VIRY.CZ

Zdravím, Když zapnu pc, tak tam, kde by se mi měla ukázal obrazovka pro přihlášení na účet vidím jen black screen bez kurzoru. Provedu hard reset a pak už to normálně naběhne a takhle je to pokaždé. Poprosím tedy o kontrolu logu.






Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-10-2020
Ran by Patrik (administrator) on PATRIK-PC (Gigabyte Technology Co., Ltd. EP43T-UD3L) (03-10-2020 18:21:55)
Running from C:\Users\Patrik\Desktop
Loaded Profiles: Patrik
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Windows\system\HsMgr64.exe
() [File not signed] C:\Windows\SysWOW64\HsMgr.exe
(CANON INC. -> CANON INC.) C:\Program Files\Canon\Canon MF Network Scanner Selector\CMFNSS6.EXE
(CMedia) [File not signed] C:\Program Files\ASUS Xonar DX Audio\Customapp\AsusAudioCenter.exe
(DEVGURU CO LTD -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16>
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(StarWind Software) [File not signed] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Cmaudio8788] => C:\Windows\Syswow64\cmicnfgp.dll [12935168 2012-11-20] (C-Media Corporation) [File not signed]
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] () [File not signed]
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] () [File not signed]
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [MFNetworkScannerSelector] => C:\Program Files\Canon\Canon MF Network Scanner Selector\CMFNSS6.EXE [425512 2015-01-22] (CANON INC. -> CANON INC.)
HKU\S-1-5-21-2554351195-1383382320-3813129507-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [90952568 2020-09-29] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2554351195-1383382320-3813129507-1001\...\Run: [Eye Saver] => "C:\Program Files (x86)\Eye Saver\Eye Saver.exe" --tray
HKU\S-1-5-21-2554351195-1383382320-3813129507-1001\...\MountPoints2: G - G:\autorun.exe
HKU\S-1-5-21-2554351195-1383382320-3813129507-1001\...\MountPoints2: J - J:\Setup.exe
HKLM\...\Windows x64\Print Processors\BJ Print Processor4: C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL [84992 2009-07-14] (Microsoft Windows -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MP190 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9I.DLL [27648 2008-02-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\BJ Language Monitor4: C:\Windows\system32\CNBLM4.DLL [267776 2009-07-14] (Microsoft Windows -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP190 series: C:\Windows\system32\CNMLM9I.DLL [279040 2008-02-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon MFNP Port: C:\Windows\system32\CNCENPM6.dll [153088 2016-06-06] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\Windows\system32\CNAS0MOK.DLL [1282048 2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-26] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1A5EB6C4-693D-4101-BC8B-6E967C23E641} - System32\Tasks\{FD30B421-84CB-4012-BD52-DD81A3FBFD99} => C:\Windows\system32\pcalua.exe -a E:\rbr\RBRRallySprint11Uninst.exe
Task: {227E1A91-3321-4CFE-AEAE-D2F999B730B3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647656 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2A9088B7-40EE-4BC4-BB1F-2B1787FC1362} - System32\Tasks\{449967F4-A3EC-47D7-8C7D-6F27AA6915C9} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxps://www.skype.com/go/downloading?source=lig ... stError=-9
Task: {3386430F-6CBD-40E5-A802-5044227C22C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {38F018D4-BF5E-44C4-9F08-D43C97EC409E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {3B75D3FD-F64F-49D3-BAE7-0756B2FB41C3} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {592F23E3-BBCC-4AB1-8748-BA92A533A60D} - System32\Tasks\{023804E5-C610-4171-A544-43D1B70BE3DF} => C:\Windows\system32\pcalua.exe -a E:\rbr\RBRMonteklandUninst.exe
Task: {5A63EDEB-1284-4C09-9869-1137BCE10B76} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5E570C57-A0C5-4901-9CD3-519CE4F594DB} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {69B6022F-69C7-47B4-8566-CA41E795FA2C} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {72455FFD-223F-4C29-AB53-8C65CFD6D986} - System32\Tasks\Opera scheduled assistant Autoupdate 1581250752 => C:\Users\Patrik\AppData\Local\Programs\Opera\launcher.exe [1335320 2020-09-15] (Opera Software AS -> Opera Software)
Task: {96B96375-F5D3-4869-9591-70ACF09D7F01} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9FF9E76F-6350-4C00-A6E2-2BC3CDE1A8BD} - System32\Tasks\{2AC4E642-6E8A-43C3-83B2-577E265F0FF2} => C:\Windows\system32\pcalua.exe -a C:\games\Jazz2\UnInst.exe -d C:\games\Jazz2
Task: {BEF88A3B-464F-491C-A9A8-5BD63873DEB5} - System32\Tasks\{C3FD29CD-3045-4D72-AF5E-A1BD6B887107} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxps://ui.skype.com/ui/0/7.33.0.104/cs/abandoninstall?page=tsInstall
Task: {D0D23DBC-C874-44D0-8B70-2098ED3DF682} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3292984 2020-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E18D606F-0439-44C9-96ED-EA5746DB50E3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E2F7FEC5-DE8A-4878-9E71-CDC56752128E} - System32\Tasks\Opera scheduled Autoupdate 1444913674 => C:\Users\Patrik\AppData\Local\Programs\Opera\launcher.exe [1335320 2020-09-15] (Opera Software AS -> Opera Software)
Task: {EA1382EF-B862-464A-BC29-1C5A0FA9DB4A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F190ADB5-24F3-4431-91D1-90CB8A02F6E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {F6A398EA-A39A-475E-82FA-4B5D2763AD34} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0B0BADF7-B0C1-4D22-8655-EB82F21582E8}: [DhcpNameServer] 192.168.0.1

Edge:
======
Edge Profile: C:\Users\Patrik\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-27]

FireFox:
========
FF DefaultProfile: a0ak9un9.default
FF ProfilePath: C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\a0ak9un9.default [2020-10-03]
FF DownloadDir: C:\Users\Patrik\Desktop
FF Homepage: Mozilla\Firefox\Profiles\a0ak9un9.default -> seznam.cz
FF NewTab: Mozilla\Firefox\Profiles\a0ak9un9.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10269__161118__yaff
FF Session Restore: Mozilla\Firefox\Profiles\a0ak9un9.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\a0ak9un9.default -> hxxp://us-mg6.mail.yahoo.com; hxxps://us-mg6.mail.yahoo.com; hxxps://www.lide.cz; hxxps://www.facebook.com; hxxps://www.amateri.com; hxxps://mail.yahoo.com; hxxps://tinder.com; hxxps://cz.xhamsterlive.com; hxxps://badoo.com
FF Extension: (No Name) - C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\a0ak9un9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-09-09]
FF SearchPlugin: C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\a0ak9un9.default\searchplugins\yahoo-lavasoft.xml [2016-11-18]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC -> DivX, LLC.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default [2020-10-03]
CHR DownloadDir: C:\Users\Patrik\Desktop
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-29]
CHR Extension: (Dokumenty) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-29]
CHR Extension: (Disk Google) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-02]
CHR Extension: (YouTube) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-02]
CHR Extension: (Tabulky) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-27]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-09-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-23]
CHR Extension: (Gmail) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-28]
CHR Extension: (Chrome Media Router) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-07]

