowser\avast_browser_setup_checker.exe [4788840 2018-04-04] ()
CHR HKU\S-1-5-21-1897870398-3820753920-757805072-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler: WSWSVCUchrome - No CLSID Value
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]

CustomCLSID: HKU\S-1-5-21-1897870398-3820753920-757805072-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Daldous\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> No File
AlternateDataStreams: C:\Windows:netNLSPreferences [0]
AlternateDataStreams: C:\Windows:nlsPreferences [0]

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
================== ExportKey: ===================

[HKLM\SYSTEM\CurrentControlSet\Services\AppMgmt]
"ImagePath"="%SystemRoot%\system32\svchost.exe -k netsvcs"
[HKLM\SYSTEM\CurrentControlSet\Services\AppMgmt\Parameters]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"

=== End of ExportKey ===
================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}]
"UninstallString"=""C:\ProgramData\YoutubeAdblocker\EvzSoBOluDv.exe" /s /n /i:"ExecuteCommands;UninstallCommands" """
"SilentUninstall"=""C:\ProgramData\YoutubeAdblocker\EvzSoBOluDv.exe" /s /n /i:"ExecuteCommands;UninstallCommands" """
"DisplayName"="YoutubeAdblocker"
"URLInfoAbout"="http://topyoutubeadblocker.info/"
"URLUpdateInfo"="http://topyoutubeadblocker.info/"
"Publisher"="YoutubeAdblocker"
"DisplayVersion"="1.1.0.1902"
"NoRepair"="1"
"NoModify"="1"
"CategoryName"="YoutubeAdblocker"
"InstallDate"="20121117"
"DisplayIcon"="C:\Windows\System32\msiexec.exe"
"_In"="20131117"

=== End of ExportKey ===
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\SBrowserCheck" => removed successfully
"HKU\S-1-5-21-1897870398-3820753920-757805072-1000\SOFTWARE\Policies\Google" => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removed successfully
HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => removed successfully
HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => not found
"HKLM\Software\Classes\PROTOCOLS\Handler\WSWSVCUchrome" => removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => removed successfully
"HKLM\System\CurrentControlSet\Services\AppMgmt" => removed successfully
AppMgmt => service removed successfully
"HKLM\System\CurrentControlSet\Services\IntcAzAudAddService" => removed successfully
IntcAzAudAddService => service removed successfully
"HKU\S-1-5-21-1897870398-3820753920-757805072-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => removed successfully
HKLM\Software\Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => removed successfully
HKLM\Software\Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => removed successfully
HKLM\Software\Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => removed successfully
HKLM\Software\Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => not found
C:\Windows => ":netNLSPreferences" ADS removed successfully
C:\Windows => ":nlsPreferences" ADS removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 63445974 B
Java, Flash, Steam htmlcache => 241882961 B
Windows/system/drivers => 223319236 B
Edge => 0 B
Chrome => 795319290 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33186 B
systemprofile32 => 39094 B
LocalService => 66228 B
NetworkService => 66228 B
Daldous => 294687160 B

RecycleBin => 9414 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 21:22:18 ====

V PC su nainstalovane zastarale verzie Javy (Java 8 Update 40 a Java 6 Update 24), odporucam ich odinstalovat. Ak Javu potrebujes, nainstaluj aktualnu verziu (momentalne Java 8 Update 171) z https://java.com/en/download/

Doinstaluj vsetky dolezite aktualizacie cez Windows Update.

Velikost slozky "C:\Users\Daldous\Desktop" je 1180 MB.

Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

Ako to vyzera s PC? Nastala nejaka zmena?

Všechny kroky jsem provedl a vyraznejsi zmenu nepozoruji...po startu/restartu trva dost dlouho nez se rozbehne chrome nebo spusti film v prehravaci kmplayer...
Pokud ale v logu uz nic neni, tak ok, nechme to tak...alespon jsem provedl nezbytny uklid...diky

Posli este raz nove logy z FRST.

FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23.04.2018
Ran by Daldous (administrator) on DALDOUS-PC (24-04-2018 21:53:07)
Running from C:\Users\Daldous\Desktop
Loaded Profiles: Daldous (Available Profiles: Daldous)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nalserv.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() C:\Program Files (x86)\ZyXEL\ZyWALL SecuExtender\SecuExtenderHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-04-16] (AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM-x32\...\RunOnce: [SBrowserCheck] => C:\ProgramData\Avast Software\Avast\SecureBrowser\avast_browser_setup_checker.exe [4788840 2018-04-04] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8891608 2016-07-13] (Piriform Ltd)
HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3199776 2018-04-03] (Valve Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.96.160.7 212.96.161.6
Tcpip\..\Interfaces\{0B9BB5B1-79D0-468F-AFC9-1CE3C39BEE73}: [DhcpNameServer] 212.96.160.7 212.96.161.6
Tcpip\..\Interfaces\{67DFB584-BFBB-40B2-B7F8-DF9C30512552}: [DhcpNameServer] 212.96.160.7 212.96.161.6
Tcpip\..\Interfaces\{B26C9018-F5F4-4EAF-9914-055B35775648}: [NameServer] 192.168.202.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1897870398-3820753920-757805072-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&r ... d=ie7&rlz=
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-04-23] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-02-25] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-23] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-02-25] (AVAST Software)
DPF: HKLM-x32 {5B84B165-F6DE-4126-B3F8-5EDCD447EFF4} hxxps://212.24.156.6/ext-js/web-pages/portal/SecuExtender.cab

