Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Využití procesoru obrovské, bitcoin miner

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Storno
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 03 pro 2018 15:18

Využití procesoru obrovské, bitcoin miner

#1 Příspěvek od Storno »

Zdravím, po předešlé pomoci od vás viewtopic.php?f=30&t=155253 se systém zdál být v pořádku, nicméně dnes a včera to zase začalo, zatížení procesoru je příliš velké i za podmínek, že nic nedělám, stále se drží nad padesáti procenty a když počítač běží nepřetržitě několik hodin, začne zamrzávat a procento využití procesoru ve správci úloh se začne pohybovat okolo 95-100% a pracovat se nedá. Nainstaloval jsem teda znova anti malware bytes, spustil rychlý scan a našlo to spoustu pochybných věcí, log vložím do přílohy.

Prosím tedy ještě jednou o kontrolu logů
Výpis z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.12.2018
Ran by Lukas (administrator) on LUKAS-PC (10-12-2018 14:57:00)
Running from C:\Users\Lukas\Desktop\K roztrideni\Downloads\FRST-OlderVersion
Loaded Profiles: Lukas & (Available Profiles: Lukas & VEŘEJNOST)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(OCCAM Financial Technology) C:\Program Files (x86)\VeNCrypt-0.2.6\vencserver.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3207589375-3262497780-921371487-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46459080 2018-10-04] ()
HKU\S-1-5-21-3207589375-3262497780-921371487-1000\...\Run: [syscheck] => C:\Users\Lukas\AppData\Local\Temp\nobypass.exe <==== ATTENTION
HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46459080 2018-10-04] ()
HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\Run: [syscheck] => C:\Users\Lukas\AppData\Local\Temp\nobypass.exe <==== ATTENTION
HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46459080 2018-10-04] ()
HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\Run: [syscheck] => C:\Users\Lukas\AppData\Local\Temp\nobypass.exe <==== ATTENTION
HKU\S-1-5-21-3207589375-3262497780-921371487-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141830166\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-3207589375-3262497780-921371487-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141830166\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [672384 2018-04-26] ()
HKU\S-1-5-21-3207589375-3262497780-921371487-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143517525\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-3207589375-3262497780-921371487-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143517525\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [672384 2018-04-26] ()
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 185.162.24.54 185.163.180.102
Tcpip\..\Interfaces\{9C5D476D-B234-49E9-8BF7-24F55AC1883D}: [DhcpNameServer] 192.168.88.1 185.162.24.54 185.163.180.102

Internet Explorer:
==================
HKU\S-1-5-21-3207589375-3262497780-921371487-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141830166\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3207589375-3262497780-921371487-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143517525\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10\bin\jp2ssv.dll [2018-03-22] (Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2018-01-09] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2018-01-09] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2018-01-09] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2018-01-09] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\BijHuiyZ.default [2018-12-09]
FF Extension: (Vývojové sestavení Adblock Plus) - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\BijHuiyZ.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-12-09]
FF Plugin: @java.com/DTPlugin,version=13.0.0 -> C:\Program Files\Java\jre-10\bin\dtplugin\npDeployJava1.dll [2018-03-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.0.0 -> C:\Program Files\Java\jre-10\bin\plugin2\npjp2.dll [2018-03-22] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default [2018-12-10]
CHR Extension: (Disk Google) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-06]
CHR Extension: (AdBlock) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-06]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-12-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-06]
CHR Extension: (Chrome Media Router) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-06]
CHR Profile: C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\System Profile [2018-12-08]
CHR HKU\S-1-5-21-3207589375-3262497780-921371487-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Lukas\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2018-12-06]
CHR HKU\S-1-5-21-3207589375-3262497780-921371487-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Lukas\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2018-12-06]
CHR HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Lukas\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2018-12-06]
CHR HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"hkzjeotg" => service was unlocked. <==== ATTENTION

S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7252656 2018-11-30] ()
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2018-09-18] (EasyAntiCheat Ltd)
S2 hkzjeotg; C:\Windows\SysWOW64\hkzjeotg\kagzaiyh.exe [0 ] () <==== ATTENTION (zero byte File/Folder)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] ( )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-04-26] (The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-04-26] (The OpenVPN Project)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-19] (Realtek Semiconductor)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 VeNCrypt; C:\Program Files (x86)\VeNCrypt-0.2.6\vencserver.exe [886312 2006-12-11] (OCCAM Financial Technology)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [157480 2018-06-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2018-01-09] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-12-04] (Malwarebytes)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros Co., Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2018-12-10] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [126624 2018-12-10] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [72536 2018-12-10] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [261032 2018-12-10] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [103760 2018-12-10] (Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 npcap; C:\Windows\System32\DRIVERS\npcap.sys [72400 2017-07-27] (Insecure.Com LLC.)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2017-12-16] (NVIDIA Corporation)
S3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-12-16] (NVIDIA Corporation)
S3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [35664 2018-01-12] (The OpenVPN Project)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2018-10-04] () [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [393880 2018-10-04] (Duplex Secure Ltd.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Windows (R) Win 7 DDK provider)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [200832 2018-01-15] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [211704 2018-01-15] (Oracle Corporation)
U3 adx8fbsu; C:\Windows\System32\Drivers\adx8fbsu.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error(1) reading file: "C:\Users\Lukas\Downloads\Dokumentace TS3 ver 3.0.11.3 "
2018-12-10 14:56 - 2018-12-10 14:57 - 000000000 ____D C:\FRST
2018-12-10 13:57 - 2018-12-10 14:17 - 000103760 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-12-10 13:57 - 2018-12-10 13:57 - 000126624 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-12-10 13:57 - 2018-12-10 13:57 - 000072536 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-12-10 13:51 - 2018-12-10 13:51 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-12-10 13:50 - 2018-12-10 13:50 - 000261032 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-12-10 13:50 - 2018-12-10 13:50 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-12-10 13:50 - 2018-12-10 13:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-12-10 13:50 - 2018-12-10 13:50 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-12-10 13:50 - 2018-12-10 13:50 - 000000000 ____D C:\Program Files\Malwarebytes
2018-12-10 13:50 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-12-10 13:45 - 2018-12-10 13:47 - 000000000 ____D C:\AdwCleaner
2018-12-10 12:52 - 2018-12-10 12:52 - 000000000 ____D C:\Windows\SysWOW64\hkzjeotg
2018-12-09 17:31 - 2018-12-09 17:31 - 000003474 _____ C:\Windows\System32\Tasks\DecLukas
2018-12-09 17:31 - 2018-12-09 17:31 - 000000000 ____D C:\Users\Lukas\AppData\Local\svchost
2018-12-09 17:31 - 2018-12-09 17:31 - 000000000 _____ C:\ProgramData\0
2018-12-09 14:14 - 2018-12-09 14:14 - 000000000 ____D C:\steam foiti
2018-12-09 03:46 - 2018-12-10 13:55 - 000000000 ____D C:\Users\Lukas\Desktop\csfd bany
2018-12-09 03:14 - 2018-12-09 03:14 - 000000759 _____ C:\DelFix.txt
2018-12-09 02:54 - 2018-12-10 13:56 - 000000000 __SHD C:\ProgramData\hafyaffv
2018-12-08 10:22 - 2018-12-08 10:22 - 000000270 __RSH C:\Users\Lukas\ntuser.pol
2018-12-08 03:46 - 2018-12-08 03:46 - 000000000 ____D C:\Program Files (x86)\StreamBB
2018-12-08 03:45 - 2018-12-08 03:45 - 000003564 __RSH C:\ProgramData\ntuser.pol
2018-12-08 03:41 - 2018-12-10 13:57 - 000000000 ____D C:\ProgramData\Blogger
2018-12-08 03:39 - 2018-12-10 14:11 - 000000000 ____D C:\Windows\System32\Tasks\System
2018-12-08 03:39 - 2018-12-10 14:08 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\1337
2018-12-08 03:39 - 2018-12-08 03:46 - 000000000 __SHD C:\ProgramData\{51469235-5146-5146-514692352212}
2018-12-08 03:37 - 2018-12-08 03:38 - 000000000 ____D C:\ProgramData\LODA
2018-12-08 02:40 - 2018-12-10 14:11 - 000000000 ____D C:\Program Files (x86)\Autorun Organizer
2018-12-08 02:40 - 2018-12-08 02:41 - 000000000 ____D C:\Users\Lukas\AppData\Local\ChemTable Software
2018-12-08 02:40 - 2018-12-08 02:40 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\ChemTable Software
2018-12-06 23:29 - 2018-12-06 23:29 - 000000000 ____D C:\Users\Lukas\AppData\LocalLow\Sony Online Entertainment
2018-12-06 23:18 - 2018-12-06 23:18 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-12-06 22:28 - 2018-12-07 10:07 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2018-12-06 22:28 - 2018-12-06 23:36 - 000036026 _____ C:\Windows\ZAM_Guard.krnl.trace
2018-12-06 22:28 - 2018-12-06 23:21 - 000293980 _____ C:\Windows\ZAM.krnl.trace
2018-12-06 22:28 - 2018-12-06 22:28 - 000000000 ____D C:\Users\Lukas\AppData\Local\Zemana
2018-12-06 21:47 - 2018-12-06 22:27 - 000000000 ____D C:\ProgramData\RogueKiller
2018-12-06 18:58 - 2018-12-06 19:45 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2018-12-06 14:08 - 2018-12-06 14:08 - 000000000 ____D C:\Users\Lukas\AppData\Local\mbam
2018-12-06 14:07 - 2018-12-06 14:07 - 000000000 ____D C:\Users\Lukas\AppData\Local\mbamtray
2018-12-06 13:03 - 2018-12-10 14:50 - 000000000 ____D C:\Users\Lukas\Desktop\Security
2018-12-06 12:35 - 2018-12-06 12:35 - 000000000 ____D C:\Users\Lukas\Desktop\HDtune vysledky
2018-12-06 12:25 - 2018-12-06 12:25 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\HD Tune Pro
2018-12-04 17:42 - 2018-12-04 17:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
2018-12-04 17:42 - 2018-12-04 17:42 - 000000000 ____D C:\Program Files (x86)\Geeks3D
2018-12-03 16:15 - 2018-12-03 16:16 - 000000453 _____ C:\Users\Lukas\Desktop\kostra.txt
2018-12-02 21:22 - 2018-12-02 21:43 - 000000000 ____D C:\Program Files (x86)\Mass Effect 3
2018-12-01 20:58 - 2018-12-01 20:58 - 000000000 ____D C:\Windows\Minidump
2018-12-01 12:06 - 2018-12-01 12:11 - 000000000 ____D C:\Users\Lukas\Documents\Arma 3
2018-11-27 21:10 - 2018-11-27 21:12 - 000000000 ____D C:\Users\Lukas\Desktop\otec ted
2018-11-22 04:47 - 2018-11-22 04:47 - 000000316 _____ C:\Users\Lukas\Documents\ax_files.xml
2018-11-22 03:26 - 2018-11-22 04:41 - 000000000 ____D C:\Program Files (x86)\Mass Effect 2
2018-11-22 03:25 - 2018-11-22 03:25 - 000000000 ____D C:\Users\Lukas\Documents\Alcohol 120%
2018-11-21 20:58 - 2018-11-21 20:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike Source (v34 by eXpandedCS)
2018-11-21 20:52 - 2018-11-21 20:58 - 000000000 ____D C:\Program Files (x86)\CSS v34 eXpandedCS
2018-11-21 02:53 - 2018-12-02 22:05 - 000000000 ____D C:\Users\Lukas\Documents\BioWare
2018-11-21 02:53 - 2018-12-02 21:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repacky od tomi2k9
2018-11-21 02:38 - 2018-11-21 02:53 - 000000000 ____D C:\Program Files (x86)\Mass Effect
2018-11-11 03:18 - 2018-11-11 03:18 - 000000000 ____D C:\Users\Lukas\Desktop\letni programovani
2018-11-10 02:28 - 2018-11-05 17:54 - 035297232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl64.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 031262104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 029972064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl32.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 020845704 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 017287840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 015908712 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 013203600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 001167792 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 000914792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 000524640 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 000450856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 000420680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 000181736 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 000163392 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 000159360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 000141592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-11-10 02:28 - 2018-11-05 17:53 - 019704160 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-11-10 02:28 - 2018-11-05 17:53 - 016983120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-11-10 02:28 - 2018-11-05 17:53 - 004280312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-11-10 02:28 - 2018-11-05 13:56 - 000978128 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2018-11-10 02:28 - 2018-11-05 13:56 - 000978128 _____ C:\Windows\system32\vulkan-1.dll
2018-11-10 02:28 - 2018-11-05 13:56 - 000845008 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2018-11-10 02:28 - 2018-11-05 13:56 - 000845008 _____ C:\Windows\SysWOW64\vulkan-1.dll
2018-11-10 02:28 - 2018-11-05 13:56 - 000551384 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-11-10 02:28 - 2018-11-05 13:56 - 000456640 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2018-11-10 02:28 - 2018-11-05 13:56 - 000267984 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2018-11-10 02:28 - 2018-11-05 13:56 - 000267984 _____ C:\Windows\system32\vulkaninfo.exe
2018-11-10 02:28 - 2018-11-05 13:56 - 000243408 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-11-10 02:28 - 2018-11-05 13:56 - 000243408 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2018-11-10 02:28 - 2018-11-05 13:55 - 048639168 _____ (NVIDIA Corp.) C:\Windows\system32\nvoptix.dll
2018-11-10 02:28 - 2018-11-05 13:55 - 040094288 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-11-10 02:28 - 2018-11-05 13:55 - 029811368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-11-10 02:28 - 2018-11-05 13:55 - 020469376 _____ (NVIDIA Corporation) C:\Windows\system32\nvrtum64.dll
2018-11-10 02:28 - 2018-11-05 13:55 - 020077472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-11-10 02:28 - 2018-11-05 13:55 - 001998976 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-11-10 02:28 - 2018-11-05 13:55 - 001457104 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-11-10 02:28 - 2018-11-05 13:55 - 001123472 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-11-10 02:28 - 2018-11-05 13:55 - 000631896 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-11-10 02:28 - 2018-11-05 13:55 - 000521688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-11-10 02:28 - 2018-11-05 13:55 - 000383960 _____ C:\Windows\system32\nvofapi.dll
2018-11-10 02:28 - 2018-11-05 13:54 - 040254264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-11-10 02:28 - 2018-11-05 13:54 - 035151960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-11-10 02:28 - 2018-11-05 13:54 - 004536800 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-11-10 02:28 - 2018-11-05 13:54 - 004029056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-11-10 02:28 - 2018-11-05 13:54 - 002017736 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441681.dll
2018-11-10 02:28 - 2018-11-05 13:54 - 001508648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-11-10 02:28 - 2018-11-05 13:54 - 001468304 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441681.dll
2018-11-10 02:28 - 2018-11-05 13:54 - 000489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcbl64.dll
2018-11-10 02:28 - 2018-11-03 02:49 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2018-11-10 02:28 - 2018-11-03 02:49 - 000000669 _____ C:\Windows\system32\nv-vk64.json

