Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03.05.2018
Ran by ADMIN (04-05-2018 17:55:56)
Running from C:\Users\ADMIN\Downloads
Windows 10 Pro Version 1709 16299.371 (X64) (2017-11-25 12:51:57)
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Accounts: =============================

ADMIN (S-1-5-21-3063728462-2920750447-626353998-1001 - Administrator - Enabled) => C:\Users\ADMIN
Administrator (S-1-5-21-3063728462-2920750447-626353998-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3063728462-2920750447-626353998-503 - Limited - Disabled)
Guest (S-1-5-21-3063728462-2920750447-626353998-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3063728462-2920750447-626353998-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.1.1.202 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Aktualizace NVIDIA 31.1.10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.1.10.0 - NVIDIA Corporation) Hidden
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.3.7.0 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.3.7.0 - ASUSTek COMPUTER INC.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.031 - ASUSTek Computer Inc.)
AURA(GRAPHICS CARD) (HKLM-x32\...\{D201B9EB-11D3-4EE2-8C6B-22430214AE3C}) (Version: 0.0.4.1 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.39 - Piriform)
Discord (HKU\S-1-5-21-3063728462-2920750447-626353998-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version:  - Ubisoft)
Far Cry 5 (HKLM-x32\...\{73B938C4-0DDA-448D-8E46-87401EA87339}_is1) (Version:  - Ubisoft)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.139 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Gyazo 3.3.5 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4463 - Intel Corporation)
League of Legends (HKLM-x32\...\{6FEDADF5-40EC-4E18-A376-0FDBACE65338}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Malwarebytes verze 3.4.5.2467 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.5.2467 - Malwarebytes)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3063728462-2920750447-626353998-1001\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 (HKLM-x32\...\{e2495eb6-cca8-47aa-91ea-3410ca44d7b7}) (Version: 14.0.22816.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
OnTopReplica (HKU\S-1-5-21-3063728462-2920750447-626353998-1001\...\OnTopReplica) (Version: 3.4 - Lorenz Cuno Klopfenstein)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 5.2.6 (HKLM\...\{EA9602E3-0184-45B9-9E15-028776CD7A6E}) (Version: 5.2.6 - Oracle Corporation)
Ovládací panel NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.2.0 - Rockstar Games)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Skype verze 8.20 (HKLM-x32\...\Skype_is1) (Version: 8.20 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3063728462-2920750447-626353998-1001\...\Spotify) (Version: 1.0.70.388.g8e1ed5af - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 29.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3063728462-2920750447-626353998-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-FD8E73FEA996}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-3063728462-2920750447-626353998-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A32D87C-5DEA-43C2-88E3-F41BB31749D0} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {0D0FFF5F-3B7D-42CA-98D1-1D85C6B6B8FC} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2017-06-04] (Adobe Systems Incorporated)
Task: {2D2B0578-422B-41EA-8F05-1D6752E0B9B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-21] (Google Inc.)
Task: {2DA06259-61C8-4900-833C-DB07D8428CED} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {44815FEC-73FC-4D6A-A282-1913CAAB7097} - System32\Tasks\S-1-5-21-3063728462-2920750447-626353998-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation)
Task: {485DB5D9-8353-4E41-BB78-5052DE528A16} - System32\Tasks\R@1n-KMS\Windows100Enterprise => wmic [Argument = path SoftwareLicensingProduct where (ID="73111121-5638-40f6-bc11-f1d7b0d64300") call Activate]
Task: {52797663-43DC-4968-A9A5-338124467522} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {61A2C6CB-F177-46F1-A247-5EBD32B06342} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-12-21] (Nota Inc.)
Task: {64310840-C95F-4F44-AC78-3130BD013513} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-03-14] (NVIDIA Corporation)
Task: {858734AF-0E17-4AD2-B12F-BBE229424519} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-26] (Microsoft Corporation)
Task: {86BCCB70-D090-4941-91CF-2E67B741C40E} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-F28ET34-ADMIN => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {88A134EC-49B6-4316-95EB-44985371CAEE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-01-09] (Piriform Ltd)
