Bohužel tu bojuju s windows defenderem. Firewall i defender je vypnutý ale jakmile spustím FRST stejně ho defender nepustí. Když jsem v nastavení defenderu > řízení aplikací a prohlížečů a kliknu u všech záložek na vypnuto a zavřu > nastavení se neuloží a stále je aktuální "blokovat". Zkoušel jsem i jednotlivě povolit jenom FRST ze všech aplikací a pořád nejde

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2019 02
Ran by Tomas (13-10-2019 22:43:35)
Running from C:\Users\Tomas\Desktop
Windows 10 Home Version 1803 17134.285 (X64) (2018-05-17 12:01:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-526796258-3125621912-3622189555-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-526796258-3125621912-3622189555-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-526796258-3125621912-3622189555-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-526796258-3125621912-3622189555-501 - Limited - Disabled)
Tomas (S-1-5-21-526796258-3125621912-3622189555-1001 - Administrator - Enabled) => C:\Users\Tomas
WDAGUtilityAccount (S-1-5-21-526796258-3125621912-3622189555-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.270 - Adobe)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.01.26 - ASUSTeK Computer Inc.)
Aktualizace NVIDIA 38.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.1.0 - NVIDIA Corporation) Hidden
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology)
BitLord 2.2 (HKLM-x32\...\BitLord) (Version: 2.2.1-151 - House of Life)
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Call of Duty(R) 2 Patch 1.3 (HKLM-x32\...\{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}) (Version: 1.3 - ) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
Command & Conquer The First Decade (HKLM-x32\...\{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}) (Version: 1.00.0000 - Electronic Arts)
Control version final (HKLM-x32\...\Control_is1) (Version: final - The)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
EAX Unified (HKLM-x32\...\EAX Unified) (Version: - )
Epic Games Launcher (HKLM-x32\...\{D442B219-3EBE-4EE2-88F9-5A31DF331CB1}) (Version: 1.1.144.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Far Cry 5 (HKLM\...\Far Cry 5_is1) (Version: 1.4 - )
Firewatch (HKLM-x32\...\Firewatch_is1) (Version: - )
FiveM (HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\CitizenFX_FiveM) (Version: - The CitizenFX Collective)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
Half-Life 2 (Addon) DZ (HKLM-x32\...\{BCAF3D46-3BDA-441F-97B9-3878ACD0CD4F}_is1) (Version: - )
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.91 - Riot Games, Inc.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.0.3.300 - )
Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4463 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
JetBrains PyCharm Community Edition 2018.3.5 (HKLM-x32\...\PyCharm Community Edition 2018.3.5) (Version: 183.5912.18 - JetBrains s.r.o.)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.15 - PandoraTV)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Macrium Reflect Free Edition (HKLM\...\{911949A6-66E6-4C52-8264-CEA4DF6A5A83}) (Version: 6.3.1665 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 6.3 - Paramount Software (UK) Ltd.)
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
ManyCam 6.0.1 (HKLM-x32\...\ManyCam) (Version: 6.0.1 - Visicom Media Inc.)
Mass Effect™: Andromeda (HKLM-x32\...\{72BBCA87-9350-48BC-9E2F-6DBC1E80C993}) (Version: 1.0.0.4 - Electronic Arts)
Max Payne 3 (HKLM-x32\...\Max Payne 3_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27033 (HKLM-x32\...\{cc3a7c63-31fb-4129-9024-63ebefd86a95}) (Version: 14.16.27033.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27033 (HKLM-x32\...\{624ba875-fdfc-4efa-9c66-b170dfebc3ec}) (Version: 14.16.27033.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
NBA Live 2003 (HKLM-x32\...\{9F60FF4E-725D-4B28-0094-FDADF5E73647}) (Version: - )
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 436.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 436.48 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 63.0.3368.107 (HKLM-x32\...\Opera 63.0.3368.107) (Version: 63.0.3368.107 - Opera Software)
Ovládací panel NVIDIA 436.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 436.48 - NVIDIA Corporation) Hidden
PhotoFiltre 7 (HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\PhotoFiltre 7) (Version: - )
Portal 2 (HKLM-x32\...\Postal 2_is1) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Python 3.6.8 (64-bit) (HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\{1aa5398d-0cf8-49e6-adb0-86365145c01c}) (Version: 3.6.8150.0 - Python Software Foundation)
Python 3.6.8 Core Interpreter (64-bit) (HKLM\...\{290348F2-D9D3-470E-9858-22F0F74E3623}) (Version: 3.6.8150.0 - Python Software Foundation) Hidden
Python 3.6.8 Development Libraries (64-bit) (HKLM\...\{A43B98B0-5A92-4EBA-929D-FE0A840CD97A}) (Version: 3.6.8150.0 - Python Software Foundation) Hidden
Python 3.6.8 Documentation (64-bit) (HKLM\...\{73EE519A-D901-4844-8E8F-C635705A2414}) (Version: 3.6.8150.0 - Python Software Foundation) Hidden
Python 3.6.8 Executables (64-bit) (HKLM\...\{E1155302-B578-4D8C-8431-FAE677FBC58C}) (Version: 3.6.8150.0 - Python Software Foundation) Hidden
Python 3.6.8 pip Bootstrap (64-bit) (HKLM\...\{C48DD541-2669-499A-B7AB-EC0504307601}) (Version: 3.6.8150.0 - Python Software Foundation) Hidden
Python 3.6.8 Standard Library (64-bit) (HKLM\...\{4BFF1147-97F2-432E-AD26-2224B609957C}) (Version: 3.6.8150.0 - Python Software Foundation) Hidden
Python 3.6.8 Tcl/Tk Support (64-bit) (HKLM\...\{EBD78311-1837-4432-94EE-5A5E5E206888}) (Version: 3.6.8150.0 - Python Software Foundation) Hidden
Python 3.6.8 Test Suite (64-bit) (HKLM\...\{315736CC-5A10-4E28-AE50-78BD74EF0346}) (Version: 3.6.8150.0 - Python Software Foundation) Hidden
Python 3.6.8 Utility Scripts (64-bit) (HKLM\...\{1F5F06E6-A6C0-482E-8FEB-681DE2059228}) (Version: 3.6.8150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{3187A5F8-59A0-4587-885C-7748FF5D1F13}) (Version: 3.6.6565.0 - Python Software Foundation)
Race Driver GRID (HKLM-x32\...\{70BC658C-C358-416D-B301-15433F33BD56}) (Version: 1.30 - Íîâűé Äčńę)
Race Driver Grid (HKLM-x32\...\Race Driver Grid_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Spotify (HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
Star Wars™: The Force Unleashed™ (HKLM-x32\...\1189268228_is1) (Version: 1.2 - GOG.com)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\TeamSpeak 3 Client) (Version: 3.2.5 - TeamSpeak Systems GmbH)
The Witcher 3 - Wild Hunt (HKLM-x32\...\The Witcher 3 - Wild Hunt_is1) (Version: - )
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.22.0.0 - GOG.com)
The Witcher 3: Wild Hunt - O víně a krvi (HKLM-x32\...\Blood and Wine_is1) (Version: 1.21.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Srdce z kamene (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.21.0.0 - GOG.com)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.52a - Ghisler Software GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 30.0 - Ubisoft)
WATCH_DOGS2 (HKLM-x32\...\Uplay Install 2688) (Version: - Ubisoft)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
XTUPackage (HKLM-x32\...\{84D11A20-6E7F-4FBB-A2FB-117FCF871040}) (Version: 1.0.0 - ASUSTeK COMPUTER INC.)
XVM verze 8.0.0 (HKLM-x32\...\{2865cd27-6b8b-4413-8272-cd968f316050}_is1) (Version: 8.0.0 - XVM team)
Zemana AntiMalware verze 3.1.395 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.395 - Zemana)

Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.123.200.0_x86__kgqvnymyfvs32 [2018-09-20] (king.com)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_171.1882.47562.0_x86__8xx8rvfyw5nnt [2018-09-12] (Facebook Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2018-09-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x86__8wekyb3d8bbwe [2018-09-07] (Microsoft Corporation) [MS Ad]
Microsoft Lidé -> C:\Program Files\WindowsApps\Microsoft.People_10.1807.2131.1000_x64__8wekyb3d8bbwe [2018-09-09] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.2.8172.0_x86__8wekyb3d8bbwe [2018-08-28] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.27.2643.0_x64__8wekyb3d8bbwe [2018-09-29] (Microsoft Corporation) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.6.100.0_x64__8wekyb3d8bbwe [2018-09-18] (Microsoft Studios)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.26.12153.0_x64__8wekyb3d8bbwe [2018-08-15] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.80.322.0_x64__mcm4njqhnhss8 [2018-09-27] (Netflix, Inc.)
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10827.20110.0_x64__8wekyb3d8bbwe [2018-09-29] (Microsoft Corporation) [MS Ad]
Royal Revolt 2 -> C:\Program Files\WindowsApps\flaregamesGmbH.RoyalRevolt2_4.2.0.0_x86__g0q0z3kw54rap [2018-09-29] (flaregames GmbH)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-08-27] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2015-10-12] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2015-10-12] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxDTCM.dll -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-08-27] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-12-21 20:52 - 2015-05-08 08:26 - 000662016 ____R () [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2016-12-21 20:53 - 2015-02-09 18:53 - 000872960 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll
2016-12-21 20:52 - 2015-06-03 17:17 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2016-12-21 20:54 - 2015-08-26 08:34 - 000507392 ____R () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\AsKeyboardFocusHooker.dll
2016-12-21 20:54 - 2015-08-20 13:41 - 000236544 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4cTDPAction.dll
2016-12-21 20:54 - 2015-08-20 13:41 - 000712192 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2016-12-21 20:54 - 2015-08-20 13:41 - 000863744 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2016-12-21 20:54 - 2015-08-20 13:41 - 000803840 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2016-12-21 20:54 - 2015-08-20 13:41 - 000815104 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2016-12-21 20:54 - 2015-08-20 13:41 - 000091648 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2016-12-21 20:53 - 2015-05-21 23:57 - 001141248 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2016-12-21 20:53 - 2015-09-10 17:06 - 000237568 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2016-12-21 20:53 - 2014-02-24 18:49 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2016-12-21 20:53 - 2015-06-26 14:50 - 000906240 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\LED Control\LEDControl.dll
2016-12-21 20:52 - 2015-06-03 17:17 - 000091648 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2016-12-21 20:53 - 2015-08-28 14:48 - 001345024 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Mobo Connect\MoboConnect.dll
2016-12-21 20:55 - 2013-11-20 11:10 - 000662016 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll
2016-12-21 20:55 - 2013-07-02 11:40 - 000253952 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll
2016-12-21 20:52 - 2015-05-08 08:26 - 000104448 ____R () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2016-12-21 20:54 - 2015-08-20 06:41 - 000053248 ____R () [File not signed] C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2016-12-21 20:54 - 2015-08-20 06:41 - 000278528 ____R () [File not signed] C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2016-12-21 20:52 - 2015-06-03 17:17 - 002109952 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\log4cxx.dll
2016-12-21 20:52 - 2015-05-08 08:26 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.22\ASACPI.DLL
2016-12-21 20:52 - 2015-06-03 17:17 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\ASACPI.DLL
2016-12-21 20:54 - 2015-08-20 13:41 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpi.dll
2016-12-21 20:54 - 2015-08-20 06:41 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.28\AsAcpi.dll
2016-12-21 20:52 - 2019-10-13 21:43 - 000034088 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2016-12-21 20:52 - 2015-05-08 08:26 - 000677376 ____R (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.22\asacpiEx.dll
2016-12-21 20:52 - 2015-06-03 17:17 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\asacpiEx.dll
2016-12-21 20:52 - 2015-06-03 17:17 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll
2016-12-21 20:54 - 2015-08-20 13:41 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\asacpiex.dll
2016-12-21 20:54 - 2015-08-20 13:41 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\AsMultiLang.dll
2016-12-21 20:54 - 2015-08-20 13:41 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpiex.dll
2016-12-21 20:53 - 2015-08-28 14:48 - 000110592 _____ (ASUSTek Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Mobo Connect\AndroidOpenAccessory.dll
2016-12-21 20:55 - 2013-11-20 11:10 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\AsMultiLang.dll
2016-12-21 20:55 - 2014-07-25 16:46 - 001328128 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotice.dll
2016-12-21 20:55 - 2015-06-19 00:46 - 001087488 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\System Information\SystemInfo.dll
2016-12-21 20:55 - 2010-03-08 18:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\AsMultiLang.dll
2016-12-21 20:55 - 2015-03-12 15:48 - 000901120 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\Express.dll
2016-12-21 20:54 - 2015-08-20 06:41 - 000676864 ____R (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.28\asacpiEx.dll
2016-12-21 20:54 - 2015-08-20 06:41 - 000102400 ____R (ASUSTek Computer Inc.,) [File not signed] C:\Program Files (x86)\ASUS\VGA COM\1.00.20\EIO.DLL
2016-12-21 21:14 - 2016-10-04 16:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2016-07-30 10:05 - 2016-07-30 10:05 - 003661784 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2016-07-30 10:05 - 2016-07-30 10:05 - 000289240 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\System32\StartMenuHelper64.dll
2016-12-21 20:54 - 2015-08-20 06:41 - 000927744 ____R (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\VGA COM\1.00.20\AsusGpuTweak.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
AlternateDataStreams: C:\Users\Tomas\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Tomas\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2019-10-13 17:50 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKCU\Environment\\Path -> C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\Tomas\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\Control Panel\Desktop\\Wallpaper -> c:\users\tomas\downloads\heaven_come_true.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\StartupApproved\Run: => "ManyCam"
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{B8FD7CAB-7DEA-471C-BFA3-F8FDEF3C7E06}D:\games\race driver grid\grid.exe] => (Allow) D:\games\race driver grid\grid.exe (Codemasters) [File not signed]
FirewallRules: [TCP Query User{E2FCBCFB-5D8A-4DE3-A676-498CB335C21B}D:\games\race driver grid\grid.exe] => (Allow) D:\games\race driver grid\grid.exe (Codemasters) [File not signed]
FirewallRules: [UDP Query User{EAA5F4D1-84CA-48C8-BBA1-10A1B21FF425}D:\games\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\games\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{521B0393-5D85-47C3-994C-32441EB9D6B6}D:\games\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\games\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{9560AB36-EB94-41B4-A158-374851A7E5E3}D:\games\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\games\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{2ED75FAF-5617-498E-B5C0-063250E31785}D:\games\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\games\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{952BACD2-D49D-4028-A8E3-7F0471F85513}D:\games\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\games\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{C82CCDED-434E-4D77-93B8-1380D0A757BB}D:\games\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\games\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{FF9DCB8D-8FED-4578-9C43-BB2AF742559B}] => (Allow) D:\Programy\steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{4E874CD0-5886-421E-BF38-BC5C6204CF68}] => (Allow) D:\Programy\steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [UDP Query User{8B6823A5-B905-45EE-AF46-A01E0E361C62}D:\games\firewatch\firewatch.exe] => (Allow) D:\games\firewatch\firewatch.exe () [File not signed]
FirewallRules: [TCP Query User{4F143D90-EC7C-42C2-B2A3-66031D7A4891}D:\games\firewatch\firewatch.exe] => (Allow) D:\games\firewatch\firewatch.exe () [File not signed]
FirewallRules: [{776351AB-3315-4B8E-BD3E-DF0B95DBA84F}] => (Allow) D:\Games\mass efect\MassEffectAndromeda.exe (Electronic Arts - BioWare) [File not signed]
FirewallRules: [{90CDE572-0D2D-4F59-B476-D004EB18A6F6}] => (Allow) D:\Games\mass efect\MassEffectAndromeda.exe (Electronic Arts - BioWare) [File not signed]
FirewallRules: [{8289296B-1EF9-4F16-A6F2-305BF63C14CC}] => (Allow) D:\Games\mass efect\MassEffectAndromedaTrial.exe (Electronic Arts - BioWare) [File not signed]
FirewallRules: [{3ECC6096-7327-4861-9E7A-A993AA4FDECC}] => (Allow) D:\Games\mass efect\MassEffectAndromedaTrial.exe (Electronic Arts - BioWare) [File not signed]