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-10 14:04 - 2009-07-14 05:45 - 000025392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-12-10 14:04 - 2009-07-14 05:45 - 000025392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-12-10 13:58 - 2018-01-09 15:55 - 000000000 ___RD C:\Users\Lukas\Disk Google
2018-12-10 13:56 - 2018-01-08 22:55 - 000000000 ____D C:\ProgramData\NVIDIA
2018-12-10 13:56 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-10 03:55 - 2018-01-10 20:37 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\uTorrent
2018-12-09 21:36 - 2018-01-13 01:05 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\vlc
2018-12-09 20:24 - 2018-01-17 03:04 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\.minecraft
2018-12-09 18:17 - 2018-01-09 18:19 - 000000000 ____D C:\Program Files (x86)\Steam
2018-12-09 14:12 - 2018-01-09 15:22 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\TS3Client
2018-12-09 05:28 - 2018-02-12 10:24 - 000000000 ____D C:\Users\Lukas\AppData\LocalLow\Mozilla
2018-12-08 10:22 - 2018-01-08 22:45 - 000000000 ____D C:\Users\Lukas
2018-12-08 03:45 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\GroupPolicy
2018-12-07 13:22 - 2018-02-27 14:50 - 000000000 ____D C:\Users\Lukas\.VirtualBox
2018-12-06 23:36 - 2018-02-16 00:30 - 000007624 _____ C:\Users\Lukas\AppData\Local\resmon.resmoncfg
2018-12-06 23:31 - 2018-01-30 12:50 - 000000000 ____D C:\Users\Lukas\AppData\Local\CrashDumps
2018-12-06 14:07 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-12-06 12:52 - 2018-02-27 14:52 - 000000000 ____D C:\Users\Lukas\VirtualBox VMs
2018-12-06 00:03 - 2018-04-26 23:33 - 000000000 ____D C:\Users\Lukas\AppData\LocalLow\Temp
2018-12-03 16:12 - 2018-09-04 16:08 - 000000000 ____D C:\Users\Lukas\Desktop\K roztrideni
2018-12-02 22:04 - 2018-01-09 02:04 - 000000000 ___RD C:\Users\Lukas\Desktop\Hry
2018-12-02 21:37 - 2018-01-13 15:52 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\FileZilla
2018-12-01 22:33 - 2018-01-15 19:11 - 000000000 ____D C:\Users\Lukas\AppData\Local\Arma 3 Launcher
2018-12-01 22:29 - 2018-01-10 01:58 - 000000600 _____ C:\Users\Lukas\AppData\Local\PUTTY.RND
2018-12-01 21:28 - 2018-01-15 20:32 - 000000000 ____D C:\Users\Lukas\AppData\Local\Arma 3
2018-12-01 21:19 - 2018-02-15 23:21 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\TeamViewer
2018-12-01 14:24 - 2018-02-17 00:42 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-12-01 14:02 - 2018-01-09 02:04 - 000000000 ___RD C:\Users\Lukas\Desktop\Bordel
2018-12-01 12:06 - 2018-07-22 01:46 - 000000000 ____D C:\Users\Lukas\AppData\Local\BattlEye
2018-11-28 15:51 - 2018-01-08 23:04 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-28 15:40 - 2018-03-09 00:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-28 15:40 - 2018-03-09 00:00 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-11-27 02:33 - 2018-03-10 17:58 - 000592416 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-11-25 00:08 - 2009-07-14 16:18 - 000668542 _____ C:\Windows\system32\perfh005.dat
2018-11-25 00:08 - 2009-07-14 16:18 - 000141202 _____ C:\Windows\system32\perfc005.dat
2018-11-25 00:08 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-21 20:58 - 2018-03-25 16:35 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2018-11-17 23:11 - 2018-06-29 14:04 - 000000167 _____ C:\Users\Lukas\Documents\ClownfishForTeamspeak.ini
2018-11-13 15:25 - 2018-10-10 18:25 - 000000000 ____D C:\Financni evidence
2018-11-11 05:49 - 2018-08-07 14:01 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\CodeBlocks
2018-11-10 10:45 - 2018-01-08 22:53 - 000000000 ____D C:\ProgramData\NVIDIA Corporation

==================== Files in the root of some directories =======

2018-03-17 17:25 - 2018-03-17 17:25 - 000038924 _____ () C:\Users\Lukas\AppData\Roaming\lc_cheaterlist_tf2
2018-03-17 17:25 - 2018-03-17 17:38 - 000014748 _____ () C:\Users\Lukas\AppData\Roaming\lc_public_tf2.ini
2002-08-29 18:33 - 2002-08-29 18:33 - 000319488 ____R () C:\Users\Lukas\AppData\Roaming\MafiaSetup.exe
2018-01-09 02:21 - 2018-05-12 18:22 - 000000600 _____ () C:\Users\Lukas\AppData\Roaming\winscp.rnd
2018-01-10 01:58 - 2018-12-01 22:29 - 000000600 _____ () C:\Users\Lukas\AppData\Local\PUTTY.RND
2018-02-16 00:30 - 2018-12-06 23:36 - 000007624 _____ () C:\Users\Lukas\AppData\Local\resmon.resmoncfg
2018-02-27 15:55 - 2018-02-27 17:12 - 000000452 _____ () C:\Users\Lukas\AppData\Local\zenmap.exe.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-12-07 13:40