Task: {89C1B2CC-5C1C-47D6-B4FA-29CC9053EB67} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {8B68DA5E-8912-4E4D-89C9-0FEB5460E289} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-26] (Microsoft Corporation)
Task: {8BF6F776-38FB-4099-A81D-AB646BCC665A} - System32\Tasks\AURA => C:\Program Files (x86)\ASUS\AURA(GRAPHICS CARD)\ledcontrolservice.exe [2016-07-12] (TODO: <Company name>)
Task: {934DD0D1-7003-4DF9-98F4-BC1A174260BD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-03-14] (NVIDIA Corporation)
Task: {935F72D8-5B06-4C68-8E47-49B1877F190C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-26] (Microsoft Corporation)
Task: {B3A75606-CE7A-433E-AB89-B0493ADD8360} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-03-14] (NVIDIA Corporation)
Task: {B8EC04CE-712D-4FC8-8577-21666979C911} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {C36382F0-499D-4915-AC7B-36172E1E1784} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-18] ()
Task: {CB8F4F95-4A73-420F-8D0F-144062416BB5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-26] (Microsoft Corporation)
Task: {D565CAD0-0C77-4CAB-AFEE-1B5F806B57A7} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-F28ET34-ADMIN => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)
Task: {D6D8A1F7-3EE1-4038-8496-EB289E4DFEAB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-21] (Google Inc.)
Task: {E0CB770F-0B48-40A3-AA96-8C58067526C4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-01-09] (Piriform Ltd)
Task: {EB4189EB-864B-418E-AB02-B203115D1D12} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {EBBE8841-98EE-48E8-8CE6-C6DA186D31FE} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-12-21] (Nota Inc.)
Task: {F74E04CB-B63D-4A05-BE85-F277C6F0DD97} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-03-14] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 2" --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg
ShortcutWithArgument: C:\Users\ADMIN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Osoba 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-05-26 03:18 - 2017-05-26 03:18 - 000492112 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2018-03-14 12:41 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-14 12:41 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\qrzfijdu.sys:changelist [444]
AlternateDataStreams: C:\Users\Public\AppData:CSM [474]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-05-17 22:36 - 2018-04-10 20:59 - 000004014 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 media-match.com
127.0.0.1 adclick.g.doublecklick.net
127.0.0.1 www.googleadservices.com
127.0.0.1 open.spotify.com
127.0.0.1 pagead2.googlesyndication.com
127.0.0.1 desktop.spotify.com
127.0.0.1 googleads.g.doubleclick.net
127.0.0.1 pubads.g.doubleclick.net
127.0.0.1 audio2.spotify.com
127.0.0.1 www.omaze.com
127.0.0.1 omaze.com
127.0.0.1 bounceexchange.com
0.0.0.0 pubads.g.doubleclick.net
0.0.0.0 securepubads.g.doubleclick.net
127.0.0.1 media-match.com
127.0.0.1 adclick.g.doublecklick.net
127.0.0.1 googleads.g.doubleclick.net
127.0.0.1 http://www.googleadservices.com
127.0.0.1 pagead2.googlesyndication.com
127.0.0.1 desktop.spotify.com 127.0.0.1
127.0.0.1 audio2.spotify.com
127.0.0.1 pagead46.l.doubleclick.net
127.0.0.1 pagead.l.doubleclick.net
127.0.0.1 googlehosted.l.googleusercontent.com
127.0.0.1 video-ad-stats.googlesyndication.com
127.0.0.1 pagead-googlehosted.l.google.com
127.0.0.1 partnerad.l.doubleclick.net
127.0.0.1 prod.spotify.map.fastlylb.net
127.0.0.1 adserver.adtechus.com
127.0.0.1 na.gmtdmp.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3063728462-2920750447-626353998-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ADMIN\Desktop\kingdom_come_deliverance-wallpaper-1920x1080.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: BEService => 3
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: cplspcon => 3
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: igfxCUIService2.0.0.0 => 2
MSCONFIG\Services: KMS-R@1n => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvTelemetryContainer => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-3063728462-2920750447-626353998-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3063728462-2920750447-626353998-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3063728462-2920750447-626353998-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3063728462-2920750447-626353998-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-3063728462-2920750447-626353998-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3063728462-2920750447-626353998-1001\...\StartupApproved\Run: => "Discord"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7ED364C8-79AF-4892-A820-747B465BF69A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{78B4FBBE-A52E-4531-A4E0-3AB8376B3B3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4A324D10-D3C6-4630-99AF-07883D779D91}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{4320344E-555D-42BD-8D70-702B37862D90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E497D6B3-1213-430D-A27C-B2941E64F242}] => (Allow) LPort=1688