FirewallRules: [{7E61731A-6FE1-4342-8549-166DAD4D7710}] => (Allow) D:\Games\WATCH_DOGS2\EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{FAE41E16-3DDA-4F38-B68E-778E48C28873}] => (Allow) D:\Games\WATCH_DOGS2\EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{92B65A90-E82D-42A4-B630-DADD55340302}] => (Allow) D:\Games\WATCH_DOGS2\bin\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [{80C523AF-2C3F-4FA0-A3B5-4A82440DFCF1}] => (Allow) D:\Games\WATCH_DOGS2\bin\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{F6F9E183-44C7-464F-99EC-0E2DF53C9FC3}D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [TCP Query User{FB4431CF-D654-44A2-A00B-05A783C6000A}D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\programy\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{96D434C1-6BF2-40B2-B1A7-A1F715606B65}D:\games\wot\worldoftanks.exe] => (Allow) D:\games\wot\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{742FCE48-F9F6-4B5A-B692-D3400DE1ABD4}D:\games\wot\worldoftanks.exe] => (Allow) D:\games\wot\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{87F7BA52-6524-4E63-BC86-0DDA8F0B2CA6}D:\games\wot\wotlauncher.exe] => (Allow) D:\games\wot\wotlauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{535098DC-CE48-4F4E-A595-1436763CA0A8}D:\games\wot\wotlauncher.exe] => (Allow) D:\games\wot\wotlauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{5D878DEE-A459-4C58-BED3-11CED603B9A1}] => (Allow) D:\Programy\steam\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{38003B14-A8CF-40C8-B052-8C42A7D58D0F}] => (Allow) D:\Programy\steam\steamapps\common\The Forest\TheForest.exe () [File not signed]
FirewallRules: [{03D70769-1FE6-4F04-8B0D-A0D3BCE86035}] => (Allow) D:\Programy\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F571CBB3-D4A6-4AF6-BDDF-ED6655D48FE1}] => (Allow) D:\Programy\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{85FDE526-5339-4714-BDB6-19DEBF0B1A0C}C:\users\tomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tomas\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{0F0209C6-D719-4F65-94D6-C5427C8495E0}C:\users\tomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tomas\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3040E7FF-7BD8-4168-AA72-4AC5B7E6CB0C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7C9A448D-B106-4490-8D97-CEBD8FDF8F4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C742EF2C-90A6-4777-8D12-57EB19A97BBD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{42C57655-22A2-4EBF-A779-AB4317CD9A8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{A00DC14D-9B1E-4C87-A94A-41D422E1DF16}D:\games\call of duty 2\cod2mp_s.exe] => (Allow) D:\games\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{7679AF45-80B2-401B-B24B-A1345016F32E}D:\games\call of duty 2\cod2mp_s.exe] => (Allow) D:\games\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [TCP Query User{E08FB859-3846-444E-81B8-0D96A8B42BBA}D:\games\lanka\flatout2 lanverze\flatout2\flatout2.exe] => (Allow) D:\games\lanka\flatout2 lanverze\flatout2\flatout2.exe No File
FirewallRules: [UDP Query User{60BD1819-064A-4FC3-85DB-8AE33B177E89}D:\games\lanka\flatout2 lanverze\flatout2\flatout2.exe] => (Allow) D:\games\lanka\flatout2 lanverze\flatout2\flatout2.exe No File
FirewallRules: [TCP Query User{87AA574A-C5B6-4452-9D5D-8776161056DB}D:\games\lanka\warcraft 3\w3 by ferren de' lay\war3.exe] => (Allow) D:\games\lanka\warcraft 3\w3 by ferren de' lay\war3.exe No File
FirewallRules: [UDP Query User{BC7DCF9F-C552-41B8-AFE8-A16AC2CF7A91}D:\games\lanka\warcraft 3\w3 by ferren de' lay\war3.exe] => (Allow) D:\games\lanka\warcraft 3\w3 by ferren de' lay\war3.exe No File
FirewallRules: [TCP Query User{0800F232-190C-41C5-9F8E-36632A2CC228}D:\games\lanka\nová složka\dungeon.defenders.v8.2.1.incl.all.dlc\binaries\win32\dundefgame.exe] => (Allow) D:\games\lanka\nová složka\dungeon.defenders.v8.2.1.incl.all.dlc\binaries\win32\dundefgame.exe No File
FirewallRules: [UDP Query User{7B680B36-DAE0-4840-87CC-96F3B5899A89}D:\games\lanka\nová složka\dungeon.defenders.v8.2.1.incl.all.dlc\binaries\win32\dundefgame.exe] => (Allow) D:\games\lanka\nová složka\dungeon.defenders.v8.2.1.incl.all.dlc\binaries\win32\dundefgame.exe No File
FirewallRules: [{CB789235-46DD-4BDF-B0CE-A4377ADA5E15}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{DED35CD8-DDDE-49C8-8A86-B79853F0BAD7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{B6403615-39D3-4EC1-8C60-252027CD1C3C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{90C92909-BB47-49EB-9BC3-4890589C505C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{D50D6D4A-E53C-4BE3-8D57-316C39140F1E}D:\games\lanka\q3 nosteam\quake iii arena\quake3.exe] => (Allow) D:\games\lanka\q3 nosteam\quake iii arena\quake3.exe No File
FirewallRules: [UDP Query User{CF9F1EB0-6361-4BC8-B67E-BF4DEFB8D3A6}D:\games\lanka\q3 nosteam\quake iii arena\quake3.exe] => (Allow) D:\games\lanka\q3 nosteam\quake iii arena\quake3.exe No File
FirewallRules: [TCP Query User{262BD4AA-9DF6-45D4-8632-5DABC15EA500}D:\games\starcraft ii\versions\base59587\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base59587\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{F8BF6164-1D13-4DFD-9DD3-2D5EB4C3DE72}D:\games\starcraft ii\versions\base59587\sc2_x64.exe] => (Allow) D:\games\starcraft ii\versions\base59587\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{7A24005A-41F3-452B-81C1-FF26DD004F75}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1126EE08-EEF1-42F4-8FB0-776E50A4D66B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3D3A8872-65DB-4C7C-96CF-FC2F463B4816}] => (Allow) D:\Programy\steam\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [{3409A84E-40A2-4585-8E5A-A83AC7E2FA50}] => (Allow) D:\Programy\steam\steamapps\common\The Forest\TheForestVR.exe () [File not signed]
FirewallRules: [TCP Query User{558A92E0-B7B6-4E0E-B426-07B661177DF7}D:\games\max payne 3\maxpayne3.exe] => (Allow) D:\games\max payne 3\maxpayne3.exe (Rockstar Games) [File not signed]
FirewallRules: [UDP Query User{8C2E443D-7EC9-4895-8D47-CF9A2533CA33}D:\games\max payne 3\maxpayne3.exe] => (Allow) D:\games\max payne 3\maxpayne3.exe (Rockstar Games) [File not signed]
FirewallRules: [{624C41BE-D514-4DF7-8B4E-40AB380083CA}] => (Allow) D:\Programy\steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{D5C26AB0-C6E4-4DD9-A2FC-A56334C26FB8}] => (Allow) D:\Programy\steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{0C539DD1-1597-4ADE-B927-4FD9A367B13E}] => (Allow) D:\Programy\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A7CDF41D-54ED-486F-B0B6-BB3E7941ECA7}] => (Allow) D:\Programy\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{A3490F2C-3C11-4B2B-BBA8-D92AFC8CA0CD}D:\games\portal 2\portal2.exe] => (Allow) D:\games\portal 2\portal2.exe () [File not signed]
FirewallRules: [UDP Query User{0E7C6A40-A6FD-461F-98A1-5EFD67E88C11}D:\games\portal 2\portal2.exe] => (Allow) D:\games\portal 2\portal2.exe () [File not signed]
FirewallRules: [{2CC2C600-49FD-4115-A4B1-F8EC3933BB08}] => (Allow) D:\Programy\steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{1D5B6C1B-ECF9-4F82-BD1A-4F0EA55F60E0}] => (Allow) D:\Programy\steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{5B08D658-3F28-4BD3-A223-9D294692FACD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E4DD8E68-20F1-42F0-B1DB-C143BCB2F88B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{74545885-E622-4EA3-B41D-38251D633936}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6A4F17CF-0F89-473B-A9E4-C77C3676C0AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{59507A9F-4E94-4911-BD58-367F08D3D2A1}] => (Allow) D:\Programy\steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{5C9CF4E1-EF22-405F-9D5E-E53AB30BB872}] => (Allow) D:\Programy\steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{8BD1CDBA-164D-455E-A44D-FFA5CAE0642B}] => (Allow) D:\Games\lolko\LeagueClient.exe No File
FirewallRules: [{D5A00564-1B9B-47D4-9B7A-B78080DD1883}] => (Allow) D:\Games\lolko\LeagueClient.exe No File
FirewallRules: [TCP Query User{DB17B2E1-3E3F-4579-A972-E3B7FF2832CA}D:\games\lolko\game\league of legends.exe] => (Allow) D:\games\lolko\game\league of legends.exe No File
FirewallRules: [UDP Query User{D4F8E8D7-9EB0-48FB-BB75-72F23AA37FE2}D:\games\lolko\game\league of legends.exe] => (Allow) D:\games\lolko\game\league of legends.exe No File
FirewallRules: [{BCD04E65-A4E9-4BF5-9F86-F47C5B944E86}] => (Allow) C:\Program Files (x86)\Opera\63.0.3368.94\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{8EDAF00F-5CAE-4851-8CD8-BF6E861902B8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{39D15C0F-7D26-49F2-AE8D-02DF4937EFA7}] => (Allow) C:\Program Files (x86)\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{6A2E1B21-ECFF-4B69-9021-B12D2594E997}] => (Allow) D:\Games\lolecko\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [{5BB7FF12-8F1B-4AC3-8C21-9CDD4643C742}] => (Allow) D:\Games\lolecko\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [TCP Query User{6FD254AD-CFF5-4C60-BE39-F4E60FE2AC16}D:\games\lolecko\game\league of legends.exe] => (Allow) D:\games\lolecko\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{F28AACD6-A7A2-41E4-A8AC-1AB8AE17665E}D:\games\lolecko\game\league of legends.exe] => (Allow) D:\games\lolecko\game\league of legends.exe (Riot Games, Inc. -> )
FirewallRules: [{4B906D8C-8B89-46E9-91C7-CEAB68B6F923}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{6FCE09E4-0C5D-4AC2-9736-DC490EAB52DA}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{6C8462CE-5FC3-4130-9B07-A8BE8FC63893}] => (Allow) C:\Users\Tomas\Desktop\FRST64.exe (Farbar) [File not signed]
FirewallRules: [{18CD5948-1B80-4650-9778-A851E0A66326}] => (Allow) C:\Users\Tomas\Desktop\FRST64.exe (Farbar) [File not signed]
FirewallRules: [{707AB248-E979-4642-AAB7-1D99FFC19286}] => (Allow) C:\Users\Tomas\Desktop\FRST64.exe (Farbar) [File not signed]
FirewallRules: [{DE7EB1A4-8D49-40D1-9E38-8E375D847D57}] => (Allow) C:\Users\Tomas\Desktop\FRST64.exe (Farbar) [File not signed]