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.12.2018
Ran by Lukas (10-12-2018 14:58:05)
Running from C:\Users\Lukas\Desktop\K roztrideni\Downloads\FRST-OlderVersion
Windows 7 Professional Service Pack 1 (X64) (2018-01-08 21:45:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3207589375-3262497780-921371487-500 - Administrator - Disabled)
Guest (S-1-5-21-3207589375-3262497780-921371487-501 - Limited - Enabled)
Lukas (S-1-5-21-3207589375-3262497780-921371487-1000 - Administrator - Enabled) => C:\Users\Lukas
VEŘEJNOST (S-1-5-21-3207589375-3262497780-921371487-1001 - Limited - Enabled) => C:\Users\VEŘEJNOST

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
1.1 (HKLM-x32\...\{87179B53-AFC2-4F12-977D-2FF23293DC8A}_is1) (Version: 1.1 - EASIS GmbH)
A3Launcher version 0.1.5.8 (HKLM-x32\...\{1E29A86E-9AE2-4CD8-74C8-6B170ED3C4D2}_is1) (Version: 0.1.5.8 - Maca134)
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.0 - Adobe Systems Incorporated)
Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.126 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
AIDA64 Extreme v5.95 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.95 - FinalWire Ltd.)
AMD Catalyst Install Manager (HKLM\...\{04E14C12-EAB9-9B07-5A25-CAF2D10B2579}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Application Verifier x64 External Package (HKLM\...\{62CB44B2-8007-DBB2-1CBA-5CB7309EB3C3}) (Version: 10.1.17134.12 - Microsoft) Hidden
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Autorun Organizer (HKLM\...\{B2086A6F-AAD2-43C0-8DAF-2E216EBD784B}) (Version: 3.0.0 - ChemTable)
Avidemux 2.7 - 64 bits (HKLM-x32\...\Avidemux 2.7 - 64 bits (64-bit)) (Version: 2.7.0.170814 - )
Backup and Sync from Google (HKLM\...\{608EBDC6-D18A-4CF6-AD54-EE6B71D29065}) (Version: 3.43.1584.4446 - Google, Inc.)
Bulk Rename Utility 3.0.0.1 (64-bit) (HKLM\...\Bulk Rename Utility Installation_is1) (Version: - TGRMN Software)
Camtasia Studio 8 (HKLM-x32\...\{474DFABF-E55B-4905-ABAA-40791A6AC77F}) (Version: 8.4.4.1859 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CodeBlocks (HKU\S-1-5-21-3207589375-3262497780-921371487-1000\...\CodeBlocks) (Version: 17.12 - The Code::Blocks Team)
CodeBlocks (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\CodeBlocks) (Version: 17.12 - The Code::Blocks Team)
CodeBlocks (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\CodeBlocks) (Version: 17.12 - The Code::Blocks Team)
Counter-Strike 1.6 (HKU\S-1-5-21-3207589375-3262497780-921371487-1000\...\Counter-Strike 1.6) (Version: - )
Counter-Strike 1.6 (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\Counter-Strike 1.6) (Version: - )
Counter-Strike 1.6 (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\Counter-Strike 1.6) (Version: - )
Counter-Strike 1.6 v43g (HKU\S-1-5-21-3207589375-3262497780-921371487-1000\...\Counter-Strike 1.6_is1) (Version: - Valve)
Counter-Strike 1.6 v43g (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\Counter-Strike 1.6_is1) (Version: - Valve)
Counter-Strike 1.6 v43g (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\Counter-Strike 1.6_is1) (Version: - Valve)
Counter-Strike Source v34 by eXpandedCS (HKLM-x32\...\{AF6FC179-862F-4ECE-94CE-E9125128A7BB}}_is1) (Version: v34 by eXpandedCS - eXpandedCS.com)
CrystalDiskInfo 7.7.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.7.0 - Crystal Dew World)
DC Universe Online Live (HKU\S-1-5-21-3207589375-3262497780-921371487-1000\...\DG0-DC Universe Online Live) (Version: - Sony Online Entertainment)
DC Universe Online Live (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\DG0-DC Universe Online Live) (Version: - Sony Online Entertainment)
DC Universe Online Live (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\DG0-DC Universe Online Live) (Version: - Sony Online Entertainment)
DiagnosticsHub_CollectionService (HKLM\...\{E81C8BD9-158A-4E0F-AE0D-8C797C0E8112}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-3207589375-3262497780-921371487-1000\...\Discord) (Version: 0.0.301 - Discord Inc.)
Discord (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\Discord) (Version: 0.0.301 - Discord Inc.)
Discord (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\Discord) (Version: 0.0.301 - Discord Inc.)
EAX Unified (HKLM-x32\...\EAX Unified) (Version: - )
Epic Games Launcher (HKLM-x32\...\{CA3B6D8B-2437-4C7C-84A3-97AF21EDBE20}) (Version: 1.1.144.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.114 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.114 - Etron Technology)
FileZilla Client 3.35.2 (HKLM-x32\...\FileZilla Client) (Version: 3.35.2 - Tim Kosse)
FirestormOS-Releasex64 (HKLM\...\FirestormOS-Releasex64) (Version: 5.0.11.53634 - The Phoenix Firestorm Project, Inc.)
FormatFactory 4.2.5.0 (HKLM-x32\...\FormatFactory) (Version: 4.2.5.0 - Free Time)
Geeks3D FurMark 1.20.0.1 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.0.0.11" - Rockstar Games)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Chicken Invaders: Revenge of the Yolk v3.51 (HKLM-x32\...\Chicken Invaders: Revenge of the Yolk_is1) (Version: - InterAction studios)
icecap_collection_neutral (HKLM-x32\...\{A3B4D258-74E1-49D6-9A86-2DFEFEE48DEC}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{E524832A-C567-499A-8872-0D79596E4DEE}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{7F104712-BE1D-4359-B8EA-8003E9721001}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{99A768BB-C508-44E5-AE78-72ABE55728CF}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
Java 10 (64-bit) (HKLM\...\{E9726856-DB00-5543-B792-70AFD18EA482}) (Version: 10.0.0.0 - Oracle Corporation)
Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java(TM) SE Development Kit 10 (64-bit) (HKLM\...\{564A1AEB-44AC-5E04-A56D-B296D9865A66}) (Version: 10.0.0.0 - Oracle Corporation)
Kits Configuration Installer (HKLM-x32\...\{6F502640-B753-C101-FFA5-B38C3FA5B29A}) (Version: 10.1.17134.12 - Microsoft) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
LibreOffice 5.4.4.2 (HKLM\...\{36E72E7B-9992-4C69-88B1-5E466E4A1386}) (Version: 5.4.4.2 - The Document Foundation)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Macromedia Flash 8 Video Encoder (HKLM-x32\...\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}) (Version: 1.00.0000 - Macromedia)
Macromedia Flash Player 8 (HKLM-x32\...\{885A63EA-382B-4DD4-A755-14809B8557D6}) (Version: 8.0.22.0 - Macromedia)
Macromedia Flash Player 8 Plugin (HKLM-x32\...\{91057632-CA70-413C-B628-2D3CDBBB906B}) (Version: 8.0.22.0 - Macromedia)
Mafia (HKLM-x32\...\1595659240_is1) (Version: 1.3 - GOG.com)
Mafia Compatibility Database (HKLM\...\{481dc351-bab0-4f86-b085-87a5626fe6dc}.sdb) (Version: - )
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Mass Effect (HKLM-x32\...\Mass Effect_is1) (Version: - )
Mass Effect 2 (HKLM-x32\...\Mass Effect 2_is1) (Version: - )
Mass Effect 3 (HKLM-x32\...\Mass Effect 3_is1) (Version: - )
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM\...\{98DD6908-C582-452A-954D-E79E6DF0310A}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM-x32\...\{640EECB8-1962-4D23-ACB2-310107EC7ED9}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.17.1296.827 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 63.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 63.0.3 (x64 en-US)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
MSI Development Tools (HKLM-x32\...\{1E406B46-65F4-91CE-65DA-DB66D5443B68}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
NetBeans IDE 8.2 (HKLM\...\nbi-nb-base-8.2.0.0.201610071157) (Version: 8.2 - NetBeans.org)
Nmap 7.60 (HKLM-x32\...\Nmap) (Version: 7.60 - )
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.4 - Notepad++ Team)
Npcap 0.93 (HKLM-x32\...\NpcapInst) (Version: 0.93 - Nmap Project)
NVIDIA Ovladač HD audia 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{D9559CE2-9C58-F414-43EA-F908FEA13BB8}) (Version: 1.00.0000 - Název společnosti:)
OpenVPN 2.4.6-I602 (HKLM\...\OpenVPN) (Version: 2.4.6-I602 - OpenVPN Technologies, Inc.)
Oracle VM VirtualBox 5.2.6 (HKLM\...\{EA9602E3-0184-45B9-9E15-028776CD7A6E}) (Version: 5.2.6 - Oracle Corporation)
Ovládací panel NVIDIA 399.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 399.07 - NVIDIA Corporation) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Roblox Player for Lukas (HKU\S-1-5-21-3207589375-3262497780-921371487-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Roblox Player for Lukas (HKU\S-1-5-21-3207589375-3262497780-921371487-1000\...\roblox-player) (Version: - Roblox Corporation)
Roblox Player for Lukas (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Roblox Player for Lukas (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\roblox-player) (Version: - Roblox Corporation)
Roblox Player for Lukas (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Roblox Player for Lukas (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\roblox-player) (Version: - Roblox Corporation)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
SDK ARM Additions (HKLM-x32\...\{346B2C02-CC0D-6E09-8B9D-CAA2821473CF}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{825784BB-114D-ADB3-B65F-E1EB2A63C3BC}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
STORMWARE POHODA Start CZ (HKLM-x32\...\{149CB128-BA0D-466E-AB83-AA79026502A0}) (Version: 11901.14 - STORMWARE)
Sublime Text Build 3176 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Super Mario 3 : Mario Forever (HKLM-x32\...\Super Mario 3 : Mario Forever) (Version: - )
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.10 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-3207589375-3262497780-921371487-1000\...\TeamSpeak 3 Client) (Version: 3.1.10 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\TeamSpeak 3 Client) (Version: 3.1.10 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\TeamSpeak 3 Client) (Version: 3.1.10 - TeamSpeak Systems GmbH)
Universal CRT Extension SDK (HKLM-x32\...\{18ABFDF6-23D9-87E6-015E-FFE3C7F153D5}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{0D6B41AF-D117-8944-A059-3F9346A896C5}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{B6273353-8B54-1F89-1A16-5940925104CE}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{BA6F1D53-C3F2-F9D5-80CE-CEF608E36AD3}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{6E43CA0C-046E-4F38-A0A2-3B1BA139B661}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{775886B8-DEE1-CB20-8A94-FC09FA54ECF6}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)
vcpp_crt.redist.clickonce (HKLM-x32\...\{8C49092E-8F56-41A6-87C9-94A6956E990A}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
VeNCrypt 0.2.6 (HKLM-x32\...\{D3FDCF37-1BDF-437A-9D95-5F5DBEE3E865}}_is1) (Version: 0.2.6 - OCCAM Financial Technology)