Opera:
=======
OPR Extension: (AdBlock) - C:\Users\Patrik\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-05-18]
StartMenuInternet: (HKLM) OperaStable - C:\Users\Patrik\AppData\Local\Programs\Opera\Launcher.exe

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft -> Alcohol Soft Development Team)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-12-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-08-01] (Even Balance, Inc. -> )
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2734080 2013-04-11] (C-MEDIA ELECTRONICS INC. -> C-Media Inc)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [110488 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36944 2014-03-04] (IObit Information Technology -> IObit)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2015-03-14] (Disc Soft Ltd -> Duplex Secure Ltd.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [206104 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 whfltr2k; C:\Windows\System32\DRIVERS\whfltr2k.sys [9600 2007-01-26] () [File not signed]
U3 actaojpf; C:\Windows\System32\Drivers\actaojpf.sys [0 0000-00-00] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 MBAMSwissArmy; \SystemRoot\System32\Drivers\mbamswissarmy.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-03 18:21 - 2020-10-03 18:23 - 000019266 _____ C:\Users\Patrik\Desktop\FRST.txt
2020-10-03 18:21 - 2020-10-03 18:22 - 000000000 ____D C:\FRST
2020-10-03 18:20 - 2020-10-03 18:20 - 002299392 _____ (Farbar) C:\Users\Patrik\Desktop\FRST64.exe
2020-10-03 17:05 - 2020-10-03 17:05 - 000000000 ____D C:\Users\Patrik\Desktop\motherboard_bios_ga-ep43t-ud3l_f9
2020-10-03 17:02 - 2020-10-03 17:02 - 000966776 _____ (Akeo Consulting (hxxp://akeo.ie)) C:\Users\Patrik\Desktop\rufus-2.17p.exe
2020-10-03 16:40 - 2020-10-03 16:40 - 000658018 _____ (Igor Pavlov) C:\Users\Patrik\Desktop\motherboard_bios_ga-ep43t-ud3l_f9.exe
2020-10-03 13:18 - 2016-11-14 14:30 - 000082488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-10-03 13:18 - 2016-11-14 14:30 - 000067520 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-10-03 13:18 - 2016-11-14 13:15 - 006789056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2020-10-03 13:18 - 2016-11-14 13:15 - 003528128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2020-10-03 13:18 - 2016-11-14 13:15 - 002558512 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2020-10-03 13:18 - 2016-11-14 13:15 - 000932728 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2020-10-03 13:18 - 2016-11-14 13:15 - 000384888 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2020-10-03 13:18 - 2016-11-14 13:15 - 000062328 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2020-10-03 13:18 - 2016-11-14 11:45 - 000615992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2020-10-03 13:18 - 2016-11-14 11:09 - 007513855 _____ C:\Windows\system32\nvcoproc.bin
2020-10-03 13:16 - 2016-11-14 14:30 - 031523384 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 024208440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 023000000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 017559384 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 015301056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 014497712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 013915720 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 013826968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 012905016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2020-10-03 13:16 - 2016-11-14 14:30 - 011270656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 011208312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 004253240 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 003995192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 003207824 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 002822568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 001908272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434201.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 001557552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434201.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 000951232 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 000913856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 000909760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 000876480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2020-10-03 12:57 - 2020-10-03 12:57 - 000004146 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 12:57 - 2020-10-03 12:57 - 000003940 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 12:57 - 2020-10-03 12:57 - 000003798 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 12:57 - 2020-10-03 12:57 - 000003790 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 12:57 - 2020-10-03 12:57 - 000003738 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 12:57 - 2020-10-03 12:57 - 000003704 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 12:57 - 2020-10-03 12:57 - 000003704 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 12:57 - 2020-10-03 12:57 - 000003704 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 12:57 - 2020-10-03 12:57 - 000003704 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 12:57 - 2020-10-03 12:57 - 000001374 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2020-10-03 12:57 - 2020-10-03 12:57 - 000001374 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2020-10-03 12:57 - 2020-10-03 12:57 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_NvModuleTracker_01011.Wdf
2020-10-03 12:57 - 2020-10-03 12:57 - 000000000 ____D C:\Users\Patrik\AppData\Local\NVIDIA
2020-10-03 12:57 - 2020-06-23 16:20 - 002754024 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2020-10-03 12:57 - 2020-06-23 16:20 - 002122216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2020-10-03 12:57 - 2020-06-23 16:20 - 001295848 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2020-10-03 12:57 - 2020-05-07 20:01 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2020-10-03 12:56 - 2020-10-03 12:56 - 000003494 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 12:56 - 2020-05-29 07:34 - 000169968 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2020-10-03 12:56 - 2020-05-29 07:34 - 000145904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2020-10-03 12:54 - 2020-03-11 21:26 - 000067456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2020-10-03 12:54 - 2020-03-06 12:03 - 000069840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2020-10-03 12:54 - 2020-03-04 14:54 - 001804784 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2020-10-03 12:54 - 2020-03-04 14:54 - 000050592 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\NvModuleTracker.sys
2020-10-02 21:03 - 2020-10-02 21:01 - 033075020 ____N C:\Users\Patrik\Desktop\YouCut_20201002_210100871.mp4
2020-10-02 20:57 - 2020-10-01 18:38 - 685449603 ____N C:\Users\Patrik\Desktop\FILE201001-183310F.MP4
2020-09-28 21:49 - 2020-09-28 21:49 - 000001034 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-09-28 21:49 - 2020-09-28 21:49 - 000001034 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2020-09-28 21:49 - 2020-09-28 21:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-09-28 18:47 - 2020-09-28 20:33 - 000191448 _____ C:\Windows\ntbtlog.txt
2020-09-27 16:16 - 2020-09-27 16:23 - 000000000 ____D C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2020-09-27 16:12 - 2020-09-27 16:14 - 000000000 ____D C:\ICQ
2020-09-27 16:11 - 2020-09-27 16:11 - 000000000 ____D C:\Users\Patrik\AppData\Roaming\QIP
2020-09-27 14:03 - 2020-01-30 04:30 - 000834560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-09-27 14:03 - 2020-01-30 04:23 - 001010688 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-09-27 13:41 - 2020-09-27 13:41 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-09-27 13:41 - 2020-09-27 13:41 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-09-27 13:41 - 2020-09-27 13:41 - 000002221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-19 20:30 - 2020-10-03 11:38 - 000000000 ____D C:\ProgramData\Eye Saver
2020-09-19 20:30 - 2020-09-19 20:44 - 000000000 ____D C:\Users\Patrik\AppData\Local\Eye_Saver
2020-09-09 15:11 - 2020-09-09 15:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiVue
2020-09-09 15:06 - 2020-09-09 15:11 - 000002165 _____ C:\Users\Public\Desktop\MiVue Manager.lnk
2020-09-09 15:06 - 2020-09-09 15:11 - 000002165 _____ C:\ProgramData\Desktop\MiVue Manager.lnk
2020-09-09 15:06 - 2020-09-09 15:11 - 000000000 ____D C:\Program Files (x86)\Mio Technology
2020-09-07 12:27 - 2020-09-07 12:27 - 000344605 _____ C:\Users\Patrik\Downloads\J_Steinbeck_O_mysich_a_lidech.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-03 18:21 - 2016-11-18 14:25 - 000000000 ____D C:\Users\Patrik\AppData\LocalLow\Mozilla
2020-10-03 18:10 - 2009-07-14 06:45 - 000031584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-10-03 18:10 - 2009-07-14 06:45 - 000031584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-10-03 18:01 - 2013-08-02 15:00 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-10-03 18:01 - 2013-08-02 15:00 - 000000000 ____D C:\Windows\system32\Macromed
2020-10-03 17:57 - 2014-01-27 23:46 - 000000000 ____D C:\Users\Patrik\AppData\Roaming\vlc
2020-10-03 17:09 - 2009-07-14 17:18 - 000668866 _____ C:\Windows\system32\perfh005.dat
2020-10-03 17:09 - 2009-07-14 17:18 - 000141526 _____ C:\Windows\system32\perfc005.dat
2020-10-03 17:09 - 2009-07-14 07:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2020-10-03 17:09 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-10-03 17:05 - 2017-09-08 08:40 - 000000552 __RSH C:\ProgramData\ntuser.pol
2020-10-03 16:53 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2020-10-03 16:40 - 2013-08-02 15:16 - 000000000 ____D C:\ProgramData\NVIDIA
2020-10-03 16:38 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-10-03 13:27 - 2013-11-20 01:27 - 000000000 ____D C:\Users\Patrik\AppData\Local\NVIDIA Corporation
2020-10-03 13:20 - 2016-11-18 14:25 - 000000000 ____D C:\Users\Patrik\AppData\Local\CrashDumps
2020-10-03 13:19 - 2013-08-02 15:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2020-10-03 13:18 - 2013-08-02 15:11 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-10-03 13:18 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\Help
2020-10-03 13:13 - 2013-08-02 15:16 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-10-03 12:57 - 2013-08-02 15:16 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-10-03 12:56 - 2015-05-30 22:43 - 000000000 ____D C:\ProgramData\Package Cache
2020-10-03 11:38 - 2019-10-06 17:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-09-29 17:49 - 2020-02-09 14:19 - 000004116 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1581250752
2020-09-28 22:10 - 2014-05-04 21:46 - 000002562 _____ C:\Windows\diagwrn.xml
2020-09-28 22:10 - 2014-05-04 21:46 - 000001908 _____ C:\Windows\diagerr.xml
2020-09-28 21:49 - 2015-05-16 16:57 - 000000000 ____D C:\Program Files\VS Revo Group
2020-09-28 21:14 - 2016-09-25 12:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-09-28 21:05 - 2009-07-14 07:08 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-09-27 16:17 - 2013-08-06 14:02 - 000000000 ____D C:\Program Files (x86)\QIP
2020-09-27 13:40 - 2016-11-18 12:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-09-27 13:34 - 2019-10-06 15:51 - 000000000 ____D C:\Windows\system32\MRT
2020-09-27 13:28 - 2019-10-06 15:51 - 129170736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-09-27 10:45 - 2013-08-02 14:56 - 000000000 ____D C:\ProgramData\Mozilla
2020-09-26 14:58 - 2014-10-10 21:57 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-26 14:58 - 2014-10-10 21:57 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-26 14:58 - 2014-10-10 21:57 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-18 17:02 - 2015-10-15 14:54 - 000003880 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1444913674
2020-09-12 11:30 - 2016-02-23 10:32 - 000000890 _____ C:\Users\Patrik\Desktop\objednávka.txt
2020-09-09 15:06 - 2013-08-02 16:47 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