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-23] (Oracle Corporation)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2012-11-02] (GARMIN Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1897870398-3820753920-757805072-1000: @powerchallenge.com/PowerLoader -> C:\Users\Daldous\AppData\LocalLow\POWERC~1\nppowerloader.dll [2011-03-15] (Power Challenge Sweden AB)
FF Plugin HKU\S-1-5-21-1897870398-3820753920-757805072-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Daldous\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2018-01-23] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "","www.google.com","hxxp://www.google.com/"
CHR Profile: C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default [2018-04-24]
CHR Extension: (Dokumenty) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-04-20]
CHR Extension: (Vyhledávání Google) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-01-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Avast Online Security) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-22]
CHR Extension: (SearchPreview) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo [2016-10-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-23]
CHR Profile: C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-04-22]
CHR Extension: (Prezentace) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-21]
CHR Extension: (Dokumenty) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-21]
CHR Extension: (Disk Google) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-21]
CHR Extension: (YouTube) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-21]
CHR Extension: (Avast SafePrice) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-21]
CHR Extension: (Tabulky) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-21]
CHR Extension: (Avast Online Security) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-12-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-21]
CHR Extension: (Gmail) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-21]
CHR Extension: (Chrome Media Router) - C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-21]
CHR Profile: C:\Users\Daldous\AppData\Local\Google\Chrome\User Data\System Profile [2018-04-22]
CHR HKU\S-1-5-21-1897870398-3820753920-757805072-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7603408 2018-04-16] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [313640 2018-04-16] (AVAST Software)
R2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [774736 2017-09-05] (Lenovo.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 NalServ; C:\Windows\SysWOW64\nalserv.exe [135168 2012-06-29] (Nalpeiron Ltd.) [File not signed]
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2012-06-29] (Nalpeiron Ltd.) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe [411648 2016-03-31] (Wondershare) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)
R2 ZyWALL SecuExtender Helper; C:\Program Files (x86)\ZyXEL\ZyWALL SecuExtender\SecuExtenderHelper.exe [44928 2014-03-28] ()

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196640 2018-04-16] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-03-16] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-03-16] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-03-16] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-03-16] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [227784 2018-04-16] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-04-16] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [147224 2018-04-16] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111352 2018-04-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84368 2018-04-16] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026696 2018-04-16] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-04-16] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-04-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380528 2018-04-16] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2017-06-10] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-15] (Disc Soft Ltd)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2017-06-10] ()
R3 tap0901_zyxel; C:\Windows\System32\DRIVERS\tap0901_zyxel.sys [36408 2014-01-15] (The OpenVPN Project)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-24 21:53 - 2018-04-24 21:55 - 000016145 _____ C:\Users\Daldous\Desktop\FRST.txt
2018-04-23 22:34 - 2013-10-02 04:22 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2018-04-23 22:34 - 2013-10-02 04:11 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2018-04-23 22:34 - 2013-10-02 04:08 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2018-04-23 22:34 - 2013-10-02 03:48 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2018-04-23 22:34 - 2013-10-02 03:48 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2018-04-23 22:34 - 2013-10-02 03:29 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2018-04-23 22:34 - 2013-10-02 03:10 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2018-04-23 22:34 - 2013-10-02 02:15 - 001057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2018-04-23 22:34 - 2013-10-02 02:14 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2018-04-23 22:34 - 2013-10-02 02:14 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2018-04-23 22:34 - 2013-10-02 02:08 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2018-04-23 22:34 - 2013-10-02 02:01 - 000420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2018-04-23 22:34 - 2013-10-02 01:58 - 000053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2018-04-23 22:34 - 2013-10-02 01:31 - 001147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2018-04-23 22:34 - 2013-10-02 01:08 - 000855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2018-04-23 22:34 - 2013-10-02 00:34 - 001068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2018-04-23 22:34 - 2013-10-01 22:57 - 006578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2018-04-23 22:34 - 2013-10-01 22:55 - 005698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2018-04-23 22:25 - 2012-08-23 16:13 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2018-04-23 22:25 - 2012-08-23 16:10 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2018-04-23 22:25 - 2012-08-23 16:08 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2018-04-23 22:25 - 2012-08-23 15:24 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2018-04-23 22:25 - 2012-08-23 13:12 - 000192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2018-04-23 22:25 - 2012-08-23 12:51 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2018-04-23 22:25 - 2012-08-23 11:51 - 003174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2018-04-23 21:34 - 2018-03-14 19:14 - 000135360 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-04-23 21:34 - 2018-03-14 19:09 - 000656384 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-04-23 21:34 - 2018-03-14 15:05 - 001993728 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-04-23 21:34 - 2018-03-14 15:05 - 001559552 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-04-23 21:34 - 2018-03-14 15:05 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-04-23 21:34 - 2018-03-14 15:05 - 000599552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-04-23 21:34 - 2018-03-14 15:05 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-04-23 21:34 - 2018-03-14 15:05 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-04-23 21:34 - 2018-03-14 15:05 - 000291840 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-04-23 21:34 - 2018-03-14 15:05 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-04-23 20:49 - 2015-12-16 20:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2018-04-23 20:49 - 2015-12-16 20:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2018-04-23 20:49 - 2015-12-16 20:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2018-04-23 20:49 - 2015-12-16 20:48 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2018-04-23 20:49 - 2015-12-16 20:48 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2018-04-23 20:49 - 2015-12-16 20:48 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2018-04-23 20:40 - 2018-04-23 20:40 - 000000000 ____D C:\Users\Daldous\AppData\Roaming\Sun
2018-04-23 20:38 - 2018-04-23 20:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-04-23 20:38 - 2018-04-23 20:37 - 000111048 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2018-04-23 20:37 - 2018-04-23 20:37 - 000000000 ____D C:\Program Files\Java
2018-04-22 21:20 - 2018-04-22 21:22 - 000007490 _____ C:\Users\Daldous\Desktop\Fixlog.txt
2018-04-22 21:19 - 2018-04-24 21:52 - 000000000 ____D C:\Users\Daldous\Desktop\FRST-OlderVersion
2018-04-22 21:19 - 2018-04-22 21:19 - 000029696 _____ C:\Users\Daldous\AppData\Local\MSGBOX.EXE
2018-04-22 21:19 - 2018-04-22 21:19 - 000015327 _____ C:\Users\Daldous\Desktop\LM.bat
2018-04-22 16:52 - 2018-04-24 21:52 - 002404352 _____ (Farbar) C:\Users\Daldous\Desktop\FRST64.exe
2018-04-22 15:25 - 2018-04-22 15:24 - 007256272 _____ (Malwarebytes) C:\Users\Daldous\Desktop\adwcleaner_7.1.0.0.exe
2018-04-22 12:58 - 2018-04-22 12:59 - 000000000 ____D C:\rsit
2018-04-16 19:19 - 2018-04-16 19:19 - 000376536 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-04-06 21:42 - 2018-04-06 21:42 - 000000000 ____D C:\Users\Daldous\Documents\SkidRow
2018-04-06 21:42 - 2018-04-06 21:42 - 000000000 ____D C:\Users\Daldous\AppData\Local\Introversion
2018-04-06 21:33 - 2018-04-06 21:33 - 000001311 _____ C:\Users\Public\Desktop\Prison Architect (safe mode).lnk
2018-04-06 21:33 - 2018-04-06 21:33 - 000001237 _____ C:\Users\Public\Desktop\Prison Architect.lnk
2018-04-06 21:31 - 2018-04-06 21:31 - 000000000 ____D C:\Program Files (x86)\Prison Architect