Visual Studio Community 2017 (HKLM-x32\...\2735d9d9) (Version: 15.8.28010.2016 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{54FBC9A9-CCA1-417E-ACA6-203A32A39F37}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{4B816AD0-D12B-498A-8148-7CBE3ED328DE}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{8B657335-3813-4CF4-A6FE-2AA44BE23F94}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{4C60D242-B039-4DBB-A202-BE55478E8500}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{226CCDB6-96F9-4DE6-9CCC-DB49D0A0A971}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{DC4F558F-90E2-4B9C-8A2B-5DD92EF71F84}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{31312BFA-5D30-4B56-BACB-BFE26CE2E285}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{8EB2C670-04C2-482D-BACD-B4095E27FD39}) (Version: 15.6.27309 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx64 (HKLM\...\{B6BAC9A6-A70D-4E4D-B90A-7EE2B336E090}) (Version: 15.8.27729 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx86 (HKLM-x32\...\{3161DA68-DD37-4798-82DB-B3A0BD6BA233}) (Version: 15.8.27729 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{082DBA20-8C1E-4D4C-85F4-A813283B7849}) (Version: 15.8.28010 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{B8B65A93-F72B-42C2-AE1A-FF440B44BB67}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinAppDeploy (HKLM-x32\...\{5AD4A604-B476-1578-2A20-6B02FC6258BE}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Mobile Connectivity Tools 10.0.15254.0 - Desktop x86 (HKLM-x32\...\{833F02C5-2C39-49F6-BD64-91D351081274}) (Version: 10.1.15254.1 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{E77C2F78-6089-48F8-89DF-DDF2850DFFD9}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.17134.12 (HKLM-x32\...\{5f83ccda-0498-4b97-a298-16a642bf49f2}) (Version: 10.1.17134.12 - Microsoft Corporation)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{389D182F-0ADA-5C7E-FF32-2573A821592C}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{C3776B36-B34E-00E2-3009-95A6F1870B58}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{965D1746-D94A-49B9-2A48-A14914CA3B57}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{84C6B91B-67DA-DDE3-86F1-87A3E307E8C1}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{3755CD99-C62E-3312-DDD3-29A4F259270D}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{729DA966-8590-2C1F-2178-16C1D32FD7FD}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{F1C18506-3168-A9D9-E2D9-D23A512A326E}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{4095D263-6A13-78D3-DEDA-AA3452011F6E}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{C3243E23-2EB6-4419-2692-40944923B112}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinSCP 5.11.3 (HKLM-x32\...\winscp3_is1) (Version: 5.11.3 - Martin Prikryl)
Wireshark 2.4.5 64-bit (HKLM-x32\...\Wireshark) (Version: 2.4.5 - The Wireshark developer community, hxxps://www.wireshark.org)
XAMPP (HKLM-x32\...\xampp) (Version: 7.2.9-0 - Bitnami)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-01-01] ()
ContextMenuHandlers1: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2016-02-04] (Bulk Rename Utility)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft Development Team)
ContextMenuHandlers2-x32: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft Development Team)
ContextMenuHandlers2-x32: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2016-02-04] (Bulk Rename Utility)
ContextMenuHandlers2-x32: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2016-02-04] (Bulk Rename Utility)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-08-21] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12976B00-E0F5-4822-9A7A-1517B3CCE0B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-08] (Google Inc.)
Task: {2C9509C8-38D7-4C42-88BB-32EB85831168} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-10] (Piriform Ltd)
Task: {2D7C6095-E7BD-4444-9CD5-36C29754CED7} - System32\Tasks\DecLukas => C:\Users\Lukas\AppData\Local\Temp\nobypass.exe <==== ATTENTION
Task: {44423C65-E3A6-41B7-8E25-96004E927132} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-07] (Oracle Corporation)
Task: {8391C563-3181-4C4F-B6D7-5F77287E88B0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd)
Task: {AE072E02-A608-431E-B5BC-FE9ADC2A37CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-08] (Google Inc.)
Task: {C3E57929-7871-4AC2-B059-E396961FE1BB} - System32\Tasks\spusti cti.txt => C:\Users\VEŘEJNOST\Desktop\cti.txt [2018-09-04] ()
Task: {EB0F0C21-39A6-40D6-AD87-F1425CC0C265} - System32\Tasks\AdobeAAMUpdater-1.0-Lukas-PC-Lukas => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-04-28] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-12-10 13:50 - 2018-11-15 11:01 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-12-10 13:50 - 2018-11-21 11:07 - 002842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-08-06 09:11 - 2018-08-06 09:11 - 000054440 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2018-10-04 19:44 - 2018-10-04 19:44 - 046459080 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2018-12-10 13:57 - 2018-12-10 13:57 - 000113664 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\_ctypes.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000080896 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\bz2.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 001792512 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\_hashlib.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000128512 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32api.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000137728 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\pywintypes27.dll
2018-12-10 13:57 - 2018-12-10 13:57 - 000548864 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\pythoncom27.dll
2018-12-10 13:57 - 2018-12-10 13:57 - 000689664 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\unicodedata.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000438784 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32com.shell.shell.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 001489408 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\wx._core_.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 001007104 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\wx._gdi_.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 001039872 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\wx._windows_.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 001325056 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\wx._controls_.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000916992 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\wx._misc_.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 001084416 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\pysqlite2._sqlite.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000149504 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32file.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000136192 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32security.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000007680 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\hashobjs_ext.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000020992 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\thumbnails_ext.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000118784 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\usb_ext.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000047616 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\_socket.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 002224640 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\_ssl.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000014848 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\common.time34.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000023040 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32event.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000034304 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\windows.conditional.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000020480 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\windows.winwrap.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000110080 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\windows.volumes.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000223232 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32gui.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000173568 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\_elementtree.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000169472 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\pyexpat.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000048128 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32inet.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000103424 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\wx._html2.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000046080 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\_psutil_windows.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000633272 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\windows._cacheinvalidation.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000011776 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32crypt.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000301568 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\PIL._imaging.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000032256 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\_multiprocessing.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 005752320 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\cello.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000026112 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\_yappi.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000044032 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32process.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000027648 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32pipe.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000010752 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\select.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000029696 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32pdh.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000038400 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\windows.connectivity.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000073216 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\windows.device_monitor.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000020480 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32profile.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000026624 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32ts.pyd
2018-11-28 15:51 - 2018-11-16 06:43 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libglesv2.dll
2018-11-28 15:51 - 2018-11-16 06:43 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2018-12-07 10:47 - 000000488 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 activation.cloud.techsmith.com
127.0.0.1 oscount.techsmith.com
127.0.0.1 updater.techsmith.com
127.0.0.1 camtasiatudi.techsmith.com
127.0.0.1 tsccloud.cloudapp.net
127.0.0.1 assets.cloud.techsmith.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3207589375-3262497780-921371487-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\Control Panel\Desktop\\Wallpaper -> C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\Control Panel\Desktop\\Wallpaper -> C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3207589375-3262497780-921371487-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141830166\Control Panel\Desktop\\Wallpaper -> C:\Users\VEŘEJNOST\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3207589375-3262497780-921371487-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143517525\Control Panel\Desktop\\Wallpaper -> C:\Users\VEŘEJNOST\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.88.1 - 185.162.24.54
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Run VeNCrypt Listening Viewer.lnk => C:\Windows\pss\Run VeNCrypt Listening Viewer.lnk.CommonStartup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: EpicGamesLauncher => "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: OPENVPN-GUI => C:\Program Files\OpenVPN\bin\openvpn-gui.exe