==================== Files in the root of some directories ========

2019-02-10 12:33 - 2019-02-10 12:34 - 000002953 _____ () C:\Users\Patrik\AppData\Roaming\downloads.json

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-09-26 16:19
==================== End of FRST.txt ========================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build: 07-22-2020
# Database: 2020-07-20.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-03-2020
# Duration: 00:00:02
# OS: Windows 7 Professional
# Cleaned: 25
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\PARETOLOGIC
Deleted C:\Users\Patrik\AppData\Roaming\DriverCure
Deleted C:\Users\Patrik\AppData\Roaming\PARETOLOGIC
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService

***** [ Files ] *****

Deleted C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\a0ak9un9.default\searchplugins\yahoo-lavasoft.xml
Deleted C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
Deleted C:\Windows\SysWOW64\lavasofttcpservice.dll
Deleted C:\Windows\System32\LavasoftTcpService64.dll
Deleted C:\Windows\System32\LavasoftTcpServiceOff.ini
Deleted C:\Windows\Temp\WebCompanion.zip

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Video Player
Deleted HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\WebCompanion.exe
Deleted HKLM\Software\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted HKLM\Software\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted HKLM\Software\DivX\Install\Setup\WizardLayout\UniblueDriverScanner
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\AlcoholAutomount
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Opera Browser Assistant
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\LavasoftTcpService.exe
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3761 octets] - [03/10/2020 18:57:33]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Ty soubory, které mám teď v karanténě, mám trvale odstranit?

Dejte nové logy FRST+Addition.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-10-2020
Ran by Patrik (03-10-2020 20:06:27)
Running from C:\Users\Patrik\Desktop
Windows 7 Professional Service Pack 1 (X64) (2013-08-02 12:52:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2554351195-1383382320-3813129507-500 - Administrator - Disabled)
Guest (S-1-5-21-2554351195-1383382320-3813129507-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2554351195-1383382320-3813129507-1002 - Limited - Enabled)
Patrik (S-1-5-21-2554351195-1383382320-3813129507-1001 - Administrator - Enabled) => C:\Users\Patrik