FirewallRules: [{EF9DDCF9-EA8E-4BD0-94EC-AC89CF004866}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FF1E7761-648D-4F0A-8022-A6B2A26B81D1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DDCB34D3-FD7B-448E-B534-A4FD0267C358}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{33081BCF-F1F6-4B55-8FCF-BCA18D699974}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6E7D6E88-57E7-4E22-83B2-563E8F643961}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{670CB2B8-E2E3-4843-BE8E-8D1F9A8A3575}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{48A04A51-9A6E-4250-A2FD-65744B534B90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E024C445-8766-4600-98FD-88A42C690426}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{81A4E768-F45D-42C6-B232-0E95EAA9A628}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C0DC8660-BC44-41BC-8323-D1B7BEBD3ACB}C:\users\admin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\admin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3BA6D6B8-38D2-4828-AF1D-53F02DE8D010}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{D2F6D162-BE16-4FAD-8DD8-4525B9B1AD7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{2783BD8A-AB44-45B1-B765-85448D5908CC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{35DFDE2D-20A0-4965-9349-61879A407069}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E8E91C15-0B12-48ED-9F28-72C32BD958FE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F01A8625-600C-4934-8A9A-5EDC24C4C293}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FFDD7596-B19F-49FC-8649-A869352418A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe
FirewallRules: [{DE04C61D-13B7-4FF3-A294-189F458E5461}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe
FirewallRules: [{4563A799-CF49-4AAC-ACAB-D283A12A90CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{62B79032-0A00-4CBF-842F-4E776A5E6058}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [TCP Query User{411AE527-4902-407F-8E3F-CFE624AD4F9E}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{5802E35B-B9D2-4EF6-A9D1-A1FA70BAC774}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{F1208E9F-18B6-4FA9-B3B6-12A82332DC7D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A84721DF-E60C-4D89-BDCF-085E8BEDC74F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{22A8059E-7178-4741-8DFE-9E3A9FF45252}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{58B749AA-E209-49C2-8D8F-CDA78BFB587A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{55BD3199-FBA1-4A2D-913C-1DF2ACDBFA65}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [UDP Query User{A73B4E11-58EA-46F6-9D54-7D99EF4FD3CC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.139\deploy\leagueclient.exe
FirewallRules: [{116B8C93-26F8-41E9-AA5A-E55DB18D5189}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect64.exe
FirewallRules: [{ECAF99D3-C987-4AA0-AABB-B5C5DFF0E16A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect64.exe
FirewallRules: [TCP Query User{215F1B05-165C-42B7-9973-5197DD971CFC}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe
FirewallRules: [UDP Query User{F723620D-B4FF-4938-95B5-030C62D91FA6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.140\deploy\leagueclient.exe
FirewallRules: [{7BF3E1D7-9189-447C-BEE4-ED5CF9F9AB3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{938BF06C-576E-48FD-A8DE-CFF6C352B815}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{F2C6EEE6-C702-4D17-B998-5612BF119454}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Manhunt\manhunt.exe
FirewallRules: [{97D4F72F-9B1E-40FB-BD0E-163D7B5AB1A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Manhunt\manhunt.exe
FirewallRules: [{B13F5808-5407-4B4B-9CA8-3E0DD4D9A651}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{80F390D7-A564-4B47-AA76-F2B8F4A7E1A8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{633E28E6-64E9-4FA7-951C-3BC569F6B1D4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [TCP Query User{A1B87CFE-D415-43C9-AC5F-16F7C4E1C704}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe
FirewallRules: [UDP Query User{8BC12A82-AD3F-4A2C-A4D0-5AD8846395AD}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe

==================== Restore Points =========================

16-04-2018 17:18:02 Naplánovaný kontrolní bod
24-04-2018 23:32:48 Naplánovaný kontrolní bod
02-05-2018 22:33:35 Naplánovaný kontrolní bod
03-05-2018 16:10:37 Operace obnovení

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/04/2018 05:48:28 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostw (3472,R,0) WebCacheLocal: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -1032.

Error: (05/04/2018 05:48:28 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (3472,R,0) WebCacheLocal: Pokus o otevření souboru C:\Users\ADMIN\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (05/04/2018 05:48:18 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (3472,R,0) WebCacheLocal: Pokus o otevření souboru C:\Users\ADMIN\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat pro čtení nebo zápis selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (05/04/2018 05:48:08 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (3472,R,0) WebCacheLocal: Pokus o otevření souboru C:\Users\ADMIN\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat pro čtení nebo zápis selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (05/04/2018 05:47:58 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (3472,R,0) WebCacheLocal: Pokus o otevření souboru C:\Users\ADMIN\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat pro čtení nebo zápis selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (05/04/2018 05:47:48 PM) (Source: ESENT) (EventID: 439) (User: )
Description: taskhostw (3472,R,0) WebCacheLocal: Pro soubor C:\Users\ADMIN\AppData\Local\Microsoft\Windows\WebCache\V01.chk se nedá zapsat stínové záhlaví. Chyba: -1032

Error: (05/04/2018 05:47:48 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (3472,R,0) WebCacheLocal: Pokus o otevření souboru C:\Users\ADMIN\AppData\Local\Microsoft\Windows\WebCache\V01.chk pro čtení nebo zápis selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (05/04/2018 05:47:38 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (3472,R,0) WebCacheLocal: Pokus o otevření souboru C:\Users\ADMIN\AppData\Local\Microsoft\Windows\WebCache\V01.chk pro čtení nebo zápis selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).


System errors:
=============
Error: (05/04/2018 05:56:48 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby EventSystem s argumenty Není k dispozici za účelem spuštění serveru: 
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (05/04/2018 05:56:43 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-F28ET34)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru: 
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/04/2018 05:55:55 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-F28ET34)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru: 
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/04/2018 05:55:44 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru: 
{9E175B68-F52A-11D8-B9A5-505054503030}

Error: (05/04/2018 05:55:36 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-F28ET34)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru: 
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (05/04/2018 05:55:35 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-F28ET34)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru: 
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/04/2018 05:55:20 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-F28ET34)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru: 
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/04/2018 05:55:10 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-F28ET34)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru: 
{9E175B6D-F52A-11D8-B9A5-505054503030}


Windows Defender:
===================================
Date: 2018-05-03 22:49:37.667
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\ADMIN\Downloads\FRSTLauncher.exe;webfile:_C:\Users\ADMIN\Downloads\FRSTLauncher.exe|http://viry.xf.cz/pro_usery/FRSTLauncher.exe|pid:1752,ProcessStart:131698536267514382
Původ zjišťování: Internet
Typ zjišťování: Konkrétní
Zdroj zjišťování: Soubory ke stažení a přílohy
Uživatel: DESKTOP-F28ET34\ADMIN
Název procesu: Unknown
Verze podpisu: AV: 1.267.777.0, AS: 1.267.777.0, NIS: 1.267.777.0
Verze modulu: AM: 1.1.14800.3, NIS: 1.1.14800.3