==================== Restore Points =========================

20-09-2019 01:58:33 Nainstalováno rozhraní DirectX
13-10-2019 01:05:38 Naplánovaný kontrolní bod
13-10-2019 10:10:07 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/13/2019 10:30:04 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-54QJTJL)
Description: httphttp-2147467263

Error: (10/13/2019 11:55:43 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.

Error: (10/13/2019 11:55:43 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (10/13/2019 11:50:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LeagueClient.exe, verze: 9.20.292.8264, časové razítko: 0x5d9fe445
Název chybujícího modulu: LeagueClient.exe, verze: 9.20.292.8264, časové razítko: 0x5d9fe445
Kód výjimky: 0xc0000005
Posun chyby: 0x002206b8
ID chybujícího procesu: 0xd7c
Čas spuštění chybující aplikace: 0x01d581ab9d22e1f4
Cesta k chybující aplikaci: D:\Games\lolko\LeagueClient.exe
Cesta k chybujícímu modulu: D:\Games\lolko\LeagueClient.exe
ID zprávy: 3f40c3e4-3300-434e-9845-f7b0b76d1522
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/13/2019 11:50:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Uninstall League of Legends.exe, verze: 9.20.0.0, časové razítko: 0x5d953b39
Název chybujícího modulu: Uninstall League of Legends.exe, verze: 9.20.0.0, časové razítko: 0x5d953b39
Kód výjimky: 0xc0000005
Posun chyby: 0x0000a4a0
ID chybujícího procesu: 0x15dc
Čas spuštění chybující aplikace: 0x01d581ab9d205f44
Cesta k chybující aplikaci: D:\Games\lolko\Uninstall League of Legends.exe
Cesta k chybujícímu modulu: D:\Games\lolko\Uninstall League of Legends.exe
ID zprávy: 0da1d074-6e4e-4925-8018-d46f55a98d9e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/13/2019 11:50:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LeagueClient.exe, verze: 9.20.292.8264, časové razítko: 0x5d9fe445
Název chybujícího modulu: LeagueClient.exe, verze: 9.20.292.8264, časové razítko: 0x5d9fe445
Kód výjimky: 0xc0000005
Posun chyby: 0x002206b8
ID chybujícího procesu: 0x2d18
Čas spuštění chybující aplikace: 0x01d581ab96174cf9
Cesta k chybující aplikaci: D:\Games\lolko\LeagueClient.exe
Cesta k chybujícímu modulu: D:\Games\lolko\LeagueClient.exe
ID zprávy: e6d9b20b-4547-4d83-9e84-f7e8f16c884d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/13/2019 11:50:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Uninstall League of Legends.exe, verze: 9.20.0.0, časové razítko: 0x5d953b39
Název chybujícího modulu: Uninstall League of Legends.exe, verze: 9.20.0.0, časové razítko: 0x5d953b39
Kód výjimky: 0xc0000005
Posun chyby: 0x0000a4a0
ID chybujícího procesu: 0x104c
Čas spuštění chybující aplikace: 0x01d581ab9611ac09
Cesta k chybující aplikaci: D:\Games\lolko\Uninstall League of Legends.exe
Cesta k chybujícímu modulu: D:\Games\lolko\Uninstall League of Legends.exe
ID zprávy: af2ee7c5-5331-49b0-b86e-80e033164c27
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/13/2019 11:49:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LeagueClient.exe, verze: 9.20.292.8264, časové razítko: 0x5d9fe445
Název chybujícího modulu: LeagueClient.exe, verze: 9.20.292.8264, časové razítko: 0x5d9fe445
Kód výjimky: 0xc0000005
Posun chyby: 0x002206b8
ID chybujícího procesu: 0x2c28
Čas spuštění chybující aplikace: 0x01d581ab9171b943
Cesta k chybující aplikaci: D:\Games\lolko\LeagueClient.exe
Cesta k chybujícímu modulu: D:\Games\lolko\LeagueClient.exe
ID zprávy: 74780a7b-7b0f-47f5-9041-f2ab4507b5a9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (10/13/2019 10:20:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}
a APPID
{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/13/2019 10:00:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/13/2019 09:45:50 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-54QJTJL)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-54QJTJL\Tomas (SID: S-1-5-21-526796258-3125621912-3622189555-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/13/2019 09:44:30 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-54QJTJL)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-54QJTJL\Tomas (SID: S-1-5-21-526796258-3125621912-3622189555-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/13/2019 09:44:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (10/13/2019 09:44:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (10/13/2019 09:43:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SecDrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (10/13/2019 09:43:59 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS


Windows Defender:
===================================
Date: 2018-09-18 00:54:24.651
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {7422F5FB-C122-4949-89F9-F885A5F6D28D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-16 21:38:57.879
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F98CFCCB-8217-44A8-ACAE-D56232484E77}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-16 19:27:01.583
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {E046500E-4BA1-4FF1-B0C0-25D69559568A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-16 15:10:38.691
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {3B3FE342-F76C-4EC5-BE88-D526B502B961}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-09-16 09:21:08.942
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {DDE6459A-AAD4-491E-8901-7A8B332B7053}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===================================

Date: 2019-09-30 02:01:16.289
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\asrdmon.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-08-13 20:14:52.926
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x86\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-08-13 20:14:52.912
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x86\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-08-13 20:14:52.739
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-08-13 20:14:52.725
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 2003 09/19/2016
Motherboard: ASUSTeK COMPUTER INC. B150 PRO GAMING
Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 11%
Total physical RAM: 32707.18 MB
Available physical RAM: 28837.74 MB
Total Virtual: 34755.18 MB
Available Virtual: 29196.33 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.02 GB) (Free:150.48 GB) NTFS
Drive d: (Data) (Fixed) (Total:1862.89 GB) (Free:896.45 GB) NTFS