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3.26837 - emc, uTorrent.CZ)
µTorrent (HKU\S-1-5-21-2554351195-1383382320-3813129507-1001\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1495, 03.06.2015 - AIMP DevTeam)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ASUS Xonar DX Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Balíček ovladače systému Windows - Silicon Laboratories, Inc. (usbser) Ports (03/26/2014 6.1.7601.17514) (HKLM\...\C8F9E580E0497608A65C26E324832394FE3E9E06) (Version: 03/26/2014 6.1.7601.17514 - Silicon Laboratories, Inc.)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: 1.7 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: - ) Hidden
Canon MF Scan Utility (HKLM-x32\...\Canon_MF_Scan_Utility) (Version: 1.10.0.0 - CANON INC.)
Canon MF633C/635C (HKLM\...\{7B95F8E4-3E24-4FAF-9CB0-5063F9E1202A}) (Version: 5.4.0.1 - CANON INC.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.4.1.16828 - Foxit Software Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.121 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.37 - )
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
MiVue Manager (HKLM-x32\...\{123BDDDC-D02F-4C6E-A011-9CB265E2483E}) (Version: 1.0.38.1 - Mio Technology Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 81.0 (x64 cs) (HKLM\...\Mozilla Firefox 81.0 (x64 cs)) (Version: 81.0 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.4.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.4.14 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Opera Stable 70.0.3728.189 (HKLM-x32\...\Opera 70.0.3728.189) (Version: 70.0.3728.189 - Opera Software)
Ovládací panel NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd)
Revo Uninstaller 2.1.7 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.7 - VS Revo Group, Ltd.)
RXO 2019 (HKLM-x32\...\RXO 2019_is1) (Version: - Digital Memory)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
Skype verze 8.65 (HKLM-x32\...\Skype_is1) (Version: 8.65 - Skype Technologies S.A.)
Soldat verze 1.7.1 (HKLM-x32\...\Soldat_is1) (Version: 1.7.1 - Transhuman Design)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2014-03-04] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2013-09-17] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2013-09-17] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2014-03-04] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2014-03-04] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.XFR1] => xfcodec64.dll
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-10-06 17:45 - 2020-09-29 16:31 - 002072064 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2019-10-06 17:45 - 2020-09-29 16:31 - 000310784 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2019-10-06 17:45 - 2020-09-29 16:31 - 006903808 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2016-01-01 00:58 - 2012-06-06 03:56 - 000143360 ____N () [File not signed] C:\Program Files\ASUS Xonar DX Audio\Customapp\VmixP8.dll
2020-02-28 18:33 - 2015-01-20 18:30 - 000005120 _____ (CANON INC.) [File not signed] C:\Program Files\Canon\Canon MF Network Scanner Selector\CMFNSS6.DLL
2020-02-28 18:30 - 2016-06-06 09:12 - 000153088 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNCENPM6.dll
2016-01-01 00:58 - 2012-08-22 12:57 - 000430080 ____N (C-Media Electronics Inc.) [File not signed] C:\Program Files\ASUS Xonar DX Audio\CustomApp\cmdevice.dll
2013-08-02 15:23 - 2012-01-06 03:30 - 000122880 ____N (C-Media Electronics Inc.) [File not signed] C:\Windows\system\HsSrv64.dll
2013-08-02 15:23 - 2012-01-06 03:30 - 000212992 ____N (C-Media Electronics Inc.) [File not signed] C:\Windows\SysWOW64\HsSrv.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Patrik\Dropbox:user.myxattr [0]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\S-1-5-21-2554351195-1383382320-3813129507-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10269__161118__yaie
HKU\S-1-5-21-2554351195-1383382320-3813129507-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://qip.ru
URLSearchHook: HKU\S-1-5-21-2554351195-1383382320-3813129507-1001 -> Default = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
SearchScopes: HKLM-x32 -> DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL =
SearchScopes: HKU\S-1-5-21-2554351195-1383382320-3813129507-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10269__161118__yaie&p={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2554351195-1383382320-3813129507-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2554351195-1383382320-3813129507-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRW Download Manager.lnk => C:\Windows\pss\SRW Download Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Patrik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.exe – zástupce.lnk => C:\Windows\pss\Xfire.exe – zástupce.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Patrik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire2.bat => C:\Windows\pss\Xfire2.bat.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Eye Saver => "C:\Program Files (x86)\Eye Saver\Eye Saver.exe" --tray
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HotkeyP => C:\Users\Patrik\Desktop\hotkeyp\HotkeyP.exe 0
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: NtVdmSrv => C:\Windows\inf\ntvdm.vbe
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: QIP Internet Guardian => C:\Users\Patrik\AppData\Roaming\QipGuard\QipGuard.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: tmp5938 => wscript.exe //B "C:\Users\Patrik\AppData\Local\Temp\tmp5938.tmp.vbs"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{60B773A0-22C4-490C-931B-A463D7062439}C:\users\patrik\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\patrik\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{28B25EC0-DF9F-453B-AE90-DF4572360592}C:\users\patrik\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\patrik\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{D1613099-ECDA-4A78-AEAD-2AE6A9387CE5}C:\users\patrik\appdata\roaming\utorrent\updates\3.3.1_30003.exe] => (Allow) C:\users\patrik\appdata\roaming\utorrent\updates\3.3.1_30003.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{988E4150-1955-4DFC-8172-50004F3FF112}C:\users\patrik\appdata\roaming\utorrent\updates\3.3.1_30003.exe] => (Allow) C:\users\patrik\appdata\roaming\utorrent\updates\3.3.1_30003.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{07175E4E-5B55-4B84-8EED-7BEA3C1CBA9B}C:\users\patrik\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\patrik\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{F8A6E5DE-C9BA-4181-AAD3-C7932A9FE51F}C:\users\patrik\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\patrik\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{9FBDF8A0-B1D5-4FEB-ACCC-A9661B0D4C64}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{2502B0F3-0A27-4187-8702-67817849BAF3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BFB44645-FFCB-43E2-8D1C-F5ED0DFEEED7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4607F639-C323-4068-A5B5-1E773110E5D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7206F5F2-78E9-4877-B96A-21D3212C6C66}] => (Allow) C:\Users\Patrik\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{421DB1D0-A451-4E1E-9DAB-74A6517BBF7E}] => (Allow) C:\Users\Patrik\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{6DDDD5DE-1081-46A0-8D72-8D35E27010C4}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [UDP Query User{1164F380-9A79-40F8-8D16-86ABEE850919}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [TCP Query User{E307899A-5471-4FFA-939C-AE139E1000AC}D:\torrent\beamng drive 0.3.8.3\beamng.drive\bin64\beamng.drive.x64.exe] => (Block) D:\torrent\beamng drive 0.3.8.3\beamng.drive\bin64\beamng.drive.x64.exe => No File
FirewallRules: [UDP Query User{755F1CBA-2214-4C77-89AC-228E58E243C9}D:\torrent\beamng drive 0.3.8.3\beamng.drive\bin64\beamng.drive.x64.exe] => (Block) D:\torrent\beamng drive 0.3.8.3\beamng.drive\bin64\beamng.drive.x64.exe => No File
FirewallRules: [{B15518A1-3EC8-4DCE-888D-6CF4CBB16C88}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2679ABF5-1379-46C8-BC8E-D1C2461F8EFC}] => (Allow) LPort=2869
FirewallRules: [{345AD669-D9DF-4921-A41C-3831AECF4A74}] => (Allow) LPort=1900
FirewallRules: [{720BD154-38B6-41D7-9B79-D46F42F56E9A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{12A029C3-D52B-4A23-BF0F-026E3A341F1B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3AC044EC-5754-486F-B651-B0CDCEB45546}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{3A566416-D112-4444-BF69-6A80F296905A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{418BCCDC-3B32-48B0-ABBF-B43963646CC4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{9ACAC099-2E08-4E8E-AFD8-4EA63708C950}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{615BAC7C-2D47-449A-ABD4-CA9D5019B5B7}] => (Allow) D:\cod4\iw3mp.exe () [File not signed]
FirewallRules: [{7389269A-6434-4D4C-BAA1-8586A9860683}] => (Allow) D:\cod4\iw3mp.exe () [File not signed]
FirewallRules: [{1D42E36E-80F7-4E9A-B467-B479A9285176}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{840B6167-A037-4153-AFFE-A18A5BE98B58}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{C283903B-2324-43A1-B36F-848B493CD9E5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{BC97D2FB-D370-4993-9D70-B5B8E5ABFE1C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{29E02BC2-94A0-47F6-BA18-3338A3067FCC}C:\soldat\soldat.exe] => (Allow) C:\soldat\soldat.exe (Michal Marcinkowski) [File not signed]
FirewallRules: [UDP Query User{F5D5F6F2-98DC-4237-8DFB-E798A28274CD}C:\soldat\soldat.exe] => (Allow) C:\soldat\soldat.exe (Michal Marcinkowski) [File not signed]
FirewallRules: [{68B64679-DC4D-42C6-9CE0-62FF6AFE50BA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{06152B9F-519E-47A9-99E6-6E929A9BDAD6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2F53D761-E8D8-4039-80F4-17BBEC6C91A4}] => (Allow) C:\Users\Patrik\AppData\Local\Programs\Opera\70.0.3728.178\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{39007DBD-1759-4C78-A37D-7316E4A45766}] => (Allow) C:\Users\Patrik\AppData\Local\Programs\Opera\70.0.3728.189\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{592568D2-B61C-45E1-8E26-68F574789771}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{62A37750-E7A1-4C56-B930-8C3949134DEF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3E0D69E2-F515-40C6-ABC5-0DBF0FCE9ECF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{87BBDCB8-1EB5-4B20-8FAD-36EAFDA060B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F39799EB-84A9-464B-991B-256DAECE3090}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{61A08C72-96EA-4270-979C-55EFBAD4DBDA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{12AEAE56-6173-49CF-92A3-B92CFD4AEC4F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0C4DAC6D-F974-45F1-BD22-8403E5F76C8E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9502D4E5-FB47-449E-BAAF-7EC5D29C86E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