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-24 21:54 - 2009-07-14 06:45 - 000025536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-04-24 21:54 - 2009-07-14 06:45 - 000025536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-04-24 21:53 - 2013-11-19 20:06 - 000000000 ____D C:\FRST
2018-04-24 21:51 - 2018-01-30 22:32 - 000000000 ____D C:\ProgramData\Garmin
2018-04-24 21:51 - 2013-10-27 19:47 - 000000000 ____D C:\ProgramData\Package Cache
2018-04-24 21:51 - 2013-08-31 17:59 - 000000000 ____D C:\Program Files (x86)\Garmin
2018-04-24 21:51 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-04-23 22:59 - 2015-12-03 19:42 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-04-23 22:57 - 2016-08-21 22:21 - 000000000 ____D C:\Program Files (x86)\Steam
2018-04-23 22:53 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-23 22:51 - 2014-12-12 09:49 - 000000000 ____D C:\Windows\system32\appraiser
2018-04-23 22:51 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-04-23 22:50 - 2013-09-01 09:29 - 000000000 ____D C:\Windows\system32\MRT
2018-04-23 22:43 - 2017-11-20 16:41 - 136971704 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-04-23 22:43 - 2013-09-01 09:29 - 136971704 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-04-23 22:37 - 2013-10-27 20:00 - 001560204 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-04-23 22:37 - 2011-04-12 10:34 - 000669116 _____ C:\Windows\system32\perfh005.dat
2018-04-23 22:37 - 2011-04-12 10:34 - 000141744 _____ C:\Windows\system32\perfc005.dat
2018-04-23 22:37 - 2009-07-14 07:13 - 001560204 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-22 16:51 - 2015-07-20 19:09 - 000000000 ____D C:\Users\Daldous\Desktop\udrzba
2018-04-22 15:44 - 2017-10-15 09:34 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-04-22 15:44 - 2017-10-15 09:34 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-04-22 15:27 - 2013-11-19 21:37 - 000000000 ____D C:\AdwCleaner
2018-04-22 13:07 - 2014-10-25 10:46 - 000000000 ____D C:\Users\Daldous\AppData\Roaming\uTorrent
2018-04-22 13:06 - 2013-11-19 20:34 - 000000000 ____D C:\Program Files\trend micro
2018-04-17 20:18 - 2017-03-17 09:27 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-04-16 19:20 - 2013-08-30 08:16 - 000147224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-04-16 19:19 - 2017-11-18 14:41 - 000196640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-04-16 19:19 - 2014-05-06 06:55 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-04-16 19:19 - 2014-01-04 13:17 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-04-16 19:19 - 2013-08-30 08:17 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-04-16 19:19 - 2013-08-30 08:17 - 000380528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-04-16 19:19 - 2013-08-30 08:17 - 000111352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-04-16 19:19 - 2013-08-30 08:17 - 000084368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-04-16 19:18 - 2018-01-05 17:26 - 000227784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-04-16 19:18 - 2013-08-30 08:17 - 001026696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-04-16 19:14 - 2017-09-28 20:45 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2018-04-16 07:05 - 2018-01-22 21:32 - 000003210 _____ C:\Windows\System32\Tasks\{F6A687CE-EF87-4186-BCF2-696E86BC6EC3}
2018-04-16 07:05 - 2017-10-15 09:31 - 000004550 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-04-16 07:05 - 2017-10-15 09:31 - 000004410 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-04-16 07:05 - 2017-09-25 19:54 - 000003898 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1468513134
2018-04-16 07:05 - 2017-01-14 15:57 - 000002932 _____ C:\Windows\System32\Tasks\{77529009-2249-437E-A8F4-8DE23F298101}
2018-04-16 07:05 - 2014-12-24 14:08 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-04-16 07:05 - 2014-09-10 22:52 - 000003036 _____ C:\Windows\System32\Tasks\{FA53C2BA-1CDE-4819-ADB3-6AF1FAEC8AD9}
2018-04-16 07:05 - 2014-09-10 22:51 - 000003036 _____ C:\Windows\System32\Tasks\{111CDC67-B0F0-4673-8A43-48B483F4E6EF}
2018-04-16 07:05 - 2014-09-10 22:18 - 000003036 _____ C:\Windows\System32\Tasks\{D4BDACFC-16FC-4983-AAEE-7E48790067F2}
2018-04-16 07:05 - 2014-09-10 22:17 - 000003036 _____ C:\Windows\System32\Tasks\{4546AF5C-2C07-4168-BF5E-F2611F61A3F3}
2018-04-16 07:05 - 2014-01-12 01:14 - 000003068 _____ C:\Windows\System32\Tasks\{D704FA25-5DAE-4600-8C32-853A2AF0699A}
2018-04-16 07:05 - 2013-12-16 23:11 - 000002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-04-16 07:05 - 2013-08-30 08:07 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-04-16 07:05 - 2013-08-30 08:07 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-04-11 15:36 - 2017-10-15 09:31 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-04-11 15:36 - 2017-10-15 09:31 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-04-11 15:36 - 2015-01-24 19:10 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-04-11 15:36 - 2015-01-24 19:10 - 000000000 ____D C:\Windows\system32\Macromed
2018-03-25 16:11 - 2016-04-11 09:56 - 000000000 ____D C:\Program Files (x86)\TeamViewer