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{7D08A41C-FE11-4444-BF61-65CE7AE0CB98}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E9ACA8C9-2C1C-4671-A0F1-7886FC1DC779}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1E7F85AF-176A-4237-8A2D-9E145B0B3417}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{275F9784-4789-4172-B601-4A79945B744D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{DCC19108-B4F8-4AA9-B4E8-7EED9FAEB080}C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{4D957E3A-072B-47E5-869D-7B32060C8AE7}C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [{070B2313-EA33-4DF0-B458-42859D2852E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{C7051CA5-B229-47CE-8ABA-94574123C8AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{CB25E593-0F1B-4E28-AA65-933A2A4A2AE0}] => (Allow) C:\Users\Lukas\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{6775CF16-E620-4714-9656-7C5194E34F06}] => (Allow) C:\Users\Lukas\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [TCP Query User{F054BA8F-FFDB-412B-8526-E76449F199B1}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [UDP Query User{D6AFD76D-8A69-4C38-9129-8BB7E21C1687}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [TCP Query User{CB7EF4E9-F3FE-4B26-A752-DF8B0A32860A}C:\program files\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [UDP Query User{11017E5A-5B88-4AFE-B366-42DD2F3C766B}C:\program files\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [TCP Query User{4E6C8030-42B1-46F0-86C4-F3C92D35FD55}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{F7F296A6-B476-486E-99BD-5928DF8BF473}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{F955AF51-83BB-4863-AA26-3C6DC1F014B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{52EF02A6-F9D5-42B9-83E9-95988130C13E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{14CDF807-5A3A-407A-9241-557E1E45F6FA}C:\counter-strike\hl.exe] => (Allow) C:\counter-strike\hl.exe
FirewallRules: [UDP Query User{579F899F-7DC9-4CE5-8538-2D619F016833}C:\counter-strike\hl.exe] => (Allow) C:\counter-strike\hl.exe
FirewallRules: [TCP Query User{13E1A2AC-B62A-4A78-8FDD-45B0849184AD}C:\program files (x86)\vencrypt-0.2.6\vencviewer.exe] => (Block) C:\program files (x86)\vencrypt-0.2.6\vencviewer.exe
FirewallRules: [UDP Query User{1A8CB319-03CF-4A1A-83F0-2717700FFC91}C:\program files (x86)\vencrypt-0.2.6\vencviewer.exe] => (Block) C:\program files (x86)\vencrypt-0.2.6\vencviewer.exe
FirewallRules: [{F219E474-E35A-439A-88D5-1DBA71B0848A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{168121F3-7EA1-41AD-80F9-9F8F0873B36D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{110F69AB-58F7-47F6-9729-68D619C25F23}C:\program files (x86)\chickeninvadersroty\ci3.exe] => (Allow) C:\program files (x86)\chickeninvadersroty\ci3.exe
FirewallRules: [UDP Query User{CE0FDDF4-B290-463C-8879-3018FD04EF73}C:\program files (x86)\chickeninvadersroty\ci3.exe] => (Allow) C:\program files (x86)\chickeninvadersroty\ci3.exe
FirewallRules: [TCP Query User{EEE39ACC-D0A2-44F8-A487-91BDB9EE046D}C:\program files (x86)\nmap\nmap.exe] => (Allow) C:\program files (x86)\nmap\nmap.exe
FirewallRules: [UDP Query User{F7607DAE-B945-430D-A4CB-346B11EF2575}C:\program files (x86)\nmap\nmap.exe] => (Allow) C:\program files (x86)\nmap\nmap.exe
FirewallRules: [TCP Query User{6ABFD96B-2D5B-4A71-8C59-59DC0E5BAC36}C:\users\lukas\counter-strike 1.6\hl.exe] => (Allow) C:\users\lukas\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{41520519-04E9-4426-B91D-E6DA79F0576C}C:\users\lukas\counter-strike 1.6\hl.exe] => (Allow) C:\users\lukas\counter-strike 1.6\hl.exe
FirewallRules: [{3FDEFE4A-F158-4694-8DC3-BAA5205EAE57}] => (Allow) LPort=8317
FirewallRules: [{C993BE8E-90BA-4417-9F77-3A8ADF74F5A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\H1Z1_BE.exe
FirewallRules: [{82D3A5BE-C9F4-4053-BDDC-DD78F07813F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\H1Z1_BE.exe
FirewallRules: [TCP Query User{17685A4A-0E1F-468A-AE53-67A1C3C307CD}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{8011219E-3A96-4AF5-971F-73BE88B3D1CB}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{286BA6E4-0462-4F2C-A66A-5DAA5F42B272}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{865DF2D0-9DD5-489D-9A9F-8AF333E40F52}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{831F78C2-A320-40BE-AC24-2B6F536FCCAD}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{DAAE2BD2-93E3-4CDD-8235-3486D3E0829E}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{7B281794-FCF6-4FCA-A8C9-98D04EDEFAD4}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{C3572AFB-0FAA-435A-9FFE-F1ABCBCC6825}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{36D69DC6-6956-41D7-8197-CCD90D205C6D}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{FA8396B2-9251-4B19-863D-03B69CC42C96}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{8AED3002-3547-453A-BC86-6DD2706DF2E8}] => (Block) %ProgramFiles%\Adobe\Adobe After Effects CC 2015\Support Files\AfterFX.exe
FirewallRules: [TCP Query User{9331734D-6E90-491E-9512-E3AD22117B62}C:\users\lukas\desktop\temp srv\ts3server.exe] => (Allow) C:\users\lukas\desktop\temp srv\ts3server.exe
FirewallRules: [UDP Query User{0AB62A0B-C9A6-4AFF-83C2-04C52FC0341D}C:\users\lukas\desktop\temp srv\ts3server.exe] => (Allow) C:\users\lukas\desktop\temp srv\ts3server.exe
FirewallRules: [{CCB65902-921C-48AF-8269-D5C8BBFFC97E}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{AFAADAFA-29F3-4850-9863-875E72860ED4}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [TCP Query User{212F2C11-355D-418E-86B8-48A7BBAF94BB}C:\program files\java\jdk-10\bin\jmc.exe] => (Allow) C:\program files\java\jdk-10\bin\jmc.exe
FirewallRules: [UDP Query User{033C4517-D593-47CA-B62E-6C479D1EA8B0}C:\program files\java\jdk-10\bin\jmc.exe] => (Allow) C:\program files\java\jdk-10\bin\jmc.exe
FirewallRules: [TCP Query User{3A174430-615E-4C70-842C-4D23C1A6E82A}C:\games\diablo ii\game.exe] => (Allow) C:\games\diablo ii\game.exe
FirewallRules: [UDP Query User{B562FC6E-F274-405E-9509-374E5DE13D67}C:\games\diablo ii\game.exe] => (Allow) C:\games\diablo ii\game.exe
FirewallRules: [TCP Query User{1DBA58DE-32D7-4955-B2FA-0B67C6C24C80}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe
FirewallRules: [UDP Query User{7363A53C-37B7-4EF2-AEE6-D28F7992D620}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe
FirewallRules: [TCP Query User{2D70DBE8-7085-414F-8C75-40E60312B05E}C:\program files\firestormos-releasex64\slvoice.exe] => (Allow) C:\program files\firestormos-releasex64\slvoice.exe
FirewallRules: [UDP Query User{AD1CC4B0-2FF4-49CB-A772-BC5064865A34}C:\program files\firestormos-releasex64\slvoice.exe] => (Allow) C:\program files\firestormos-releasex64\slvoice.exe
FirewallRules: [TCP Query User{CB21F66C-7919-4E41-ADB0-33E53492236C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [UDP Query User{8834B20A-FE7C-4024-85CB-E2FD20135BED}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [{AEB8F3D9-6E93-46E9-AD14-73BD3265B380}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{91D7A36B-33C1-41CB-B42C-64E339BE79CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{F1B829E0-F124-41B6-9AA1-17F71F694263}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{52221CD6-C2B1-4483-8C20-01F22EA53837}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [TCP Query User{753EAAE9-32F8-42ED-A05D-3ACB3423EF84}C:\users\lukas\downloads\flatout2\flatout2.exe] => (Block) C:\users\lukas\downloads\flatout2\flatout2.exe
FirewallRules: [UDP Query User{2E3233AC-6FEF-4866-A636-D24E980B7620}C:\users\lukas\downloads\flatout2\flatout2.exe] => (Block) C:\users\lukas\downloads\flatout2\flatout2.exe
FirewallRules: [TCP Query User{B173B3E6-DC20-4132-93B4-0152665A8CD5}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe
FirewallRules: [UDP Query User{9AD26DC2-1E04-47E2-B158-2995509BBB63}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe
FirewallRules: [TCP Query User{1E32D277-19A5-455F-85A0-600D54C161F3}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [UDP Query User{57EC07E6-27C0-46AA-BE18-FBD297284F15}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [TCP Query User{03E457AF-3997-495B-BF61-BC38A016EF07}C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe
FirewallRules: [UDP Query User{25855364-2036-4835-9551-477FEF001F66}C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe
FirewallRules: [{1E69C33A-D21D-46D4-B68B-E8F3B63C918F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe
FirewallRules: [{3B03DA3F-67BA-4535-AA5D-6D569C5221AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe
FirewallRules: [TCP Query User{A8EF2686-9763-4710-8838-302FB18412FC}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe
FirewallRules: [UDP Query User{BEDE4A59-E692-44FC-9E01-C99C6005442F}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe
FirewallRules: [TCP Query User{F2EFDC75-DDE8-4BD6-9233-F379073D0744}C:\users\veřejnost\appdata\local\temp\rar$exa0.207\utorrent.exe] => (Block) C:\users\veřejnost\appdata\local\temp\rar$exa0.207\utorrent.exe
FirewallRules: [UDP Query User{7B40A566-DC03-45CF-8832-701963E484EE}C:\users\veřejnost\appdata\local\temp\rar$exa0.207\utorrent.exe] => (Block) C:\users\veřejnost\appdata\local\temp\rar$exa0.207\utorrent.exe
FirewallRules: [{637B2E4B-F2A2-41AF-AACC-D604FE345326}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{41DEB775-7706-42E3-B543-38CB4C162AAB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [TCP Query User{EFBE60E2-40FD-43F0-8E77-183CC57A3216}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{F24CAF11-FE82-4EBC-9C37-ECD0980ECD60}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{BB201F44-17C7-4052-A434-28BC34368459}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{691BB679-7D2B-4C25-B253-DB28F8E47C66}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{C1044EE5-435A-499B-AD9E-13756D4FD825}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{4CE0FA38-DFC1-467D-A937-37F473CA8C06}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{D3A373D2-385A-45EB-801A-914AFCAFFD93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe
FirewallRules: [{038B83E0-D6A5-489C-B9F9-E8E52E7D6137}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe
FirewallRules: [TCP Query User{F331BCB2-D915-4511-B9AB-19EAD44B7700}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{30C4032C-990C-4B8C-892A-9CBD573CF63D}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe
FirewallRules: [{67E67CA8-F3CD-4785-A43F-47AFE2849F2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DC Universe Online\LaunchPad.exe
FirewallRules: [{462BAA90-A8D0-4700-A5B6-EFA5FF199434}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DC Universe Online\LaunchPad.exe
FirewallRules: [{967E61DA-BA80-4C4E-A611-8974AB1EE572}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{8BF9A505-E6BC-4389-9C2B-6BC4149578C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [TCP Query User{6F3B0D27-33FB-4E91-8DF3-9E3D4DC8EB5D}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe
FirewallRules: [UDP Query User{9EE5433D-3F62-45B8-96B9-A08632171366}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe
FirewallRules: [TCP Query User{3DFE69E4-EB2C-4467-A667-8462282FF94E}C:\program files (x86)\css v34 expandedcs\hl2.exe] => (Allow) C:\program files (x86)\css v34 expandedcs\hl2.exe
FirewallRules: [UDP Query User{6B5319A6-9624-4650-81B8-617C444A1672}C:\program files (x86)\css v34 expandedcs\hl2.exe] => (Allow) C:\program files (x86)\css v34 expandedcs\hl2.exe
FirewallRules: [TCP Query User{420D8311-3369-4CD3-AEEE-D851A6066130}C:\program files (x86)\mass effect 2\binaries\masseffect2.exe] => (Block) C:\program files (x86)\mass effect 2\binaries\masseffect2.exe
FirewallRules: [UDP Query User{C13397D7-7419-4333-9A7E-681D458A9C6D}C:\program files (x86)\mass effect 2\binaries\masseffect2.exe] => (Block) C:\program files (x86)\mass effect 2\binaries\masseffect2.exe
FirewallRules: [{80FC6129-301D-491C-8688-AB0DE06FF640}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2C177123-B417-426E-83BC-77174AFA0B81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{79C08B65-13CE-4C75-984A-CFDE81FE0A28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{93867405-07F8-4AB6-9C2F-6C4302350B13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ring of Elysium\SLauncher.exe
FirewallRules: [{EB2B6862-A3CF-4733-ACED-25EB49230D53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ring of Elysium\SLauncher.exe
FirewallRules: [TCP Query User{7649C137-FE71-4F2C-BADA-79982B1C51A4}C:\program files (x86)\mass effect 3\binaries\win32\masseffect3.exe] => (Allow) C:\program files (x86)\mass effect 3\binaries\win32\masseffect3.exe
FirewallRules: [UDP Query User{12C02448-58F6-4FE8-9944-28A154E85DB8}C:\program files (x86)\mass effect 3\binaries\win32\masseffect3.exe] => (Allow) C:\program files (x86)\mass effect 3\binaries\win32\masseffect3.exe
FirewallRules: [{BEA15655-36ED-4D00-9F73-C79F2B42FFC3}] => (Block) %USERPROFILE%\Desktop\K roztrideni\ts3 starsi\ts3client_win64.exe