==================== Restore Points =========================

03-10-2020 18:03:11 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/03/2020 01:20:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 81.0.0.7565, časové razítko: 0x5f62c4ae
Název chybujícího modulu: nvwgf2umx.dll, verze: 21.21.13.4201, časové razítko: 0x52f651b0
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000a11c1f
ID chybujícího procesu: 0x1584
Čas spuštění chybující aplikace: 0x01d699741e665d54
Cesta k chybující aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Cesta k chybujícímu modulu: C:\Windows\system32\nvwgf2umx.dll
ID zprávy: 71c969e0-056a-11eb-bdd0-00241dde3a65

Error: (10/03/2020 11:58:21 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program setup.exe verze 2.1002.344.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: ef8

Čas spuštění: 01d6996aafa1fa1b

Čas ukončení: 4

Cesta k aplikaci: C:\Users\Patrik\AppData\Local\Temp\NVIDIA\GFE\setup.exe

ID hlášení: f2ee9c25-055e-11eb-999d-00241dde3a65

Error: (09/29/2020 09:20:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 81.0.0.7565 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: b08

Čas spuštění: 01d69694411a4637

Čas ukončení: 21

Cesta k aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

ID hlášení: de7f0432-0288-11eb-a531-00241dde3a65

Error: (09/28/2020 09:51:05 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {0b8d887e-e1be-40eb-af3c-19425077ea74}

Error: (09/19/2020 08:05:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NvStreamUserAgent.exe, verze: 7.1.2084.9592, časové razítko: 0x57605c64
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.24545, časové razítko: 0x5e0eb67f
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002d196
ID chybujícího procesu: 0x1bf8
Čas spuštění chybující aplikace: 0x01d68eaf52b6866f
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: bed0ba11-faa2-11ea-831e-00241dde3a65

Error: (09/12/2020 10:41:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NvStreamUserAgent.exe, verze: 7.1.2084.9592, časové razítko: 0x57605c64
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.24545, časové razítko: 0x5e0eb67f
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002d196
ID chybujícího procesu: 0x13f0
Čas spuštění chybující aplikace: 0x01d68944f46ff55f
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 50a66461-f538-11ea-990a-00241dde3a65

Error: (09/05/2020 05:48:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NvStreamUserAgent.exe, verze: 7.1.2084.9592, časové razítko: 0x57605c64
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.24545, časové razítko: 0x5e0eb67f
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002d196
ID chybujícího procesu: 0xcd0
Čas spuštění chybující aplikace: 0x01d6839bfce087e3
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 427b47a6-ef8f-11ea-8837-00241dde3a65

Error: (07/22/2020 09:11:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NvStreamUserAgent.exe, verze: 7.1.2084.9592, časové razítko: 0x57605c64
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.24545, časové razítko: 0x5e0eb67f
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002d196
ID chybujícího procesu: 0x1a1c
Čas spuštění chybující aplikace: 0x01d6605bcb6906a8
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 1df4ccde-cc4f-11ea-a543-00241dde3a65


System errors:
=============
Error: (10/03/2020 07:00:07 PM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error: (10/03/2020 07:00:07 PM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error: (10/03/2020 07:00:07 PM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error: (10/03/2020 07:00:07 PM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error: (10/03/2020 06:58:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (10/03/2020 06:58:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (10/03/2020 06:58:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (10/03/2020 06:58:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba StarWind AE Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2014-11-26 15:15:09.218
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{F925EE98-9C70-45BB-9297-D1BF6E3324DE}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:Patrik-PC\Patrik

Date: 2016-09-24 15:00:45.927
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:1.207.2461.0
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Úplné
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:1.1.12101.0
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.

Date: 2016-09-24 15:00:45.927
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:
Předchozí verze modulu:1.1.12101.0
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.

CodeIntegrity:
===================================

Date: 2017-03-04 07:15:41.300
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\mbmiodrvr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-03-04 07:15:41.284
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\mbmiodrvr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-03-03 20:20:41.612
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\mbmiodrvr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-03-03 20:20:41.612
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\mbmiodrvr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-03-03 11:03:52.112
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\mbmiodrvr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-03-03 11:03:52.112
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\mbmiodrvr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-03-03 07:19:23.284
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\mbmiodrvr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-03-03 07:19:23.284
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\mbmiodrvr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F2 07/24/2009
Motherboard: Gigabyte Technology Co., Ltd. EP43T-UD3L
Processor: Intel(R) Core(TM)2 Quad CPU Q8400 @ 2.66GHz
Percentage of memory in use: 70%
Total physical RAM: 4094.49 MB
Available physical RAM: 1221.08 MB
Total Virtual: 8187.13 MB
Available Virtual: 5308.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:146.48 GB) (Free:46.01 GB) NTFS
Drive d: (DATA) (Fixed) (Total:465.76 GB) (Free:15.58 GB) NTFS
Drive e: () (Fixed) (Total:319.18 GB) (Free:182.59 GB) NTFS