==================== Files in the root of some directories =======

2015-02-09 23:06 - 2015-02-09 23:06 - 000003584 _____ () C:\Users\Daldous\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-04-22 21:19 - 2018-04-22 21:19 - 000029696 _____ () C:\Users\Daldous\AppData\Local\MSGBOX.EXE

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-04-22 08:55

==================== End of FRST.txt ============================

Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.04.2018
Ran by Daldous (24-04-2018 21:56:00)
Running from C:\Users\Daldous\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-08-29 19:57:49)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1897870398-3820753920-757805072-500 - Administrator - Disabled)
Daldous (S-1-5-21-1897870398-3820753920-757805072-1000 - Administrator - Enabled) => C:\Users\Daldous
Guest (S-1-5-21-1897870398-3820753920-757805072-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1897870398-3820753920-757805072-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\uTorrent) (Version: 3.5.3.44396 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.3.2333 - AVAST Software)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.20.55.57 - Broadcom Corporation)
Brothers in Arms - Pekelná dálnice (HKLM-x32\...\Brothers in Arms - Hell's Highway) (Version: 1.0.0.0 - Ubisoft)
Call of Duty (HKLM-x32\...\Call of Duty) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.20 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Company of Heroes - Complete Edition (HKLM-x32\...\Company of Heroes - Complete Edition_is1) (Version: - )
Counter-Strike 1.6 (HKLM-x32\...\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}) (Version: 1.6 - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Factorio version 0.14.22 (HKLM\...\Factorio_is1) (Version: - )
Fallout Tactics (HKLM-x32\...\{78A62183-20AB-4333-ACA7-08BDAD9368A3}) (Version: 1.00.000 - Interplay) Hidden
Fallout Tactics (HKLM-x32\...\InstallShield_{78A62183-20AB-4333-ACA7-08BDAD9368A3}) (Version: 1.00.000 - Interplay)
FreeCommander 2009.02b (HKLM-x32\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Google Drive (HKLM-x32\...\{9BC95947-92FD-438B-A168-C01F9A5B7292}) (Version: 2.34.7529.6838 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.117 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel Driver Update Utility (HKLM-x32\...\{fe92d390-13ee-4660-a2f8-39a066fdffe0}) (Version: 2.2.0.5 - Intel)
Intel(R) Driver Update Utility 2.2.0.5 (HKLM-x32\...\{C4FB3CF4-C845-4746-A9F5-476908266433}) (Version: 2.2.0.1 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.00.02 - )
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft WSE 2.0 SP3 Runtime (HKLM-x32\...\{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}) (Version: 2.0.5050.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9 - Notepad++ Team)
NVIDIA GAME System Software 2.8.1 (HKLM-x32\...\{4F0C7CCF-5666-474B-B02E-AC514A95EC93}) (Version: 2.8.1 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
Open XML SDK 2.0 for Microsoft Office (HKLM-x32\...\{171D8D76-3F05-455A-A8AF-C561C2679905}) (Version: 2.0.5022 - Microsoft Corporation)
Power Challenge Game Plugin (HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\Power Loader) (Version: - )
Prison Architect (HKLM\...\{203FDA07-E643-4E87-916A-B0CD31415713}_is1) (Version: Update 10b - Introversion Software)
Railroad Tycoon II - Platinum (HKLM-x32\...\{BED27751-CD2A-4C2F-9813-00B9B60C76FE}) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Sherlock Holmes vs Jack Rozparovač (HKLM-x32\...\{3F64C088-9A45-41B3-8B99-71AFAB720A56}) (Version: 1.00.0777 - Frogwares)
Software Intel® PROSet/Wireless WiFi (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.0.127 - PandoraTV)
The Testament of Sherlock Holmes čeština 1.00 (HKLM-x32\...\The Testament of Sherlock Holmes čeština 1.00) (Version: - )
ThinkPad Wireless LAN Adapter Software (HKLM-x32\...\{9D3D2C60-A55F-4fed-B2B9-17311226DF01}) (Version: 1.00.0031.1 - REALTEK Semiconductor Corp.)
Unity Web Player (HKU\S-1-5-21-1897870398-3820753920-757805072-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unreal Tournament G.O.T.Y. Edition (HKLM-x32\...\UnrealTournament) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 26.1 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
YoutubeAdblocker (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: 1.1.0.1902 - YoutubeAdblocker) <==== ATTENTION
ZyWALL SecuExtender (HKLM-x32\...\{644421AA-C633-4508-AC2C-0EA631C165E6}) (Version: 3.0.20.0 - ZyXEL Communications Corp.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-16] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-16] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2011-04-18] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-02-21] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-16] (AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-16] (AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2011-04-18] (Igor Pavlov)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-16] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B7F6C0D-93AC-41B2-A4F7-FAC98E980DCD} - System32\Tasks\{111CDC67-B0F0-4673-8A43-48B483F4E6EF} => C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