==================== Restore Points =========================

06-12-2018 00:01:00 Restore Point Created by FRST
06-12-2018 20:00:19 JRT Pre-Junkware Removal
06-12-2018 20:05:46 Installed Sophos Virus Removal Tool.
06-12-2018 23:21:01 Removed Sophos Virus Removal Tool.
08-12-2018 02:41:43 Removed Autorun Organizer
08-12-2018 03:40:48 Microsoft Antimalware Checkpoint
08-12-2018 10:25:04 Removed Autorun Organizer
08-12-2018 10:33:33 Windows Update
09-12-2018 17:32:27 Microsoft Antimalware Checkpoint

==================== Faulty Device Manager Devices =============

Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/09/2018 05:32:27 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {dbb72ce0-8c75-4832-9b02-87a7bdd09e8e}

Error: (12/08/2018 11:30:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program steamwebhelper.exe verze 4.83.53.91 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: c80

Čas spuštění: 01d48edfd849c94c

Čas ukončení: 9

Cesta k aplikaci: C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

ID hlášení: 3bb4ef7b-fad4-11e8-a016-d050997efc59

Error: (12/08/2018 11:29:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program csgo.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1738

Čas spuštění: 01d48ee012da4062

Čas ukončení: 100

Cesta k aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

ID hlášení: 3576f195-fad4-11e8-a016-d050997efc59

Error: (12/08/2018 11:29:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Steam.exe verze 4.83.53.91 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 694

Čas spuštění: 01d48edfd7cd6b89

Čas ukončení: 88

Cesta k aplikaci: C:\Program Files (x86)\Steam\Steam.exe

ID hlášení: 22404c00-fad4-11e8-a016-d050997efc59

Error: (12/08/2018 02:45:37 AM) (Source: MsiInstaller) (EventID: 11721) (User: Lukas-PC)
Description: Product: Autorun Organizer -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: AutorunOrganizer.exe, location: C:\Program Files (x86)\Autorun Organizer\AutorunOrganizer.exe, command:

Error: (12/06/2018 11:31:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Uninstaller-6056.exe, verze: 1.0.3.159, časové razítko: 0x4f07bdef
Název chybujícího modulu: Uninstaller-6056.exe, verze: 1.0.3.159, časové razítko: 0x4f07bdef
Kód výjimky: 0x40000015
Posun chyby: 0x0002dd8f
ID chybujícího procesu: 0xd18
Čas spuštění chybující aplikace: 0x01d48db2fbd12061
Cesta k chybující aplikaci: C:\Users\Lukas\AppData\Local\Temp\Uninstaller-6056.exe
Cesta k chybujícímu modulu: C:\Users\Lukas\AppData\Local\Temp\Uninstaller-6056.exe
ID zprávy: 9d23bb58-f9a6-11e8-be03-d050997efc59

Error: (12/06/2018 11:21:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary 30273018.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (12/06/2018 11:21:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary 9681803drv.

System Error:
Systém nemůže nalézt uvedený soubor.
.


System errors:
=============
Error: (12/10/2018 01:47:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (12/10/2018 01:47:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (12/10/2018 01:47:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (12/10/2018 01:47:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba StarWind AE Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/10/2018 01:47:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba VeNCrypt byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/10/2018 01:38:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (12/06/2018 11:21:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ZAM Controller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/06/2018 08:00:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2018-03-10 17:49:24.080
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{114DD013-CE6D-4A0E-86C4-DDBAF162FF38}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:Lukas-PC\Lukas

CodeIntegrity:
===================================

Date: 2018-04-25 23:57:53.022
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: AMD Athlon(tm) X4 860K Quad Core Processor
Percentage of memory in use: 44%
Total physical RAM: 8127.3 MB
Available physical RAM: 4543.59 MB
Total Virtual: 16252.78 MB
Available Virtual: 11836.02 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:222.01 GB) NTFS

\\?\Volume{131f1b9f-f4bc-11e7-ac6f-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: FD779FBC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Přílohy
malwarebytes_log.zip
(1.3 KiB) Staženo 66 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Využití procesoru obrovské, bitcoin miner

#2 Příspěvek od Rudy »

Zdravím!
Nálezy MBAM smažte. Dále spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Storno
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 03 pro 2018 15:18

Re: Využití procesoru obrovské, bitcoin miner

#3 Příspěvek od Storno »

//EDIT: Provedl jsem a stále je využití procesoru 50-90% při nic nedělání

# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build: 11-26-2018
# Database: 2018-12-07.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-10-2018
# Duration: 00:00:31
# OS: Windows 7 Professional
# Scanned: 32299
# Detected: 51


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Adware.OnlineIO C:\Program Files (x86)\Microleaves
Adware.OnlineIO C:\Users\Lukas\AppData\Roaming\Microleaves
PUP.Optional.OnlineIO C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}

***** [ Files ] *****

PUP.Optional.OnlineIO C:\Windows\Installer\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

Adware.OnlineIO C:\Windows\Tasks\Online Application V2G5.job
Adware.OnlineIO C:\Windows\System32\Tasks\Online Application V2G5
Adware.OnlineIO C:\Windows\Tasks\Online Application V2G4.job
Adware.OnlineIO C:\Windows\System32\Tasks\Online Application V2G4
Adware.OnlineIO C:\Windows\Tasks\Online Application V2G6.job
Adware.OnlineIO C:\Windows\System32\Tasks\Online Application V2G6
PUP.Optional.Legacy C:\Windows\Tasks\Online Application V2G2.job
PUP.Optional.Legacy C:\Windows\System32\Tasks\Online Application V2G2
PUP.Optional.Legacy C:\Windows\Tasks\Online Application V2G3.job
PUP.Optional.Legacy C:\Windows\System32\Tasks\Online Application V2G3
PUP.Optional.Legacy C:\Windows\Tasks\Online Application V2G1.job
PUP.Optional.Legacy C:\Windows\System32\Tasks\Online Application V2G1
PUP.Optional.Microleaves C:\Windows\Tasks\Updater_Online_Application.job
PUP.Optional.Microleaves C:\Windows\System32\Tasks\Updater_Online_Application