\\?\Volume{830965a1-fb70-11e2-ae34-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5799F84A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=319.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=146.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 1DEB9552)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-10-2020
Ran by Patrik (administrator) on PATRIK-PC (Gigabyte Technology Co., Ltd. EP43T-UD3L) (03-10-2020 20:05:12)
Running from C:\Users\Patrik\Desktop
Loaded Profiles: Patrik
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Windows\system\HsMgr64.exe
() [File not signed] C:\Windows\SysWOW64\HsMgr.exe
(CANON INC. -> CANON INC.) C:\Program Files\Canon\Canon MF Network Scanner Selector\CMFNSS6.EXE
(CMedia) [File not signed] C:\Program Files\ASUS Xonar DX Audio\Customapp\AsusAudioCenter.exe
(DEVGURU CO LTD -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <9>
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <5>
(StarWind Software) [File not signed] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Cmaudio8788] => C:\Windows\Syswow64\cmicnfgp.dll [12935168 2012-11-20] (C-Media Corporation) [File not signed]
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] () [File not signed]
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] () [File not signed]
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [MFNetworkScannerSelector] => C:\Program Files\Canon\Canon MF Network Scanner Selector\CMFNSS6.EXE [425512 2015-01-22] (CANON INC. -> CANON INC.)
HKU\S-1-5-21-2554351195-1383382320-3813129507-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [90952568 2020-09-29] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2554351195-1383382320-3813129507-1001\...\Run: [Eye Saver] => "C:\Program Files (x86)\Eye Saver\Eye Saver.exe" --tray
HKU\S-1-5-21-2554351195-1383382320-3813129507-1001\...\MountPoints2: G - G:\autorun.exe
HKU\S-1-5-21-2554351195-1383382320-3813129507-1001\...\MountPoints2: J - J:\Setup.exe
HKLM\...\Windows x64\Print Processors\BJ Print Processor4: C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL [84992 2009-07-14] (Microsoft Windows -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MP190 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9I.DLL [27648 2008-02-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\BJ Language Monitor4: C:\Windows\system32\CNBLM4.DLL [267776 2009-07-14] (Microsoft Windows -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP190 series: C:\Windows\system32\CNMLM9I.DLL [279040 2008-02-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon MFNP Port: C:\Windows\system32\CNCENPM6.dll [153088 2016-06-06] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\Windows\system32\CNAS0MOK.DLL [1282048 2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-26] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1A5EB6C4-693D-4101-BC8B-6E967C23E641} - System32\Tasks\{FD30B421-84CB-4012-BD52-DD81A3FBFD99} => C:\Windows\system32\pcalua.exe -a E:\rbr\RBRRallySprint11Uninst.exe
Task: {227E1A91-3321-4CFE-AEAE-D2F999B730B3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647656 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2A9088B7-40EE-4BC4-BB1F-2B1787FC1362} - System32\Tasks\{449967F4-A3EC-47D7-8C7D-6F27AA6915C9} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxps://www.skype.com/go/downloading?source=lig ... stError=-9
Task: {3386430F-6CBD-40E5-A802-5044227C22C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {38F018D4-BF5E-44C4-9F08-D43C97EC409E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {3B75D3FD-F64F-49D3-BAE7-0756B2FB41C3} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {592F23E3-BBCC-4AB1-8748-BA92A533A60D} - System32\Tasks\{023804E5-C610-4171-A544-43D1B70BE3DF} => C:\Windows\system32\pcalua.exe -a E:\rbr\RBRMonteklandUninst.exe
Task: {5A63EDEB-1284-4C09-9869-1137BCE10B76} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5E570C57-A0C5-4901-9CD3-519CE4F594DB} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {69B6022F-69C7-47B4-8566-CA41E795FA2C} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {72455FFD-223F-4C29-AB53-8C65CFD6D986} - System32\Tasks\Opera scheduled assistant Autoupdate 1581250752 => C:\Users\Patrik\AppData\Local\Programs\Opera\launcher.exe [1335320 2020-09-15] (Opera Software AS -> Opera Software)
Task: {96B96375-F5D3-4869-9591-70ACF09D7F01} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9FF9E76F-6350-4C00-A6E2-2BC3CDE1A8BD} - System32\Tasks\{2AC4E642-6E8A-43C3-83B2-577E265F0FF2} => C:\Windows\system32\pcalua.exe -a C:\games\Jazz2\UnInst.exe -d C:\games\Jazz2
Task: {BEF88A3B-464F-491C-A9A8-5BD63873DEB5} - System32\Tasks\{C3FD29CD-3045-4D72-AF5E-A1BD6B887107} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxps://ui.skype.com/ui/0/7.33.0.104/cs/abandoninstall?page=tsInstall
Task: {D0D23DBC-C874-44D0-8B70-2098ED3DF682} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3292984 2020-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E18D606F-0439-44C9-96ED-EA5746DB50E3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E2F7FEC5-DE8A-4878-9E71-CDC56752128E} - System32\Tasks\Opera scheduled Autoupdate 1444913674 => C:\Users\Patrik\AppData\Local\Programs\Opera\launcher.exe [1335320 2020-09-15] (Opera Software AS -> Opera Software)
Task: {EA1382EF-B862-464A-BC29-1C5A0FA9DB4A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F190ADB5-24F3-4431-91D1-90CB8A02F6E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {F6A398EA-A39A-475E-82FA-4B5D2763AD34} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0B0BADF7-B0C1-4D22-8655-EB82F21582E8}: [DhcpNameServer] 192.168.0.1

Edge:
======
Edge Profile: C:\Users\Patrik\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-27]

FireFox:
========
FF DefaultProfile: a0ak9un9.default
FF ProfilePath: C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\a0ak9un9.default [2020-10-03]
FF DownloadDir: C:\Users\Patrik\Desktop
FF Homepage: Mozilla\Firefox\Profiles\a0ak9un9.default -> seznam.cz
FF NewTab: Mozilla\Firefox\Profiles\a0ak9un9.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10269__161118__yaff
FF Session Restore: Mozilla\Firefox\Profiles\a0ak9un9.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\a0ak9un9.default -> hxxp://us-mg6.mail.yahoo.com; hxxps://us-mg6.mail.yahoo.com; hxxps://www.lide.cz; hxxps://www.facebook.com; hxxps://www.amateri.com; hxxps://mail.yahoo.com; hxxps://tinder.com; hxxps://cz.xhamsterlive.com; hxxps://badoo.com
FF Extension: (No Name) - C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\a0ak9un9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-09-09]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC -> DivX, LLC.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default [2020-10-03]
CHR DownloadDir: C:\Users\Patrik\Desktop
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-29]
CHR Extension: (Dokumenty) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-29]
CHR Extension: (Disk Google) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-02]
CHR Extension: (YouTube) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-02]
CHR Extension: (Tabulky) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-27]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-09-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-23]
CHR Extension: (Gmail) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-28]
CHR Extension: (Chrome Media Router) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-07]

Opera:
=======
OPR Extension: (AdBlock) - C:\Users\Patrik\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-05-18]
StartMenuInternet: (HKLM) OperaStable - C:\Users\Patrik\AppData\Local\Programs\Opera\Launcher.exe