Task: {119FF0B0-85ED-4155-9A8B-BE6A749BF9BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {1CB4B498-3B5B-4A64-95CC-7155B9BF2DC7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {1CFCBFCE-5FBC-4C5E-BB0D-EBD43E57A9FC} - System32\Tasks\{D4BDACFC-16FC-4983-AAEE-7E48790067F2} => C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
Task: {52AEB9B2-221D-4BF1-B969-5043370C4E2E} - System32\Tasks\{77529009-2249-437E-A8F4-8DE23F298101} => G:\Hry\Battlefield 3\bf3.exe
Task: {63558671-79A7-4113-8646-E79C197F29CF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {6B07B79F-0BBF-40C4-AC72-700516058E93} - System32\Tasks\{F6A687CE-EF87-4186-BCF2-696E86BC6EC3} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe -c /M{78A62183-20AB-4333-ACA7-08BDAD9368A3}
Task: {6D0B9A95-BB11-4CF1-A476-453490A22B82} - System32\Tasks\{D704FA25-5DAE-4600-8C32-853A2AF0699A} => G:\Docasne_soubory\Unreal Tournament (1999)\Unreal Tournament (1999)\SYSTEM\UnrealTournament.exe
Task: {91E64D21-77FE-43CD-A707-5F4994CFB7EA} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {9F33481F-3B52-4635-A1F2-AC31861E1BF9} - System32\Tasks\{4546AF5C-2C07-4168-BF5E-F2611F61A3F3} => C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
Task: {A0770029-CE44-4656-B3AA-08E580343D3C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_pepper.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {B17891D1-38D6-49F7-B2A5-EBA9604639CE} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-04-16] (AVAST Software)
Task: {B68D8363-AED9-41BF-8B19-365F7C52D84E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-07-13] (Piriform Ltd)
Task: {C83CDE6A-3099-4234-9640-3478E233B096} - System32\Tasks\{FA53C2BA-1CDE-4819-ADB3-6AF1FAEC8AD9} => C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
Task: {DB4F5D94-C477-4CC7-862B-B2ECD67440AF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {FA237A87-5455-4EFC-A387-A96D18EB9D23} - System32\Tasks\SafeZone scheduled Autoupdate 1468513134 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {FC45C919-C392-49A9-8714-4028699FC341} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-04-22] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2013-10-17 15:27 - 2013-10-17 15:27 - 000166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-03-28 17:50 - 2014-03-28 17:50 - 000044928 _____ () C:\Program Files (x86)\ZyXEL\ZyWALL SecuExtender\SecuExtenderHelper.exe
2018-04-16 19:18 - 2018-04-16 19:18 - 000728792 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2018-04-16 19:18 - 2018-04-16 19:18 - 000920280 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2018-04-16 19:18 - 2018-04-16 19:18 - 000348888 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2018-04-16 19:18 - 2018-04-16 19:18 - 000329432 _____ () C:\Program Files\AVAST Software\Avast\x64\tasks_core.dll
2016-02-21 23:38 - 2016-02-21 23:38 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2012-12-14 02:42 - 2015-06-01 21:00 - 000102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2018-04-16 19:18 - 2018-04-16 19:18 - 000349912 _____ () C:\Program Files\AVAST Software\Avast\streamback_avast.dll
2018-04-16 19:18 - 2018-04-16 19:18 - 000295640 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-04-16 19:18 - 2018-04-16 19:18 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-04-23 18:49 - 2018-04-23 18:49 - 005817488 _____ () C:\Program Files\AVAST Software\Avast\defs\18042304\algo.dll
2018-04-16 19:18 - 2018-04-16 19:18 - 000763608 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2018-04-16 19:19 - 2018-04-16 19:19 - 000911064 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-04-16 19:18 - 2018-04-16 19:18 - 000172760 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-04-16 19:18 - 2018-04-16 19:18 - 000969944 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-04-16 19:18 - 2018-04-16 19:18 - 000501464 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-04-24 21:48 - 2018-04-24 21:48 - 005817488 _____ () C:\Program Files\AVAST Software\Avast\defs\18042404\algo.dll
2017-10-21 08:18 - 2018-01-11 04:05 - 000784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-10-21 08:17 - 2016-09-01 03:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-10-21 08:17 - 2016-09-01 03:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-10-21 08:17 - 2016-09-01 03:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-10-21 08:18 - 2018-04-03 01:34 - 002631968 _____ () C:\Program Files (x86)\Steam\video.dll