\\?\Volume{e5adb382-0107-41f8-8705-c63132ac2955}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{73b22b3e-35d9-4917-94ca-f8c0d0e2920f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-10-2019 02
Ran by Tomas (administrator) on DESKTOP-54QJTJL (13-10-2019 22:42:58)
Running from C:\Users\Tomas\Desktop
Loaded Profiles: Tomas (Available Profiles: defaultuser0 & Tomas)
Platform: Windows 10 Home Version 1803 17134.285 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
() [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.28\AsusFanControlService.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) Software -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ManyCam -> Visicom Media Inc.) C:\ProgramData\ManyCam\Service\ManyCamService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [193024 2018-09-30] (Microsoft Corporation) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\Run: [DAEMON Tools Lite Automount] => D:\Programy\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [12498960 2017-08-24] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\Run: [Chromium] => "c:\users\tomas\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\Run: [Discord] => C:\Users\Tomas\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22714912 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\Policies\Explorer: [NoSecurityTab] 1
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\MountPoints2: {7e675cad-3dc6-11e9-b507-38d547e05235} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\MountPoints2: {9fc70acf-2ca0-11e7-b3bd-38d547e05235} - "E:\autorun.exe"
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\MountPoints2: {9fc70b14-2ca0-11e7-b3bd-38d547e05235} - "F:\MafiaLauncher.EXE"
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\MountPoints2: {9fc70b5a-2ca0-11e7-b3bd-38d547e05235} - "G:\m.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-24] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CFB0104-4D41-44F5-887B-81991B3AB808} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {19602858-A3BE-4A01-A506-BBEFC3510BC8} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [656968 2019-08-27] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {21315387-77F4-450E-A90D-8FC7132B3CFD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [464448 2018-09-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {374E42FD-35D9-4757-B8D7-364F8B36BBDB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [464448 2018-09-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {3DEAE3A1-5C6C-458F-9D95-002F23B3E501} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {4AFED862-290A-4FC2-B66C-59AFF4C2A3DD} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [1871800 2015-08-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {50A775DF-AA7B-41F8-A2E0-79774BEEC4E2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {51968B7F-3660-4F95-9199-E9E9BE9BB3B4} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5CBF0789-D151-42A4-998B-627FAC437C93} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-09] (Adobe Inc. -> Adobe)
Task: {627EDAD6-5952-47D4-8C30-C1D0A706028A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E5C083E-45D7-48BE-BAEE-131101829BF5} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7048E167-14DD-4A52-A8C1-FD6A56727BF0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [464448 2018-09-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {73A3793E-5D3E-4681-9305-9B0B4111BC1F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Tomas\Downloads\esetonlinescanner_csy.exe
Task: {746EF9BB-EA81-4260-A2CB-DBDB4EF7AAD9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-08-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7BA31C85-8F68-4CF9-A0B3-444967F549E0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-23] (Google Inc -> Google Inc.)
Task: {7D74AA67-9631-434B-BCE8-212178868BB9} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4331288 2015-08-20] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {82AEC64E-FB1D-4980-BC4F-E83C5D4C37F1} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {83DAB4D3-430E-4CCA-AD3D-CB130F6EA1ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-23] (Google Inc -> Google Inc.)
Task: {8420C8FE-41ED-4035-B02C-B4C2E11BC6F0} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Tomas\Downloads\esetonlinescanner_csy.exe
Task: {8ABBC853-E7EF-4A3F-80DE-19C7848095C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [464448 2018-09-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {9482B63C-B573-4081-ABA4-A027EC0BE132} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A58D607E-719D-4018-9C49-6A412035DFDA} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1459152 2015-09-10] (ASUSTeK Computer Inc. -> )
Task: {A631A3CE-8FF1-423A-8466-A0E9E286E44F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653864 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AE45743A-7135-41C0-8BB1-15B9422E9217} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [3646264 2014-05-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {B14B7E2D-5356-485B-8354-88C19C10A8C5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3310688 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BA9A16AD-3B1E-4F9E-B5BE-036676F88438} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C19FE2C6-81F3-4F10-93DA-E2958D7D27E7} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1310720 2015-09-20] () [File not signed]
Task: {C27C4947-8266-4E81-93C9-4ACB51643A69} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_pepper.exe [1453112 2019-10-09] (Adobe Inc. -> Adobe)
Task: {C29756D8-7C90-43CC-87B8-056F9BB76568} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16585328 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {E31E25C1-C10B-4482-9BDF-503B54DFE5E5} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [238392 2013-07-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {E77E4A4A-5D1A-467B-98C5-C5E5B4FD7407} - System32\Tasks\Opera scheduled Autoupdate 1483644754 => C:\Program Files (x86)\Opera\launcher.exe [1348632 2019-10-04] (Opera Software AS -> Opera Software)
Task: {E9DCD09A-D46B-4C16-BAEA-857735E4D645} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{9e49061e-58de-4752-ad9c-141cbf5e0300}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{9e49061e-58de-4752-ad9c-141cbf5e0300}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Internet Explorer:
==================
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-526796258-3125621912-3622189555-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://team.setzer.cz/","hxxp://websearch.simplespeedy.info/","hxxp://www.motious.com/","hxxps://www.google.com/"
CHR Profile: C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default [2019-10-13]
CHR Extension: (Prezentace) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-10-13]
CHR Extension: (Dokumenty) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-10-13]
CHR Extension: (Disk Google) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-10-13]
CHR Extension: (YouTube) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-10-13]
CHR Extension: (Tabulky) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-10-13]
CHR Extension: (AdBlock) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-10-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-13]
CHR Extension: (Gmail) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-10-13]
CHR Extension: (Chrome Media Router) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-13]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2015-05-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.28\AsusFanControlService.exe [398648 2015-08-20] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8577760 2019-07-21] (BattlEye Innovations e.K. -> )
S3 Disc Soft Lite Bus Service; D:\Programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2018-08-26] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [3877768 2016-12-12] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (ManyCam -> Visicom Media Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2017-10-07] (Even Balance, Inc. -> )
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [107832 2017-10-07] (Even Balance, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\NisSrv.exe [3847376 2018-09-26] (Microsoft Corporation -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [19192 2015-09-21] (Intel(R) Software -> Intel(R) Corporation)
S3 cphs; %SystemRoot%\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHeciSvc.exe [X]
S3 cplspcon; %SystemRoot%\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHDCPSvc.exe [X]
S2 igfxCUIService2.0.0.0; %SystemRoot%\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxCUIService.exe [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2019-10-13] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R3 AndroidAFD; C:\Windows\SysWow64\drivers\AndroidAFDx64.sys [28600 2015-08-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-18] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] (ASUSTeK Computer Inc. -> )
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-12-26] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-12-26] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheatSys; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [1052784 2019-06-30] (EasyAntiCheat Oy -> EasyAntiCheat Oy)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Huawei Technologies Co., Ltd.) [File not signed]
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-09-21] (Intel(R) Software -> Intel Corporation)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2015-08-20] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [58792 2017-03-05] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_827405c7c65146ab\nvlddmkm.sys [22377352 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [12464 2019-09-09] (Macrovision Europe Ltd) [File not signed]
R3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [45408 2019-07-02] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46184 2018-09-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [352424 2018-09-26] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60584 2018-09-26] (Microsoft Windows -> Microsoft Corporation)
S3 igfx; \SystemRoot\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igdkmd64.sys [X]
S1 MpKsl059d16c5; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C8103F08-E313-467E-B293-07EF63D1BB7B}\MpKsl059d16c5.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-13 22:42 - 2019-10-13 22:43 - 000029321 _____ C:\Users\Tomas\Desktop\FRST.txt
2019-10-13 22:42 - 2019-10-13 22:43 - 000000000 ____D C:\FRST
2019-10-13 22:22 - 2019-10-13 22:22 - 001616384 _____ (Farbar) C:\Users\Tomas\Downloads\FRST64.exe
2019-10-13 22:22 - 2019-10-13 22:22 - 001616384 _____ (Farbar) C:\Users\Tomas\Desktop\FRST64.exe
2019-10-13 21:42 - 2019-10-13 21:43 - 000001373 _____ C:\Users\Tomas\Desktop\zeman.txt
2019-10-13 21:39 - 2019-10-13 22:42 - 000102350 _____ C:\WINDOWS\ZAM.krnl.trace
2019-10-13 21:39 - 2019-10-13 21:39 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2019-10-13 21:39 - 2019-10-13 21:39 - 000003558 _____ C:\WINDOWS\system32\Tasks\AMHelper
2019-10-13 21:39 - 2019-10-13 21:39 - 000001329 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2019-10-13 21:39 - 2019-10-13 21:39 - 000000000 ____D C:\Users\Tomas\AppData\Local\Zemana
2019-10-13 21:39 - 2019-10-13 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2019-10-13 21:39 - 2019-10-13 21:39 - 000000000 ____D C:\Program Files (x86)\Zemana
2019-10-13 21:38 - 2019-10-13 21:39 - 000000000 ____D C:\Users\Tomas\AppData\Local\AMSDK
2019-10-13 21:35 - 2019-10-13 21:35 - 012668536 _____ (Zemana Ltd. ) C:\Users\Tomas\Downloads\AntiMalware_Setup.exe
2019-10-13 18:02 - 2019-10-13 18:02 - 000008966 _____ C:\Users\Tomas\Desktop\zoek-results.txt
2019-10-13 18:01 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2019-10-13 17:48 - 2019-10-13 17:59 - 000000000 ____D C:\zoek_backup
2019-10-13 17:48 - 2019-10-13 17:48 - 002038755 _____ C:\Users\Tomas\Downloads\zoek.exe
2019-10-13 17:48 - 2019-10-13 17:48 - 002038755 _____ C:\Users\Tomas\Desktop\zoek.exe
2019-10-13 17:47 - 2019-10-13 17:47 - 000003418 _____ C:\Users\Tomas\Desktop\rogue.txt
2019-10-13 12:07 - 2019-10-13 12:07 - 000000769 _____ C:\Users\Tomas\Documents\3D objekty – zástupce.lnk
2019-10-13 11:57 - 2019-10-13 11:57 - 000000000 ____D C:\Users\Tomas\Documents\League of Legends
2019-10-13 11:54 - 2019-10-13 12:07 - 000001675 _____ C:\Users\Public\Desktop\League of Legends.lnk
2019-10-13 11:52 - 2019-10-13 11:52 - 099303624 _____ (Riot Games, Inc) C:\Users\Tomas\Downloads\League of Legends installer NA.exe
2019-10-13 10:53 - 2019-10-13 10:53 - 000000000 ____D C:\Users\Tomas\AppData\Local\Adobe
2019-10-13 10:45 - 2019-10-13 10:51 - 000000000 ____D C:\ProgramData\RogueKiller
2019-10-13 10:44 - 2019-10-13 10:44 - 035074616 _____ C:\Users\Tomas\Desktop\RogueKiller_portable64.exe
2019-10-13 10:43 - 2019-10-13 10:44 - 035074616 _____ C:\Users\Tomas\Downloads\RogueKiller_portable64.exe
2019-10-13 10:21 - 2019-10-13 10:21 - 000000000 ____D C:\ProgramData\Sophos
2019-10-13 10:20 - 2019-10-13 10:20 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2019-10-13 10:20 - 2019-10-13 10:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2019-10-13 10:20 - 2019-10-13 10:20 - 000000000 ____D C:\Program Files (x86)\Sophos
2019-10-13 10:19 - 2019-10-13 10:20 - 206758184 _____ (Sophos Limited) C:\Users\Tomas\Downloads\Sophos Virus Removal Tool.exe
2019-10-13 10:09 - 2019-10-13 10:09 - 001790024 _____ (Malwarebytes) C:\Users\Tomas\Downloads\JRT.exe
2019-10-13 10:09 - 2019-10-13 10:09 - 001790024 _____ (Malwarebytes) C:\Users\Tomas\Desktop\JRT.exe
2019-10-13 10:03 - 2019-10-12 22:26 - 007622344 _____ (Malwarebytes) C:\Users\Tomas\Desktop\AdwCleaner.exe
2019-10-13 02:15 - 2019-10-13 02:15 - 000000218 _____ C:\Users\Tomas\AppData\Local\recently-used.xbel
2019-10-12 22:33 - 2019-10-12 22:33 - 000001912 _____ C:\Users\Tomas\Desktop\Malwarebytes.lnk
2019-10-12 22:33 - 2019-10-12 22:33 - 000000000 ____D C:\Users\Tomas\AppData\Local\mbamtray
2019-10-12 22:33 - 2019-10-12 22:33 - 000000000 ____D C:\Users\Tomas\AppData\Local\mbam
2019-10-12 22:33 - 2019-10-12 22:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-10-12 22:33 - 2019-10-12 22:33 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-10-12 22:33 - 2019-10-12 22:33 - 000000000 ____D C:\Program Files\Malwarebytes
2019-10-12 22:33 - 2019-08-27 05:50 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-10-12 22:33 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-10-12 22:32 - 2019-10-12 22:32 - 066367928 _____ (Malwarebytes ) C:\Users\Tomas\Downloads\mb3-setup-37469.37469-3.8.3.2965-1.0.627-1.0.12633.exe
2019-10-12 22:26 - 2019-10-13 10:05 - 000000000 ____D C:\AdwCleaner
2019-10-12 22:26 - 2019-10-12 22:26 - 007622344 _____ (Malwarebytes) C:\Users\Tomas\Downloads\AdwCleaner.exe
2019-10-12 22:24 - 2019-10-12 22:24 - 000000000 ____D C:\Users\Tomas\AppData\Local\CEF
2019-10-12 22:21 - 2019-10-12 22:21 - 000448512 _____ (OldTimer Tools) C:\Users\Tomas\Downloads\TFC.exe
2019-10-12 22:20 - 2019-10-13 22:34 - 000000000 ____D C:\Users\Tomas\AppData\Local\ClassicShell
2019-10-12 22:17 - 2019-10-12 22:17 - 000050688 _____ (Atribune.org) C:\Users\Tomas\Downloads\ATF-Cleaner.exe
2019-10-12 21:10 - 2019-10-12 21:10 - 000388608 _____ (Trend Micro Inc.) C:\Users\Tomas\Downloads\HijackThis.exe
2019-10-12 14:06 - 2019-10-12 14:06 - 000000000 ___HD C:\$AV_ASW
2019-10-12 08:35 - 2019-10-13 10:13 - 000000000 ____D C:\Users\Tomas\Desktop\antivir
2019-10-09 03:35 - 2019-10-09 03:36 - 000000000 ____D C:\Users\Tomas\AppData\Local\Riot Games
2019-10-02 11:04 - 2019-09-27 23:15 - 011561728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-10-02 11:04 - 2019-09-27 23:15 - 009936640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-10-02 11:04 - 2019-09-27 23:15 - 001012640 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-10-02 11:04 - 2019-09-27 23:15 - 001012640 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-10-02 11:04 - 2019-09-27 23:15 - 000876448 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-10-02 11:04 - 2019-09-27 23:15 - 000876448 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-10-02 11:04 - 2019-09-27 23:15 - 000447120 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-10-02 11:04 - 2019-09-27 23:15 - 000351888 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-10-02 11:04 - 2019-09-27 23:15 - 000301472 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-10-02 11:04 - 2019-09-27 23:15 - 000301472 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-10-02 11:04 - 2019-09-27 23:15 - 000273312 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-10-02 11:04 - 2019-09-27 23:15 - 000273312 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-10-02 11:04 - 2019-09-27 23:14 - 000823552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-10-02 11:04 - 2019-09-27 23:14 - 000676744 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-10-02 11:04 - 2019-09-27 23:14 - 000633224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-10-02 11:04 - 2019-09-27 23:14 - 000544456 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-10-02 11:04 - 2019-09-27 23:13 - 040445128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-10-02 11:04 - 2019-09-27 23:13 - 035333888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-10-02 11:04 - 2019-09-27 23:13 - 017301248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-10-02 11:04 - 2019-09-27 23:13 - 014922440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-10-02 11:04 - 2019-09-27 23:13 - 005358464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-10-02 11:04 - 2019-09-27 23:13 - 004697288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-10-02 11:04 - 2019-09-27 23:13 - 002051512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-10-02 11:04 - 2019-09-27 23:13 - 001726720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443648.dll
2019-10-02 11:04 - 2019-09-27 23:13 - 001551240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-10-02 11:04 - 2019-09-27 23:13 - 001491144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443648.dll
2019-10-02 11:04 - 2019-09-27 23:13 - 001477512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-10-02 11:04 - 2019-09-27 23:13 - 001246976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-10-02 11:04 - 2019-09-27 23:13 - 001140424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-10-02 11:04 - 2019-09-27 23:13 - 000959416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-10-02 11:04 - 2019-09-27 23:13 - 000812800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-10-02 11:04 - 2019-09-27 23:13 - 000659328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-10-02 11:04 - 2019-09-27 23:13 - 000523520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-09-30 03:35 - 2019-09-30 03:36 - 000000000 ____D C:\ProgramData\SUPERSetup
2019-09-30 03:07 - 2019-09-30 03:07 - 000000000 ____D C:\Users\Tomas\AppData\Roaming\SUPERAntiSpyware.com
2019-09-30 03:07 - 2019-09-30 03:07 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2019-09-30 03:06 - 2019-09-30 03:06 - 042087312 _____ (SUPERAntiSpyware) C:\Users\Tomas\Downloads\SUPERAntiSpyware.exe
2019-09-30 02:58 - 2019-10-13 10:05 - 000000000 ____D C:\Users\Tomas\AppData\LocalLow\IObit
2019-09-30 02:58 - 2019-09-30 02:58 - 000000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2019-09-30 02:57 - 2019-10-13 10:05 - 000000000 ____D C:\Users\Tomas\AppData\Roaming\IObit
2019-09-30 02:57 - 2019-10-13 10:05 - 000000000 ____D C:\ProgramData\IObit
2019-09-30 01:57 - 2019-09-30 01:59 - 000000000 ____D C:\ProgramData\Wondershare
2019-09-30 01:57 - 2019-09-30 01:57 - 001388272 _____ C:\Users\Tomas\Downloads\recoverit_setup_full4134.exe
2019-09-30 01:57 - 2019-09-30 01:57 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2019-09-29 23:07 - 2019-09-29 23:07 - 007622344 _____ (Malwarebytes) C:\Users\Tomas\Downloads\adwcleaner_7.4.1.exe
2019-09-25 01:13 - 2019-09-26 04:18 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-09-25 01:13 - 2019-09-25 01:13 - 000002888 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-09-25 01:13 - 2019-09-25 01:13 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-09-25 01:13 - 2019-09-25 01:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-09-25 01:13 - 2019-09-25 01:13 - 000000000 ____D C:\Program Files\CCleaner
2019-09-20 01:58 - 2019-10-13 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2019-09-14 14:40 - 2019-10-13 21:44 - 000000000 ____D C:\Users\Tomas\Documents\videa