Date: 2018-05-03 22:42:45.275
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\ADMIN\Downloads\FRSTLauncher.exe;webfile:_C:\Users\ADMIN\Downloads\FRSTLauncher.exe|http://viry.xf.cz/pro_usery/FRSTLauncher.exe|pid:1752,ProcessStart:131698536267514382
Původ zjišťování: Internet
Typ zjišťování: Konkrétní
Zdroj zjišťování: Soubory ke stažení a přílohy
Uživatel: DESKTOP-F28ET34\ADMIN
Název procesu: Unknown
Verze podpisu: AV: 1.267.777.0, AS: 1.267.777.0, NIS: 1.267.777.0
Verze modulu: AM: 1.1.14800.3, NIS: 1.1.14800.3

Date: 2018-05-03 22:42:30.446
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\ADMIN\Downloads\FRSTLauncher.exe;webfile:_C:\Users\ADMIN\Downloads\FRSTLauncher.exe|http://viry.xf.cz/pro_usery/FRSTLauncher.exe|pid:1752,ProcessStart:131698536267514382
Původ zjišťování: Internet
Typ zjišťování: Konkrétní
Zdroj zjišťování: Soubory ke stažení a přílohy
Uživatel: DESKTOP-F28ET34\ADMIN
Název procesu: Unknown
Verze podpisu: AV: 1.267.777.0, AS: 1.267.777.0, NIS: 1.267.777.0
Verze modulu: AM: 1.1.14800.3, NIS: 1.1.14800.3

Date: 2018-04-30 05:40:52.352
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Backdoor:MSIL/Bladabindi&threatid=2147678468&enterprise=0
Název: Backdoor:MSIL/Bladabindi
ID: 2147678468
Závažnost: Vážné
Kategorie: Zadní vrátka
Cesta: containerfile:_C:\Users\ADMIN\system.exe;file:_C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\c39dd84115c198f09fbb7c60c937741e.exe;file:_C:\Users\ADMIN\system.exe;file:_C:\Users\ADMIN\system.exe->[lowcase_mzpe];process:_pid:53884,ProcessStart:131695013032081044
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\SysWOW64\runonce.exe
Verze podpisu: AV: 1.267.541.0, AS: 1.267.541.0, NIS: 1.267.541.0
Verze modulu: AM: 1.1.14800.3, NIS: 1.1.14800.3

Date: 2018-04-30 05:40:35.083
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Backdoor:MSIL/Bladabindi&threatid=2147678468&enterprise=0
Název: Backdoor:MSIL/Bladabindi
ID: 2147678468
Závažnost: Vážné
Kategorie: Zadní vrátka
Cesta: file:_C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\c39dd84115c198f09fbb7c60c937741e.exe;file:_C:\Users\ADMIN\system.exe;file:_C:\Users\ADMIN\system.exe->[lowcase_mzpe];process:_pid:53884,ProcessStart:131695013032081044
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\SysWOW64\runonce.exe
Verze podpisu: AV: 1.267.541.0, AS: 1.267.541.0, NIS: 1.267.541.0
Verze modulu: AM: 1.1.14800.3, NIS: 1.1.14800.3

Date: 2018-05-04 17:53:03.235
Description: 
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.  
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2018-05-04 14:49:04.624
Description: 
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.  
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2018-05-03 22:50:26.291
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 
Předchozí verze podpisu: 1.267.777.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.14800.3
Kód chyby: 0x8007043c
Popis chyby :Tuto službu nelze spustit v nouzovém režimu.  

Date: 2018-05-03 22:40:01.083
Description: 
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.  
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2018-05-03 22:22:43.815
Description: 
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.  
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

CodeIntegrity:
===================================

Date: 2018-05-04 15:14:42.414
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-04 14:29:16.046
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-04-10 20:51:08.439
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-08 18:01:17.739
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-03-08 18:01:17.398
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-03-07 18:07:29.180
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-04 21:59:29.229
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-26 18:36:28.474
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 7%
Total physical RAM: 16304.31 MB
Available physical RAM: 15155.44 MB
Total Virtual: 32204.31 MB
Available Virtual: 31176.02 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.53 GB) (Free:1558.92 GB) NTFS

\\?\Volume{c78ece3a-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: C78ECE3A)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================