2018-02-01 18:16 - 2017-12-20 03:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-02-01 18:16 - 2017-12-20 03:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-02-01 18:16 - 2017-12-20 03:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-02-01 18:16 - 2017-12-20 03:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-02-01 18:16 - 2017-12-20 03:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2017-10-21 08:18 - 2018-04-03 01:34 - 000977184 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-10-21 08:17 - 2016-07-05 00:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2018-03-16 20:16 - 2018-03-16 20:16 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-04-16 19:18 - 2018-04-16 19:18 - 000281816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-10-21 08:20 - 2017-09-07 04:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-10-21 08:20 - 2017-12-13 23:16 - 071471392 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-10-21 08:17 - 2015-09-25 01:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:netNLSPreferences [0]
AlternateDataStreams: C:\Windows:nlsPreferences [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2018-04-22 21:21 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1897870398-3820753920-757805072-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Daldous\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 212.96.160.7 - 212.96.161.6
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3276BC8C-F477-413A-A386-403B8B9112B9}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{D8F698D8-246A-4383-8525-C130B9448805}C:\program files (x86)\call of duty\codmp.exe] => (Allow) C:\program files (x86)\call of duty\codmp.exe
FirewallRules: [UDP Query User{ABC5A62D-539E-4326-AB97-26ECE174FBD3}C:\program files (x86)\call of duty\codmp.exe] => (Allow) C:\program files (x86)\call of duty\codmp.exe
FirewallRules: [TCP Query User{7B6384D9-0EDD-444C-A0DB-7FDBCCB7A3F3}C:\program files (x86)\call of duty\codmp.exe] => (Allow) C:\program files (x86)\call of duty\codmp.exe
FirewallRules: [UDP Query User{6D34E425-4485-461A-B6B0-24D3D87943FC}C:\program files (x86)\call of duty\codmp.exe] => (Allow) C:\program files (x86)\call of duty\codmp.exe
FirewallRules: [TCP Query User{6355C514-E5C8-480D-A11B-2BCD87B2CF51}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [UDP Query User{BEC17AB7-689E-4FA5-8ACC-1FD4D06A8BE5}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [{95A2F7E1-9274-40E9-8C5D-1B6967992B57}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
FirewallRules: [{AF0BA33C-81E7-4D60-A166-9EC2443A924A}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
FirewallRules: [{8B91ECB5-89B9-4344-ADD9-81EDBF892A7B}] => (Allow) C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
FirewallRules: [{001AB697-A18F-4C9C-B14C-19BC6DDF153D}] => (Allow) C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
FirewallRules: [{2417D6EB-82CD-44CD-8DAC-291D268BE7E0}] => (Allow) C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
FirewallRules: [{AA1FA423-D72D-4CFD-9870-B07260DD4724}] => (Allow) C:\Program Files (x86)\Focus\Frogwares\The Testament of Sherlock Holmes\game.exe
FirewallRules: [{8FEFD972-C561-48BB-B127-8B2E8088A115}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
FirewallRules: [{AD093A44-CF63-4071-B449-D305095205B5}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
FirewallRules: [TCP Query User{49EB036B-71EF-4341-B974-D5337C069C9A}C:\users\daldous\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\daldous\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{B3A5C1E6-75AF-4D5A-BF32-7F479D25B86B}C:\users\daldous\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\daldous\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{85B6B8FB-C2F1-4475-8B81-FBAF057A3940}] => (Allow) C:\Users\Daldous\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6AD3BDA3-3F45-49DF-8449-500D8643BB2E}] => (Allow) C:\Users\Daldous\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{70A90FDB-2BF7-48CD-95DC-EF97E43498CD}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDTray.exe
FirewallRules: [{029186CB-D48D-4289-B4A0-5707051C2456}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDTray.exe
FirewallRules: [{6896C646-A5EA-4C03-BC02-D228504C66FF}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDSendToExplorer.exe
FirewallRules: [{B1BA1273-1A01-4A2A-BF5F-CCBAE42EFAA4}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDSendToExplorer.exe
FirewallRules: [{855C074F-8C53-4EB1-93F8-DA6221E70C65}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDTray.exe
FirewallRules: [{020D467E-0183-4D29-B1CB-BC9DD36408F9}] => (Allow) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\WFDTray.exe
FirewallRules: [TCP Query User{47AA4F92-3CDB-45DC-9077-AD8D49201AF7}C:\unrealtournament\system\unrealtournament.exe] => (Block) C:\unrealtournament\system\unrealtournament.exe
FirewallRules: [UDP Query User{302BC98B-A8A0-4874-B9E3-A34C3AF76A87}C:\unrealtournament\system\unrealtournament.exe] => (Block) C:\unrealtournament\system\unrealtournament.exe
FirewallRules: [{4C60C5D7-C112-4C3C-BA8A-25CC384C1726}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0E13BECE-0EE9-41EA-A476-90EECF96E91B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{564AAFA3-A70D-4C77-813E-E7BACE8628CB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C13D703B-5F12-412D-9377-449686855D14}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5CD0E768-0194-4066-A5AE-8824AB2468BF}] => (Allow) C:\Program Files (x86)\Cyanide\Pro Cycling Manager - Season 2014\PCM.exe