***** [ Registry ] *****

Adware.ICLoader HKLM\Software\MICROSOFT\TechnologyDesktopnew
Adware.ICLoader HKLM\SOFTWARE\MICROSOFT\Speedycar
Adware.OnlineIO HKLM\Software\Wow6432Node\Microleaves
Adware.OnlineIO HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{79153E0E-AB9D-44E5-BA0F-F1F846C603CE}
Adware.OnlineIO HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79153E0E-AB9D-44E5-BA0F-F1F846C603CE}
Adware.OnlineIO HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G5
Adware.OnlineIO HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4277DFC8-6EDA-4EA8-9397-D7AD086954B5}
Adware.OnlineIO HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4277DFC8-6EDA-4EA8-9397-D7AD086954B5}
Adware.OnlineIO HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G4
Adware.OnlineIO HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F5537A4F-AE4B-4FBA-9FEE-98D81B45D124}
Adware.OnlineIO HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5537A4F-AE4B-4FBA-9FEE-98D81B45D124}
Adware.OnlineIO HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G6
PUP.Optional.BitCoinMiner HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EEAAB56F-9AE0-4636-B26B-93CF254C4CC7}
PUP.Optional.BitCoinMiner HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEAAB56F-9AE0-4636-B26B-93CF254C4CC7}
PUP.Optional.BitCoinMiner HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\System\SystemCheck
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{085DCDEE-B80C-4B95-93DF-7F0669FF8CC1}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{085DCDEE-B80C-4B95-93DF-7F0669FF8CC1}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G2
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89A36500-9AD4-46A4-8C05-FF47396D84DA}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89A36500-9AD4-46A4-8C05-FF47396D84DA}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G3
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7DDB3F7A-6C76-4AE1-BBA9-3B0F421639EA}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DDB3F7A-6C76-4AE1-BBA9-3B0F421639EA}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G1
PUP.Optional.Microleaves HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
PUP.Optional.Microleaves HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
PUP.Optional.Microleaves HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
PUP.Optional.Microleaves HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A
PUP.Optional.Microleaves HKLM\Software\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A
PUP.Optional.Microleaves HKLM\Software\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A
PUP.Optional.Microleaves HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A7B3246-C9AF-44D9-9854-4EBBE6473F81}
PUP.Optional.Microleaves HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A7B3246-C9AF-44D9-9854-4EBBE6473F81}
PUP.Optional.Microleaves HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Updater_Online_Application

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build: 11-26-2018
# Database: 2018-12-07.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-10-2018
# Duration: 00:00:03
# OS: Windows 7 Professional
# Cleaned: 51
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Microleaves
Deleted C:\Users\Lukas\AppData\Roaming\Microleaves
Deleted C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}

***** [ Files ] *****

Deleted C:\Windows\Installer\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\Tasks\Online Application V2G5.job
Deleted C:\Windows\System32\Tasks\Online Application V2G5
Deleted C:\Windows\Tasks\Online Application V2G4.job
Deleted C:\Windows\System32\Tasks\Online Application V2G4
Deleted C:\Windows\Tasks\Online Application V2G6.job
Deleted C:\Windows\System32\Tasks\Online Application V2G6
Deleted C:\Windows\Tasks\Online Application V2G2.job
Deleted C:\Windows\System32\Tasks\Online Application V2G2
Deleted C:\Windows\Tasks\Online Application V2G3.job
Deleted C:\Windows\System32\Tasks\Online Application V2G3
Deleted C:\Windows\Tasks\Online Application V2G1.job
Deleted C:\Windows\System32\Tasks\Online Application V2G1
Deleted C:\Windows\Tasks\Updater_Online_Application.job
Deleted C:\Windows\System32\Tasks\Updater_Online_Application

***** [ Registry ] *****

Deleted HKLM\Software\MICROSOFT\TechnologyDesktopnew
Deleted HKLM\SOFTWARE\MICROSOFT\Speedycar
Deleted HKLM\Software\Wow6432Node\Microleaves
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{79153E0E-AB9D-44E5-BA0F-F1F846C603CE}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79153E0E-AB9D-44E5-BA0F-F1F846C603CE}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G5
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4277DFC8-6EDA-4EA8-9397-D7AD086954B5}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4277DFC8-6EDA-4EA8-9397-D7AD086954B5}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G4
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F5537A4F-AE4B-4FBA-9FEE-98D81B45D124}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5537A4F-AE4B-4FBA-9FEE-98D81B45D124}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G6
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EEAAB56F-9AE0-4636-B26B-93CF254C4CC7}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEAAB56F-9AE0-4636-B26B-93CF254C4CC7}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\System\SystemCheck
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{085DCDEE-B80C-4B95-93DF-7F0669FF8CC1}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{085DCDEE-B80C-4B95-93DF-7F0669FF8CC1}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G2
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89A36500-9AD4-46A4-8C05-FF47396D84DA}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89A36500-9AD4-46A4-8C05-FF47396D84DA}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G3
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7DDB3F7A-6C76-4AE1-BBA9-3B0F421639EA}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DDB3F7A-6C76-4AE1-BBA9-3B0F421639EA}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G1
Deleted HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
Deleted HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\Software\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\Software\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A7B3246-C9AF-44D9-9854-4EBBE6473F81}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A7B3246-C9AF-44D9-9854-4EBBE6473F81}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Updater_Online_Application

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6967 octets] - [10/12/2018 13:46:56]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Využití procesoru obrovské, bitcoin miner

#4 Příspěvek od Rudy »

Dejte nové logy FRST+Adiition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Storno
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 03 pro 2018 15:18

Re: Využití procesoru obrovské, bitcoin miner

#5 Příspěvek od Storno »

Jo a problémy jsem zaznamenal od doby, co se mi v nainstalovaných programech (programy a funkce) objevil "Autorun Organizer", který při odinstalaci chce instalovat další pochybné programy.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.12.2018
Ran by Lukas (administrator) on LUKAS-PC (10-12-2018 16:11:06)
Running from C:\Users\Lukas\Desktop\K roztrideni\Downloads\FRST-OlderVersion
Loaded Profiles: Lukas & (Available Profiles: Lukas & VEŘEJNOST)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(OCCAM Financial Technology) C:\Program Files (x86)\VeNCrypt-0.2.6\vencserver.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3207589375-3262497780-921371487-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46459080 2018-10-04] ()
HKU\S-1-5-21-3207589375-3262497780-921371487-1000\...\Run: [syscheck] => C:\Users\Lukas\AppData\Local\Temp\nobypass.exe <==== ATTENTION
HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46459080 2018-10-04] ()
HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\Run: [syscheck] => C:\Users\Lukas\AppData\Local\Temp\nobypass.exe <==== ATTENTION
HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46459080 2018-10-04] ()
HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\Run: [syscheck] => C:\Users\Lukas\AppData\Local\Temp\nobypass.exe <==== ATTENTION
HKU\S-1-5-21-3207589375-3262497780-921371487-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141830166\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-3207589375-3262497780-921371487-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141830166\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [672384 2018-04-26] ()
HKU\S-1-5-21-3207589375-3262497780-921371487-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143517525\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-3207589375-3262497780-921371487-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143517525\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [672384 2018-04-26] ()
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 185.162.24.54 185.163.180.102
Tcpip\..\Interfaces\{9C5D476D-B234-49E9-8BF7-24F55AC1883D}: [DhcpNameServer] 192.168.88.1 185.162.24.54 185.163.180.102