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-13 22:20 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-13 21:48 - 2018-05-17 14:04 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-13 21:48 - 2018-04-12 17:50 - 000715034 _____ C:\WINDOWS\system32\perfh005.dat
2019-10-13 21:48 - 2018-04-12 17:50 - 000144328 _____ C:\WINDOWS\system32\perfc005.dat
2019-10-13 21:48 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-10-13 21:44 - 2017-07-21 20:14 - 000000000 ____D C:\ProgramData\NVIDIA
2019-10-13 21:43 - 2018-05-17 14:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-13 21:43 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-10-13 21:32 - 2018-05-17 23:26 - 000004210 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{68D3B090-47E2-48AF-B1D0-4F1791684609}
2019-10-13 17:59 - 2018-05-17 13:56 - 000000000 ____D C:\Users\Tomas
2019-10-13 17:39 - 2018-05-17 13:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-13 11:50 - 2016-12-21 21:52 - 000000000 ____D C:\Users\Tomas\AppData\Local\CrashDumps
2019-10-13 02:15 - 2018-11-17 23:38 - 000000000 ____D C:\KMPlayer
2019-10-12 22:33 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-10-12 22:22 - 2017-07-11 16:38 - 000000000 ____D C:\ProgramData\AVAST Software
2019-10-12 22:19 - 2016-12-21 20:46 - 000000000 ____D C:\Users\Tomas\AppData\Local\Comms
2019-10-12 15:34 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-10-12 09:51 - 2018-05-31 11:45 - 000000000 ____D C:\Users\Tomas\AppData\Local\D3DSCache
2019-10-09 15:54 - 2018-05-17 14:00 - 000004666 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-10-09 15:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-10-09 15:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-10-09 03:35 - 2016-12-26 15:59 - 000000000 ____D C:\ProgramData\Riot Games
2019-10-08 13:56 - 2018-05-17 14:00 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-526796258-3125621912-3622189555-1001
2019-10-08 13:56 - 2018-05-17 13:56 - 000002361 _____ C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-08 13:56 - 2016-12-21 20:30 - 000000000 ___RD C:\Users\Tomas\OneDrive
2019-10-08 01:19 - 2018-08-23 10:20 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-08 01:19 - 2018-08-23 10:20 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-08 01:19 - 2016-12-21 20:32 - 000000000 ____D C:\Program Files (x86)\Google
2019-10-07 07:44 - 2018-05-17 14:00 - 000003970 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1483644754
2019-10-07 07:44 - 2017-06-30 17:44 - 000001149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-10-07 07:44 - 2017-01-05 21:32 - 000000000 ____D C:\Program Files (x86)\Opera
2019-10-02 11:05 - 2017-07-21 20:14 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-09-30 03:33 - 2018-05-17 13:54 - 000410064 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-09-30 03:03 - 2019-06-02 15:17 - 000000000 ____D C:\Users\Tomas\Desktop\GAMES
2019-09-30 03:03 - 2018-11-27 20:33 - 000000000 ____D C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mafia
2019-09-30 03:03 - 2018-05-16 09:46 - 000000000 ___DC C:\WINDOWS\Panther
2019-09-30 03:03 - 2017-01-25 04:09 - 000000000 ____D C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
2019-09-30 03:02 - 2018-05-17 14:00 - 000003256 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-30 03:02 - 2018-05-17 14:00 - 000000000 ____D C:\WINDOWS\system32\Tasks\ferobedo
2019-09-27 23:09 - 2019-09-12 07:44 - 004263512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-09-27 23:09 - 2018-05-09 18:37 - 005002192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-09-27 03:27 - 2018-05-09 18:37 - 000054700 _____ C:\WINDOWS\system32\nvinfo.pb
2019-09-27 01:23 - 2017-07-21 20:14 - 005468016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-09-27 01:23 - 2017-07-21 20:14 - 002635248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-09-27 01:23 - 2017-07-21 20:14 - 001767464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-09-27 01:23 - 2017-07-21 20:14 - 000653680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-09-27 01:23 - 2017-07-21 20:14 - 000451056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-09-27 01:23 - 2017-07-21 20:14 - 000124784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-09-27 01:23 - 2017-07-21 20:14 - 000083440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-09-26 09:55 - 2017-07-21 20:14 - 008716712 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-09-26 00:02 - 2017-07-21 20:14 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-09-25 01:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-09-25 01:15 - 2016-12-26 17:28 - 000000000 ____D C:\Users\Tomas\AppData\Roaming\DAEMON Tools Lite
2019-09-24 22:18 - 2018-08-23 10:20 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-22 17:50 - 2019-08-30 20:41 - 000003812 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2019-09-22 17:50 - 2019-08-30 20:41 - 000003370 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2019-09-14 23:06 - 2016-12-26 21:08 - 000000000 ____D C:\Users\Tomas\AppData\Roaming\TS3Client
2019-09-14 14:42 - 2019-08-01 14:23 - 000000000 ____D C:\Users\Tomas\Documents\Aspyr
2019-09-14 14:42 - 2017-07-06 19:01 - 000000000 ____D C:\ProgramData\.mono