FirewallRules: [{A92253CA-87C1-4B9A-B82E-D13AA214820E}] => (Allow) C:\Program Files (x86)\Cyanide\Pro Cycling Manager - Season 2014\PCM.exe
FirewallRules: [{58B64EFE-B4C1-409E-A429-782B8EE05949}] => (Allow) C:\Program Files (x86)\Cyanide\Pro Cycling Manager - Season 2014\Autorun\Exe\Autorun.exe
FirewallRules: [{B9084631-161E-4E2F-8A83-C32C3A65CADB}] => (Allow) C:\Program Files (x86)\Cyanide\Pro Cycling Manager - Season 2014\Autorun\Exe\Autorun.exe
FirewallRules: [TCP Query User{2E49915C-C30A-46A9-BC79-B50CFE45C11D}C:\program files (x86)\crossout\launcher.exe] => (Allow) C:\program files (x86)\crossout\launcher.exe
FirewallRules: [UDP Query User{7DAD7687-E741-45F2-A6A8-F6DD871EFDC7}C:\program files (x86)\crossout\launcher.exe] => (Allow) C:\program files (x86)\crossout\launcher.exe
FirewallRules: [{AFF06221-4254-4C35-BDD4-2AA2242AE6B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{07A901A1-B187-45E8-81D6-8CFF12CF67FB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{50293D52-673E-408F-A9A1-361F252B1E1F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{929C34F4-2A1A-4F4E-B746-71BF02AF1D20}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6D169C7E-AB75-4455-82B5-610A37E60A30}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{9DBEDEA8-3091-4935-A117-274EB06B6570}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{E8A6C76F-FFE5-4EAF-90A5-F9E76F9D0CBF}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{A8A4D072-58D4-4883-905F-80A5DD02E582}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{84508D3B-114D-4727-9EC8-F7ED38620377}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{EA76F203-1744-4E79-B0A0-B3AEB6C32DAC}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{2D16A2DC-DBED-49A2-B86E-C2554CCE3748}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{46162356-BCB7-48DD-BE94-8158C486F387}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{6EB46FC4-73AE-4496-9D77-4DE38DE4F0BA}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{A9DF4FD1-D403-4E2D-893C-441B2DB68A88}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{97F80D8C-9533-4A8D-9E05-A5E2BD27855F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3E1230A0-EFA7-40FA-84D9-2B4E6BCFECA7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0CC19F82-F1B2-4F64-87B1-59E4F311157C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5B61A74A-7A73-48C3-940C-51B958BCE4F0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{E6BE86DD-7F89-4B0D-8744-99F1F3AB0F1A}C:\program files (x86)\company of heroes 2\reliccoh2.exe] => (Allow) C:\program files (x86)\company of heroes 2\reliccoh2.exe
FirewallRules: [UDP Query User{F86A9D35-1B71-4C2C-B2D6-3347269E190D}C:\program files (x86)\company of heroes 2\reliccoh2.exe] => (Allow) C:\program files (x86)\company of heroes 2\reliccoh2.exe
FirewallRules: [TCP Query User{9FE6B1C1-5935-4867-A642-BE1328445F69}C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe] => (Allow) C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe
FirewallRules: [UDP Query User{A63A77E5-3036-4074-8B77-571DE54C15C3}C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe] => (Allow) C:\program files (x86)\ubisoft\gearbox software\brothers in arms - hell's highway\binaries\biahh.exe
FirewallRules: [TCP Query User{E4838F88-BD7F-4141-A967-50B5E1931D06}C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe] => (Allow) C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe
FirewallRules: [UDP Query User{B90CF693-96C5-4FD5-AA29-FE8D1874DA96}C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe] => (Allow) C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe
FirewallRules: [{08660C3D-DD81-4454-B862-52B32DA2E213}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{B55BD96C-3FC5-4594-A622-64E820C66D95}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_1\SZBrowser.exe
FirewallRules: [TCP Query User{2CFA9237-C7D9-4482-B34F-F2EEA9313070}C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe] => (Allow) C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe
FirewallRules: [UDP Query User{B948267A-0B53-47DA-BF05-C3752CD5D088}C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe] => (Allow) C:\users\daldous\appdata\roaming\utorrent\updates\3.5.0_44090.exe
FirewallRules: [{94236AF8-F1BE-40F7-9273-170391188A2C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A6B25143-9506-4195-979F-A70E95753B4C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{606D2C99-F258-4A54-A539-2A00771A50D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe
FirewallRules: [{1665C564-19E8-41DF-83B0-DEFEA1B846AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe
FirewallRules: [TCP Query User{0F3CC8CE-5006-4E64-A423-E6E7AC8DE0A0}C:\program files (x86)\xcom enemy within\binaries\win32\xcomgame.exe] => (Allow) C:\program files (x86)\xcom enemy within\binaries\win32\xcomgame.exe
FirewallRules: [UDP Query User{9E1B5A72-526D-4355-BD5C-22ECE156841E}C:\program files (x86)\xcom enemy within\binaries\win32\xcomgame.exe] => (Allow) C:\program files (x86)\xcom enemy within\binaries\win32\xcomgame.exe
FirewallRules: [{5152E9A0-ACBE-4AD3-AAA3-D0390C7A9115}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