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft -> Alcohol Soft Development Team)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-12-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-08-01] (Even Balance, Inc. -> )
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2734080 2013-04-11] (C-MEDIA ELECTRONICS INC. -> C-Media Inc)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [110488 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36944 2014-03-04] (IObit Information Technology -> IObit)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2015-03-14] (Disc Soft Ltd -> Duplex Secure Ltd.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [206104 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 whfltr2k; C:\Windows\System32\DRIVERS\whfltr2k.sys [9600 2007-01-26] () [File not signed]
U3 adl921s0; C:\Windows\System32\Drivers\adl921s0.sys [0 0000-00-00] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 MBAMSwissArmy; \SystemRoot\System32\Drivers\mbamswissarmy.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-03 19:03 - 2020-10-03 19:03 - 000003495 _____ C:\Users\Patrik\Desktop\AdwCleaner[C00].txt
2020-10-03 18:56 - 2020-10-03 18:56 - 008414384 _____ (Malwarebytes) C:\Users\Patrik\Desktop\adwcleaner_8.0.7.exe
2020-10-03 18:21 - 2020-10-03 20:06 - 000019131 _____ C:\Users\Patrik\Desktop\FRST.txt
2020-10-03 18:21 - 2020-10-03 20:05 - 000000000 ____D C:\FRST
2020-10-03 18:20 - 2020-10-03 18:20 - 002299392 _____ (Farbar) C:\Users\Patrik\Desktop\FRST64.exe
2020-10-03 17:05 - 2020-10-03 17:05 - 000000000 ____D C:\Users\Patrik\Desktop\motherboard_bios_ga-ep43t-ud3l_f9
2020-10-03 17:02 - 2020-10-03 17:02 - 000966776 _____ (Akeo Consulting (hxxp://akeo.ie)) C:\Users\Patrik\Desktop\rufus-2.17p.exe
2020-10-03 16:40 - 2020-10-03 16:40 - 000658018 _____ (Igor Pavlov) C:\Users\Patrik\Desktop\motherboard_bios_ga-ep43t-ud3l_f9.exe
2020-10-03 13:18 - 2016-11-14 14:30 - 000082488 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-10-03 13:18 - 2016-11-14 14:30 - 000067520 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-10-03 13:18 - 2016-11-14 13:15 - 006789056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2020-10-03 13:18 - 2016-11-14 13:15 - 003528128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2020-10-03 13:18 - 2016-11-14 13:15 - 002558512 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2020-10-03 13:18 - 2016-11-14 13:15 - 000932728 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2020-10-03 13:18 - 2016-11-14 13:15 - 000384888 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2020-10-03 13:18 - 2016-11-14 13:15 - 000062328 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2020-10-03 13:18 - 2016-11-14 11:45 - 000615992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2020-10-03 13:18 - 2016-11-14 11:09 - 007513855 _____ C:\Windows\system32\nvcoproc.bin
2020-10-03 13:16 - 2016-11-14 14:30 - 031523384 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 024208440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 023000000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 017559384 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 015301056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 014497712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 013915720 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 013826968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 012905016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2020-10-03 13:16 - 2016-11-14 14:30 - 011270656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 011208312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 004253240 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 003995192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 003207824 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 002822568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 001908272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434201.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 001557552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434201.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 000951232 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 000913856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 000909760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2020-10-03 13:16 - 2016-11-14 14:30 - 000876480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2020-10-03 12:57 - 2020-10-03 12:57 - 000004146 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 12:57 - 2020-10-03 12:57 - 000003940 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 12:57 - 2020-10-03 12:57 - 000003798 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 12:57 - 2020-10-03 12:57 - 000003790 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 12:57 - 2020-10-03 12:57 - 000003738 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 12:57 - 2020-10-03 12:57 - 000003704 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 12:57 - 2020-10-03 12:57 - 000003704 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 12:57 - 2020-10-03 12:57 - 000003704 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 12:57 - 2020-10-03 12:57 - 000003704 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 12:57 - 2020-10-03 12:57 - 000001374 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2020-10-03 12:57 - 2020-10-03 12:57 - 000001374 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2020-10-03 12:57 - 2020-10-03 12:57 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_NvModuleTracker_01011.Wdf
2020-10-03 12:57 - 2020-10-03 12:57 - 000000000 ____D C:\Users\Patrik\AppData\Local\NVIDIA
2020-10-03 12:57 - 2020-06-23 16:20 - 002754024 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2020-10-03 12:57 - 2020-06-23 16:20 - 002122216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2020-10-03 12:57 - 2020-06-23 16:20 - 001295848 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2020-10-03 12:57 - 2020-05-07 20:01 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2020-10-03 12:56 - 2020-10-03 12:56 - 000003494 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-10-03 12:56 - 2020-05-29 07:34 - 000169968 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2020-10-03 12:56 - 2020-05-29 07:34 - 000145904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2020-10-03 12:54 - 2020-03-11 21:26 - 000067456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2020-10-03 12:54 - 2020-03-06 12:03 - 000069840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2020-10-03 12:54 - 2020-03-04 14:54 - 001804784 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2020-10-03 12:54 - 2020-03-04 14:54 - 000050592 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\NvModuleTracker.sys
2020-10-02 21:03 - 2020-10-02 21:01 - 033075020 ____N C:\Users\Patrik\Desktop\YouCut_20201002_210100871.mp4
2020-10-02 20:57 - 2020-10-01 18:38 - 685449603 ____N C:\Users\Patrik\Desktop\FILE201001-183310F.MP4
2020-09-28 21:49 - 2020-09-28 21:49 - 000001034 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-09-28 21:49 - 2020-09-28 21:49 - 000001034 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2020-09-28 21:49 - 2020-09-28 21:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-09-28 18:47 - 2020-09-28 20:33 - 000191448 _____ C:\Windows\ntbtlog.txt
2020-09-27 16:16 - 2020-09-27 16:23 - 000000000 ____D C:\Users\Patrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2020-09-27 16:12 - 2020-09-27 16:14 - 000000000 ____D C:\ICQ
2020-09-27 16:11 - 2020-09-27 16:11 - 000000000 ____D C:\Users\Patrik\AppData\Roaming\QIP
2020-09-27 14:03 - 2020-01-30 04:30 - 000834560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-09-27 14:03 - 2020-01-30 04:23 - 001010688 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-09-27 13:41 - 2020-09-27 13:41 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-09-27 13:41 - 2020-09-27 13:41 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-09-27 13:41 - 2020-09-27 13:41 - 000002221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-19 20:30 - 2020-10-03 11:38 - 000000000 ____D C:\ProgramData\Eye Saver
2020-09-19 20:30 - 2020-09-19 20:44 - 000000000 ____D C:\Users\Patrik\AppData\Local\Eye_Saver
2020-09-09 15:11 - 2020-09-09 15:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiVue
2020-09-09 15:06 - 2020-09-09 15:11 - 000002165 _____ C:\Users\Public\Desktop\MiVue Manager.lnk
2020-09-09 15:06 - 2020-09-09 15:11 - 000002165 _____ C:\ProgramData\Desktop\MiVue Manager.lnk
2020-09-09 15:06 - 2020-09-09 15:11 - 000000000 ____D C:\Program Files (x86)\Mio Technology
2020-09-07 12:27 - 2020-09-07 12:27 - 000344605 _____ C:\Users\Patrik\Downloads\J_Steinbeck_O_mysich_a_lidech.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-03 19:09 - 2009-07-14 06:45 - 000031584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-10-03 19:09 - 2009-07-14 06:45 - 000031584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-10-03 19:02 - 2013-08-02 15:16 - 000000000 ____D C:\ProgramData\NVIDIA
2020-10-03 19:00 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-10-03 18:57 - 2016-10-21 23:28 - 000000000 ____D C:\AdwCleaner
2020-10-03 18:56 - 2016-11-18 14:25 - 000000000 ____D C:\Users\Patrik\AppData\LocalLow\Mozilla
2020-10-03 18:01 - 2013-08-02 15:00 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-10-03 18:01 - 2013-08-02 15:00 - 000000000 ____D C:\Windows\system32\Macromed
2020-10-03 17:57 - 2014-01-27 23:46 - 000000000 ____D C:\Users\Patrik\AppData\Roaming\vlc
2020-10-03 17:09 - 2009-07-14 17:18 - 000668866 _____ C:\Windows\system32\perfh005.dat
2020-10-03 17:09 - 2009-07-14 17:18 - 000141526 _____ C:\Windows\system32\perfc005.dat
2020-10-03 17:09 - 2009-07-14 07:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2020-10-03 17:09 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-10-03 17:05 - 2017-09-08 08:40 - 000000552 __RSH C:\ProgramData\ntuser.pol
2020-10-03 16:53 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2020-10-03 13:27 - 2013-11-20 01:27 - 000000000 ____D C:\Users\Patrik\AppData\Local\NVIDIA Corporation
2020-10-03 13:20 - 2016-11-18 14:25 - 000000000 ____D C:\Users\Patrik\AppData\Local\CrashDumps
2020-10-03 13:19 - 2013-08-02 15:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2020-10-03 13:18 - 2013-08-02 15:11 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-10-03 13:18 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\Help
2020-10-03 13:13 - 2013-08-02 15:16 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-10-03 12:57 - 2013-08-02 15:16 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-10-03 12:56 - 2015-05-30 22:43 - 000000000 ____D C:\ProgramData\Package Cache
2020-10-03 11:38 - 2019-10-06 17:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-09-29 17:49 - 2020-02-09 14:19 - 000004116 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1581250752
2020-09-28 22:10 - 2014-05-04 21:46 - 000002562 _____ C:\Windows\diagwrn.xml
2020-09-28 22:10 - 2014-05-04 21:46 - 000001908 _____ C:\Windows\diagerr.xml
2020-09-28 21:49 - 2015-05-16 16:57 - 000000000 ____D C:\Program Files\VS Revo Group
2020-09-28 21:14 - 2016-09-25 12:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-09-28 21:05 - 2009-07-14 07:08 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-09-27 16:17 - 2013-08-06 14:02 - 000000000 ____D C:\Program Files (x86)\QIP
2020-09-27 13:40 - 2016-11-18 12:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-09-27 13:34 - 2019-10-06 15:51 - 000000000 ____D C:\Windows\system32\MRT
2020-09-27 13:28 - 2019-10-06 15:51 - 129170736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-09-27 10:45 - 2013-08-02 14:56 - 000000000 ____D C:\ProgramData\Mozilla
2020-09-26 14:58 - 2014-10-10 21:57 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-26 14:58 - 2014-10-10 21:57 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-26 14:58 - 2014-10-10 21:57 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-18 17:02 - 2015-10-15 14:54 - 000003880 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1444913674
2020-09-12 11:30 - 2016-02-23 10:32 - 000000890 _____ C:\Users\Patrik\Desktop\objednávka.txt
2020-09-09 15:06 - 2013-08-02 16:47 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