==================== Files in the root of some directories ================

2018-11-23 12:56 - 2003-04-09 05:28 - 000233472 ____R () C:\Users\Tomas\AppData\Roaming\MafiaSetup.exe
2017-05-04 00:43 - 2017-05-04 00:43 - 000000009 _____ () C:\Users\Tomas\AppData\Roaming\update.dat
2017-05-04 00:44 - 2017-05-05 00:18 - 000000004 _____ () C:\Users\Tomas\AppData\Roaming\Microsoft\notaut.txt
2018-08-13 19:40 - 2018-08-13 19:40 - 000000036 _____ () C:\Users\Tomas\AppData\Local\housecall.guid.cache
2019-10-13 02:15 - 2019-10-13 02:15 - 000000218 _____ () C:\Users\Tomas\AppData\Local\recently-used.xbel
2018-08-13 19:45 - 2018-08-13 19:45 - 000000010 _____ () C:\Users\Tomas\AppData\Local\sponge.last.runtime.cache

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Proč zakládáš nové téma a nepokračuješ v tom minulém?

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Napsal jsi 2x vlož nový log z HJT,tak jsem to asi špatně pochopil,promiň.

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-10-2019 02
Ran by Tomas (14-10-2019 16:41:58) Run:1
Running from C:\Users\Tomas\Desktop
Loaded Profiles: Tomas (Available Profiles: defaultuser0 & Tomas)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxDTCM.dll -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\Users\Tomas\Data aplikac�:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Tomas\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
FirewallRules: [TCP Query User{E08FB859-3846-444E-81B8-0D96A8B42BBA}D:\games\lanka\flatout2 lanverze\flatout2\flatout2.exe] => (Allow) D:\games\lanka\flatout2 lanverze\flatout2\flatout2.exe No File
FirewallRules: [UDP Query User{60BD1819-064A-4FC3-85DB-8AE33B177E89}D:\games\lanka\flatout2 lanverze\flatout2\flatout2.exe] => (Allow) D:\games\lanka\flatout2 lanverze\flatout2\flatout2.exe No File
FirewallRules: [TCP Query User{87AA574A-C5B6-4452-9D5D-8776161056DB}D:\games\lanka\warcraft 3\w3 by ferren de' lay\war3.exe] => (Allow) D:\games\lanka\warcraft 3\w3 by ferren de' lay\war3.exe No File
FirewallRules: [UDP Query User{BC7DCF9F-C552-41B8-AFE8-A16AC2CF7A91}D:\games\lanka\warcraft 3\w3 by ferren de' lay\war3.exe] => (Allow) D:\games\lanka\warcraft 3\w3 by ferren de' lay\war3.exe No File
FirewallRules: [TCP Query User{0800F232-190C-41C5-9F8E-36632A2CC228}D:\games\lanka\nov� slo�ka\dungeon.defenders.v8.2.1.incl.all.dlc\binaries\win32\dundefgame.exe] => (Allow) D:\games\lanka\nov� slo�ka\dungeon.defenders.v8.2.1.incl.all.dlc\binaries\win32\dundefgame.exe No File
FirewallRules: [UDP Query User{7B680B36-DAE0-4840-87CC-96F3B5899A89}D:\games\lanka\nov� slo�ka\dungeon.defenders.v8.2.1.incl.all.dlc\binaries\win32\dundefgame.exe] => (Allow) D:\games\lanka\nov� slo�ka\dungeon.defenders.v8.2.1.incl.all.dlc\binaries\win32\dundefgame.exe No File
FirewallRules: [TCP Query User{D50D6D4A-E53C-4BE3-8D57-316C39140F1E}D:\games\lanka\q3 nosteam\quake iii arena\quake3.exe] => (Allow) D:\games\lanka\q3 nosteam\quake iii arena\quake3.exe No File
FirewallRules: [UDP Query User{CF9F1EB0-6361-4BC8-B67E-BF4DEFB8D3A6}D:\games\lanka\q3 nosteam\quake iii arena\quake3.exe] => (Allow) D:\games\lanka\q3 nosteam\quake iii arena\quake3.exe No File
FirewallRules: [{8BD1CDBA-164D-455E-A44D-FFA5CAE0642B}] => (Allow) D:\Games\lolko\LeagueClient.exe No File
FirewallRules: [{D5A00564-1B9B-47D4-9B7A-B78080DD1883}] => (Allow) D:\Games\lolko\LeagueClient.exe No File
FirewallRules: [TCP Query User{DB17B2E1-3E3F-4579-A972-E3B7FF2832CA}D:\games\lolko\game\league of legends.exe] => (Allow) D:\games\lolko\game\league of legends.exe No File
FirewallRules: [UDP Query User{D4F8E8D7-9EB0-48FB-BB75-72F23AA37FE2}D:\games\lolko\game\league of legends.exe] => (Allow) D:\games\lolko\game\league of legends.exe No File
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\MountPoints2: {7e675cad-3dc6-11e9-b507-38d547e05235} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\MountPoints2: {9fc70acf-2ca0-11e7-b3bd-38d547e05235} - "E:\autorun.exe"
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\MountPoints2: {9fc70b14-2ca0-11e7-b3bd-38d547e05235} - "F:\MafiaLauncher.EXE"
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\...\MountPoints2: {9fc70b5a-2ca0-11e7-b3bd-38d547e05235} - "G:\m.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {7BA31C85-8F68-4CF9-A0B3-444967F549E0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-23] (Google Inc -> Google Inc.)
Task: {83DAB4D3-430E-4CCA-AD3D-CB130F6EA1ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-23] (Google Inc -> Google Inc.)
Task: {E9DCD09A-D46B-4C16-BAEA-857735E4D645} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
SearchScopes: HKU\S-1-5-21-526796258-3125621912-3622189555-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Tomas\AppData\Local\sponge.last.runtime.cache
C:\Users\Tomas\AppData\Local\housecall.guid.cache
C:\Users\Tomas\AppData\Roaming\MafiaSetup.exe