04-03-2018 21:14:36 Nainstalováno: NVIDIA GAME System Software 2.8.1
03-04-2018 07:21:36 Garmin Express
22-04-2018 09:02:04 Naplánovaný kontrolní bod
22-04-2018 21:20:15 Restore Point Created by FRST
23-04-2018 20:31:30 Removed Java 8 Update 40
23-04-2018 20:33:30 Removed Java(TM) 6 Update 24
23-04-2018 21:42:02 Windows Update
24-04-2018 21:49:42 Garmin Express

==================== Faulty Device Manager Devices =============

Name: Intel(R) 7 Series/C216 Chipset Family USB 3.0 eXtensible Host Controller Installation Disk - 1E31
Description: Intel(R) 7 Series/C216 Chipset Family USB 3.0 eXtensible Host Controller Installation Disk - 1E31
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: BCM43142A0
Description: BCM43142A0
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (04/23/2018 10:53:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WsAppService.exe, verze: 2.2.0.5, časové razítko: 0x56fce241
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.23915, časové razítko: 0x59b94f2a
Kód výjimky: 0xe053534f
Posun chyby: 0x000000000001a06d
ID chybujícího procesu: 0x%9
Čas spuštění chybující aplikace: 0xWsAppService.exe0
Cesta k chybující aplikaci: WsAppService.exe1
Cesta k chybujícímu modulu: WsAppService.exe2
ID zprávy: WsAppService.exe3

Error: (04/23/2018 10:53:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/22/2018 09:24:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/22/2018 09:20:13 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.

Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {5401ba83-3b14-4e48-b02c-d4e51972e537}

Error: (04/22/2018 03:31:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/28/2018 07:03:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/18/2018 05:22:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/16/2018 03:59:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

System errors:
=============
Error: (04/23/2018 10:54:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wondershare Application Framework Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/23/2018 10:43:18 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200d): 2018-04, verze Preview měsíční kumulativní aktualizace pro zvýšení kvality pro Windows 7 pro systémy s procesorem x64 (KB4093113).

Error: (04/23/2018 10:30:03 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200d): 2018-04, měsíční kumulativní aktualizace zabezpečení pro zvýšení kvality pro Windows 7 pro systémy s procesorem x64 (KB4093118).

Error: (04/23/2018 09:25:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Zasílání zpráv o chybách systému Windows bylo dosaženo časového limitu (30000 ms).

Error: (04/23/2018 09:24:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Zasílání zpráv o chybách systému Windows bylo dosaženo časového limitu (30000 ms).

Error: (04/23/2018 09:22:51 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/23/2018 09:22:44 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/23/2018 03:08:46 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: Při pokusu přistoupit k privátnímu klíči pověření SSL Klient došlo k závažné chybě. Kód chyby vrácený kryptografickým modulem je 0x8009030d. Stav interní chyby je 10003.

Windows Defender:
===================================
Date: 2015-07-20 06:42:38.108
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{1945B44B-5AE2-4ECB-B4CC-CC3E939B7051}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2014-06-23 21:43:14.728
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

CodeIntegrity:
===================================

Date: 2016-09-08 18:05:59.242
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 18:05:59.055
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 17:56:05.694
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-08 17:56:05.523
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-31 21:57:30.663
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-31 21:57:30.336
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-22 15:58:20.936
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-22 15:58:20.718
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 72%
Total physical RAM: 3673.36 MB
Available physical RAM: 1003.88 MB
Total Virtual: 7344.9 MB
Available Virtual: 5217.04 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:235.49 GB) (Free:135.11 GB) NTFS
Drive f: (SH5CZ) (CDROM) (Total:1.6 GB) (Free:0 GB) UDF
Drive g: (Nový svazek) (Fixed) (Total:229.27 GB) (Free:26.78 GB) NTFS

\\?\Volume{fb46e9ad-10e3-11e3-abb0-806e6f6e6963}\ (LENOVO_DOS) (Fixed) (Total:1 GB) (Free:0.98 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5AD204DE)
Partition 1: (Active) - (Size=1 GB) - (Type=0B)
Partition 2: (Not Active) - (Size=235.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=229.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

VIRY.CZ

Prosím o kontrolu logu - pomalý notebook

Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook

Re: Prosím o kontrolu logu - pomalý notebook