==================== Files in the root of some directories ========

2019-02-10 12:33 - 2019-02-10 12:34 - 000002953 _____ () C:\Users\Patrik\AppData\Roaming\downloads.json

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-09-26 16:19
==================== End of FRST.txt ========================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-2554351195-1383382320-3813129507-1001\...\MountPoints2: G - G:\autorun.exe
HKU\S-1-5-21-2554351195-1383382320-3813129507-1001\...\MountPoints2: J - J:\Setup.exe
GroupPolicy: Restriction ? <==== ATTENTION
Task: {3386430F-6CBD-40E5-A802-5044227C22C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {592F23E3-BBCC-4AB1-8748-BA92A533A60D} - System32\Tasks\{023804E5-C610-4171-A544-43D1B70BE3DF} => C:\Windows\system32\pcalua.exe -a E:\rbr\RBRMonteklandUninst.exe
Task: {9FF9E76F-6350-4C00-A6E2-2BC3CDE1A8BD} - System32\Tasks\{2AC4E642-6E8A-43C3-83B2-577E265F0FF2} => C:\Windows\system32\pcalua.exe -a C:\games\Jazz2\UnInst.exe -d C:\games\Jazz2
Task: {F190ADB5-24F3-4431-91D1-90CB8A02F6E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
U3 adl921s0; C:\Windows\System32\Drivers\adl921s0.sys [0 0000-00-00] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
AlternateDataStreams: C:\Users\Patrik\Dropbox:user.myxattr [0]
SearchScopes: HKLM-x32 -> DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL =
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 03-10-2020
Ran by Patrik (03-10-2020 21:16:06) Run:1
Running from C:\Users\Patrik\Desktop
Loaded Profiles: Patrik
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-2554351195-1383382320-3813129507-1001\...\MountPoints2: G - G:\autorun.exe
HKU\S-1-5-21-2554351195-1383382320-3813129507-1001\...\MountPoints2: J - J:\Setup.exe
GroupPolicy: Restriction ? <==== ATTENTION
Task: {3386430F-6CBD-40E5-A802-5044227C22C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {592F23E3-BBCC-4AB1-8748-BA92A533A60D} - System32\Tasks\{023804E5-C610-4171-A544-43D1B70BE3DF} => C:\Windows\system32\pcalua.exe -a E:\rbr\RBRMonteklandUninst.exe
Task: {9FF9E76F-6350-4C00-A6E2-2BC3CDE1A8BD} - System32\Tasks\{2AC4E642-6E8A-43C3-83B2-577E265F0FF2} => C:\Windows\system32\pcalua.exe -a C:\games\Jazz2\UnInst.exe -d C:\games\Jazz2
Task: {F190ADB5-24F3-4431-91D1-90CB8A02F6E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
U3 adl921s0; C:\Windows\System32\Drivers\adl921s0.sys [0 0000-00-00] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
AlternateDataStreams: C:\Users\Patrik\Dropbox:user.myxattr [0]
SearchScopes: HKLM-x32 -> DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL =
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-2554351195-1383382320-3813129507-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G => removed successfully
HKU\S-1-5-21-2554351195-1383382320-3813129507-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3386430F-6CBD-40E5-A802-5044227C22C5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3386430F-6CBD-40E5-A802-5044227C22C5}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{592F23E3-BBCC-4AB1-8748-BA92A533A60D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{592F23E3-BBCC-4AB1-8748-BA92A533A60D}" => removed successfully
C:\Windows\System32\Tasks\{023804E5-C610-4171-A544-43D1B70BE3DF} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{023804E5-C610-4171-A544-43D1B70BE3DF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9FF9E76F-6350-4C00-A6E2-2BC3CDE1A8BD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FF9E76F-6350-4C00-A6E2-2BC3CDE1A8BD}" => removed successfully
C:\Windows\System32\Tasks\{2AC4E642-6E8A-43C3-83B2-577E265F0FF2} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2AC4E642-6E8A-43C3-83B2-577E265F0FF2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F190ADB5-24F3-4431-91D1-90CB8A02F6E7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F190ADB5-24F3-4431-91D1-90CB8A02F6E7}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\System\CurrentControlSet\Services\adl921s0 => removed successfully
adl921s0 => service removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\AIMP => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\AIMP => removed successfully
C:\Users\Patrik\Dropbox => ":user.myxattr" ADS could not remove.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\Software\Classes\PROTOCOLS\Handler\skype4com => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 130203015 B
Java, Flash, Steam htmlcache => 12767495 B
Windows/system/drivers => 1291477331 B
Edge => 0 B
Chrome => 97551249 B
Firefox => 1273202245 B
Opera => 238072593 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 66228 B
ProgramData => 66228 B
systemprofile => 60304233 B
systemprofile32 => 68886304 B
LocalService => 69018548 B
NetworkService => 69184244 B
Patrik => 2082254326 B
UpdatusUser => 2082254326 B

RecycleBin => 79662 B
EmptyTemp: => 7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:18:04 ====

Smazáno. Nastala nějaká změna?

Nenastala.

Zkuste opravu startu: http://www.servispckupka.cz/jak_opravit ... ystemu.php .

Tak už to běží jak má. Mockrat dekuju. V pripade, ze je tedy pc cisty, muzete lock.

PC byl vyčištěn od zbytečností, malware tam nebyl. Nemáte zač a zamykám.