Virustotal: C:\Users\Tomas\AppData\Roaming\update.dat

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxDTCM => removed successfully
HKLM\Software\Classes\CLSID\{9B5F5829-A529-4B12-814A-E81BCB8D93FC} => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
"C:\Users\Tomas\Data aplikac�" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
C:\Users\Tomas\AppData\Roaming => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E08FB859-3846-444E-81B8-0D96A8B42BBA}D:\games\lanka\flatout2 lanverze\flatout2\flatout2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{60BD1819-064A-4FC3-85DB-8AE33B177E89}D:\games\lanka\flatout2 lanverze\flatout2\flatout2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{87AA574A-C5B6-4452-9D5D-8776161056DB}D:\games\lanka\warcraft 3\w3 by ferren de' lay\war3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BC7DCF9F-C552-41B8-AFE8-A16AC2CF7A91}D:\games\lanka\warcraft 3\w3 by ferren de' lay\war3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0800F232-190C-41C5-9F8E-36632A2CC228}D:\games\lanka\nov� slo�ka\dungeon.defenders.v8.2.1.incl.all.dlc\binaries\win32\dundefgame.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7B680B36-DAE0-4840-87CC-96F3B5899A89}D:\games\lanka\nov� slo�ka\dungeon.defenders.v8.2.1.incl.all.dlc\binaries\win32\dundefgame.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D50D6D4A-E53C-4BE3-8D57-316C39140F1E}D:\games\lanka\q3 nosteam\quake iii arena\quake3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CF9F1EB0-6361-4BC8-B67E-BF4DEFB8D3A6}D:\games\lanka\q3 nosteam\quake iii arena\quake3.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8BD1CDBA-164D-455E-A44D-FFA5CAE0642B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D5A00564-1B9B-47D4-9B7A-B78080DD1883}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DB17B2E1-3E3F-4579-A972-E3B7FF2832CA}D:\games\lolko\game\league of legends.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D4F8E8D7-9EB0-48FB-BB75-72F23AA37FE2}D:\games\lolko\game\league of legends.exe" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e675cad-3dc6-11e9-b507-38d547e05235} => removed successfully
HKLM\Software\Classes\CLSID\{7e675cad-3dc6-11e9-b507-38d547e05235} => not found
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9fc70acf-2ca0-11e7-b3bd-38d547e05235} => removed successfully
HKLM\Software\Classes\CLSID\{9fc70acf-2ca0-11e7-b3bd-38d547e05235} => not found
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9fc70b14-2ca0-11e7-b3bd-38d547e05235} => removed successfully
HKLM\Software\Classes\CLSID\{9fc70b14-2ca0-11e7-b3bd-38d547e05235} => not found
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9fc70b5a-2ca0-11e7-b3bd-38d547e05235} => removed successfully
HKLM\Software\Classes\CLSID\{9fc70b5a-2ca0-11e7-b3bd-38d547e05235} => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7BA31C85-8F68-4CF9-A0B3-444967F549E0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BA31C85-8F68-4CF9-A0B3-444967F549E0}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{83DAB4D3-430E-4CCA-AD3D-CB130F6EA1ED}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83DAB4D3-430E-4CCA-AD3D-CB130F6EA1ED}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E9DCD09A-D46B-4C16-BAEA-857735E4D645}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9DCD09A-D46B-4C16-BAEA-857735E4D645}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
HKU\S-1-5-21-526796258-3125621912-3622189555-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully
HKLM\Software\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\Tomas\AppData\Local\sponge.last.runtime.cache => moved successfully
C:\Users\Tomas\AppData\Local\housecall.guid.cache => moved successfully
C:\Users\Tomas\AppData\Roaming\MafiaSetup.exe => moved successfully
VirusTotal: C:\Users\Tomas\AppData\Roaming\update.dat => https://www.virustotal.com/file/63b92b7 ... 571064159/

=========== EmptyTemp: ==========

BITS transfer queue => 11821056 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 33072114 B
Java, Flash, Steam htmlcache => 70633751 B
Windows/system/drivers => 1425 B
Edge => 0 B
Chrome => 358985019 B
Firefox => 0 B
Opera => 425577930 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1806 B
NetworkService => 1806 B
defaultuser0 => 1806 B
Tomas => 242496254 B

RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:42:46 ====

Napsal jsem vlož nový log z HJT ( do příspěvku).
Nevadí.
Vlož ho sem nyní.

Co problémy?

Už rozumim. Problémy stále běží a řekl bych,že se to ještě zhoršilo. Už musím dávát CTRL ALT DEL abych tu myš aktivoval skoro každou minutu.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:07:05, on 14.10.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
C:\Users\Tomas\Desktop\HijackThis (1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Tomas\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "D:\Programy\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files (x86)\ManyCam\ManyCam.exe" --silent
O4 - HKCU\..\Run: [Chromium] "c:\users\tomas\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session
O4 - HKCU\..\Run: [Discord] C:\Users\Tomas\AppData\Local\Discord\app-0.0.305\Discord.exe
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{9e49061e-58de-4752-ad9c-141cbf5e0300}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.28\AsusFanControlService.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Unknown owner - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHeciSvc.exe (file missing)
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Unknown owner - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHDCPSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - D:\Programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Macrium Service (MacriumService) - Paramount Software UK Ltd - C:\Program Files\Macrium\Common\MacriumService.exe
O23 - Service: ManyCam Service - Visicom Media Inc. - C:\ProgramData\ManyCam\Service\ManyCamService.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe

--
End of file - 12210 bytes

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod



Stáhněte si a nainstalujte Revo Uninstaller FreePlease download and install Revo Uninstaller Free
http://www.revouninstaller.com/start_fr ... nload.html
Poklepáním na Revo Uninstaller jej spustit.

Ze seznamu programů klikněte dvakrát na program "Chromium" dát odstranit
Až budete vyzváni, zda chcete odinstalovat klepněte na tlačítko Ano.
Ujistěte se, že je vybrána možnost Mírný potom klepněte na tlačítko Další.
Program bude probíhat, Pokud budete vyzváni znovu klepněte na tlačítko Ano
Při vestavěný Uninstaller je dokončena klepněte na tlačítko Další.
Jakmile program hledal zbytky klepněte na tlačítko Další.
Zkontrolujte / zaškrtněte položky Bolded jen na seznamu a potom klepněte na tlačítko Odstranit
Po vyzvání klepněte na Ano a pak na další.
další na všechny složky, které se nachází a vyberte možnost odstranění
Po zobrazení výzvy vyberte ano, pak na další
Poté, co udělal na tlačítko Dokončit.

+
Vyčisti systém CCleanerem

V HJT fixnuto,vytvořilo mi to po restartu file s backupuma,to můžu smazat?
Jinak Revo projíždím všude možně a "chromium"tam nikde nemůžu najít. Koukal jsem jak do odinstalátoru,tak do programů Windows.

V Revu dej Hledat a napiš chromium.

Zkoušel jsem,zkoušel jsem. Nenalezeno.