Internet Explorer:
==================
HKU\S-1-5-21-3207589375-3262497780-921371487-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141830166\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3207589375-3262497780-921371487-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143517525\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10\bin\jp2ssv.dll [2018-03-22] (Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2018-01-09] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2018-01-09] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2018-01-09] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2018-01-09] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\BijHuiyZ.default [2018-12-09]
FF Extension: (Vývojové sestavení Adblock Plus) - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\BijHuiyZ.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-12-09]
FF Plugin: @java.com/DTPlugin,version=13.0.0 -> C:\Program Files\Java\jre-10\bin\dtplugin\npDeployJava1.dll [2018-03-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.0.0 -> C:\Program Files\Java\jre-10\bin\plugin2\npjp2.dll [2018-03-22] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default [2018-12-10]
CHR Extension: (Disk Google) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-06]
CHR Extension: (AdBlock) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-06]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-12-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-06]
CHR Extension: (Chrome Media Router) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-06]
CHR Profile: C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\System Profile [2018-12-08]
CHR HKU\S-1-5-21-3207589375-3262497780-921371487-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Lukas\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2018-12-06]
CHR HKU\S-1-5-21-3207589375-3262497780-921371487-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Lukas\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2018-12-06]
CHR HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Lukas\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2018-12-06]
CHR HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7252656 2018-11-30] ()
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2018-09-18] (EasyAntiCheat Ltd)
S2 hkzjeotg; C:\Windows\SysWOW64\hkzjeotg\kagzaiyh.exe [0 ] () <==== ATTENTION (zero byte File/Folder)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] ( )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-04-26] (The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-04-26] (The OpenVPN Project)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-19] (Realtek Semiconductor)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 VeNCrypt; C:\Program Files (x86)\VeNCrypt-0.2.6\vencserver.exe [886312 2006-12-11] (OCCAM Financial Technology)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [157480 2018-06-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2018-01-09] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-12-04] (Malwarebytes)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros Co., Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2018-12-10] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [126624 2018-12-10] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [72536 2018-12-10] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [261032 2018-12-10] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [103760 2018-12-10] (Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 npcap; C:\Windows\System32\DRIVERS\npcap.sys [72400 2017-07-27] (Insecure.Com LLC.)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2017-12-16] (NVIDIA Corporation)
S3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-12-16] (NVIDIA Corporation)
S3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [35664 2018-01-12] (The OpenVPN Project)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2018-10-04] () [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [393880 2018-10-04] (Duplex Secure Ltd.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Windows (R) Win 7 DDK provider)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [200832 2018-01-15] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [211704 2018-01-15] (Oracle Corporation)
U3 adx8fbsu; C:\Windows\System32\Drivers\adx8fbsu.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error(1) reading file: "C:\Users\Lukas\Downloads\Dokumentace TS3 ver 3.0.11.3 "
2018-12-10 15:42 - 2018-12-10 15:43 - 007684768 _____ (Tim Kosse) C:\Users\Lukas\Downloads\FileZilla_3.39.0_win64-setup.exe
2018-12-10 15:14 - 2018-12-10 15:14 - 007321808 _____ (Malwarebytes) C:\Users\Lukas\Desktop\adwcleaner_7.2.5.0.exe
2018-12-10 14:56 - 2018-12-10 16:11 - 000000000 ____D C:\FRST
2018-12-10 13:57 - 2018-12-10 16:02 - 000103760 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-12-10 13:57 - 2018-12-10 13:57 - 000126624 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-12-10 13:57 - 2018-12-10 13:57 - 000072536 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-12-10 13:51 - 2018-12-10 13:51 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-12-10 13:50 - 2018-12-10 13:50 - 000261032 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-12-10 13:50 - 2018-12-10 13:50 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-12-10 13:50 - 2018-12-10 13:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-12-10 13:50 - 2018-12-10 13:50 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-12-10 13:50 - 2018-12-10 13:50 - 000000000 ____D C:\Program Files\Malwarebytes
2018-12-10 13:50 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-12-10 13:45 - 2018-12-10 13:47 - 000000000 ____D C:\AdwCleaner
2018-12-10 12:52 - 2018-12-10 12:52 - 000000000 ____D C:\Windows\SysWOW64\hkzjeotg
2018-12-09 17:31 - 2018-12-09 17:31 - 000003474 _____ C:\Windows\System32\Tasks\DecLukas
2018-12-09 17:31 - 2018-12-09 17:31 - 000000000 ____D C:\Users\Lukas\AppData\Local\svchost
2018-12-09 17:31 - 2018-12-09 17:31 - 000000000 _____ C:\ProgramData\0
2018-12-09 14:14 - 2018-12-09 14:14 - 000000000 ____D C:\steam foiti
2018-12-09 03:46 - 2018-12-10 13:55 - 000000000 ____D C:\Users\Lukas\Desktop\csfd bany
2018-12-09 03:14 - 2018-12-09 03:14 - 000000759 _____ C:\DelFix.txt
2018-12-09 02:54 - 2018-12-10 13:56 - 000000000 __SHD C:\ProgramData\hafyaffv
2018-12-08 10:22 - 2018-12-08 10:22 - 000000270 __RSH C:\Users\Lukas\ntuser.pol
2018-12-08 03:46 - 2018-12-08 03:46 - 000000000 ____D C:\Program Files (x86)\StreamBB
2018-12-08 03:45 - 2018-12-08 03:45 - 000003564 __RSH C:\ProgramData\ntuser.pol
2018-12-08 03:41 - 2018-12-10 13:57 - 000000000 ____D C:\ProgramData\Blogger
2018-12-08 03:39 - 2018-12-10 14:11 - 000000000 ____D C:\Windows\System32\Tasks\System
2018-12-08 03:39 - 2018-12-10 14:08 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\1337
2018-12-08 03:39 - 2018-12-08 03:46 - 000000000 __SHD C:\ProgramData\{51469235-5146-5146-514692352212}
2018-12-08 03:37 - 2018-12-08 03:38 - 000000000 ____D C:\ProgramData\LODA
2018-12-08 02:40 - 2018-12-10 14:11 - 000000000 ____D C:\Program Files (x86)\Autorun Organizer
2018-12-08 02:40 - 2018-12-08 02:41 - 000000000 ____D C:\Users\Lukas\AppData\Local\ChemTable Software
2018-12-08 02:40 - 2018-12-08 02:40 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\ChemTable Software
2018-12-06 23:29 - 2018-12-06 23:29 - 000000000 ____D C:\Users\Lukas\AppData\LocalLow\Sony Online Entertainment
2018-12-06 23:18 - 2018-12-06 23:18 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-12-06 22:28 - 2018-12-07 10:07 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2018-12-06 22:28 - 2018-12-06 23:36 - 000036026 _____ C:\Windows\ZAM_Guard.krnl.trace
2018-12-06 22:28 - 2018-12-06 23:21 - 000293980 _____ C:\Windows\ZAM.krnl.trace
2018-12-06 22:28 - 2018-12-06 22:28 - 000000000 ____D C:\Users\Lukas\AppData\Local\Zemana
2018-12-06 21:47 - 2018-12-06 22:27 - 000000000 ____D C:\ProgramData\RogueKiller
2018-12-06 18:58 - 2018-12-06 19:45 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2018-12-06 14:08 - 2018-12-06 14:08 - 000000000 ____D C:\Users\Lukas\AppData\Local\mbam
2018-12-06 14:07 - 2018-12-06 14:07 - 000000000 ____D C:\Users\Lukas\AppData\Local\mbamtray
2018-12-06 13:03 - 2018-12-10 14:50 - 000000000 ____D C:\Users\Lukas\Desktop\Security
2018-12-06 12:35 - 2018-12-06 12:35 - 000000000 ____D C:\Users\Lukas\Desktop\HDtune vysledky
2018-12-06 12:25 - 2018-12-06 12:25 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\HD Tune Pro
2018-12-04 17:42 - 2018-12-04 17:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
2018-12-04 17:42 - 2018-12-04 17:42 - 000000000 ____D C:\Program Files (x86)\Geeks3D
2018-12-03 16:15 - 2018-12-03 16:16 - 000000453 _____ C:\Users\Lukas\Desktop\kostra.txt
2018-12-02 21:22 - 2018-12-02 21:43 - 000000000 ____D C:\Program Files (x86)\Mass Effect 3
2018-12-01 20:58 - 2018-12-01 20:58 - 000000000 ____D C:\Windows\Minidump
2018-12-01 12:06 - 2018-12-01 12:11 - 000000000 ____D C:\Users\Lukas\Documents\Arma 3
2018-11-27 21:10 - 2018-11-27 21:12 - 000000000 ____D C:\Users\Lukas\Desktop\otec ted
2018-11-22 04:47 - 2018-11-22 04:47 - 000000316 _____ C:\Users\Lukas\Documents\ax_files.xml
2018-11-22 03:26 - 2018-11-22 04:41 - 000000000 ____D C:\Program Files (x86)\Mass Effect 2
2018-11-22 03:25 - 2018-11-22 03:25 - 000000000 ____D C:\Users\Lukas\Documents\Alcohol 120%
2018-11-21 20:58 - 2018-11-21 20:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike Source (v34 by eXpandedCS)
2018-11-21 20:52 - 2018-11-21 20:58 - 000000000 ____D C:\Program Files (x86)\CSS v34 eXpandedCS
2018-11-21 02:53 - 2018-12-02 22:05 - 000000000 ____D C:\Users\Lukas\Documents\BioWare
2018-11-21 02:53 - 2018-12-02 21:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repacky od tomi2k9
2018-11-21 02:38 - 2018-11-21 02:53 - 000000000 ____D C:\Program Files (x86)\Mass Effect
2018-11-11 03:18 - 2018-11-11 03:18 - 000000000 ____D C:\Users\Lukas\Desktop\letni programovani
2018-11-10 02:28 - 2018-11-05 17:54 - 035297232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl64.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 031262104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 029972064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl32.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 020845704 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 017287840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 015908712 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 013203600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 001167792 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 000914792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 000524640 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 000450856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 000420680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 000181736 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 000163392 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 000159360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-11-10 02:28 - 2018-11-05 17:54 - 000141592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-11-10 02:28 - 2018-11-05 17:53 - 019704160 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-11-10 02:28 - 2018-11-05 17:53 - 016983120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-11-10 02:28 - 2018-11-05 17:53 - 004280312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-11-10 02:28 - 2018-11-05 13:56 - 000978128 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2018-11-10 02:28 - 2018-11-05 13:56 - 000978128 _____ C:\Windows\system32\vulkan-1.dll
2018-11-10 02:28 - 2018-11-05 13:56 - 000845008 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2018-11-10 02:28 - 2018-11-05 13:56 - 000845008 _____ C:\Windows\SysWOW64\vulkan-1.dll
2018-11-10 02:28 - 2018-11-05 13:56 - 000551384 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-11-10 02:28 - 2018-11-05 13:56 - 000456640 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2018-11-10 02:28 - 2018-11-05 13:56 - 000267984 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2018-11-10 02:28 - 2018-11-05 13:56 - 000267984 _____ C:\Windows\system32\vulkaninfo.exe
2018-11-10 02:28 - 2018-11-05 13:56 - 000243408 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-11-10 02:28 - 2018-11-05 13:56 - 000243408 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2018-11-10 02:28 - 2018-11-05 13:55 - 048639168 _____ (NVIDIA Corp.) C:\Windows\system32\nvoptix.dll
2018-11-10 02:28 - 2018-11-05 13:55 - 040094288 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-11-10 02:28 - 2018-11-05 13:55 - 029811368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-11-10 02:28 - 2018-11-05 13:55 - 020469376 _____ (NVIDIA Corporation) C:\Windows\system32\nvrtum64.dll
2018-11-10 02:28 - 2018-11-05 13:55 - 020077472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-11-10 02:28 - 2018-11-05 13:55 - 001998976 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-11-10 02:28 - 2018-11-05 13:55 - 001457104 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-11-10 02:28 - 2018-11-05 13:55 - 001123472 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-11-10 02:28 - 2018-11-05 13:55 - 000631896 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-11-10 02:28 - 2018-11-05 13:55 - 000521688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-11-10 02:28 - 2018-11-05 13:55 - 000383960 _____ C:\Windows\system32\nvofapi.dll
2018-11-10 02:28 - 2018-11-05 13:54 - 040254264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-11-10 02:28 - 2018-11-05 13:54 - 035151960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-11-10 02:28 - 2018-11-05 13:54 - 004536800 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-11-10 02:28 - 2018-11-05 13:54 - 004029056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-11-10 02:28 - 2018-11-05 13:54 - 002017736 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441681.dll
2018-11-10 02:28 - 2018-11-05 13:54 - 001508648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-11-10 02:28 - 2018-11-05 13:54 - 001468304 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441681.dll
2018-11-10 02:28 - 2018-11-05 13:54 - 000489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcbl64.dll
2018-11-10 02:28 - 2018-11-03 02:49 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2018-11-10 02:28 - 2018-11-03 02:49 - 000000669 _____ C:\Windows\system32\nv-vk64.json

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-10 15:43 - 2018-01-13 15:52 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\FileZilla
2018-12-10 15:42 - 2009-07-14 05:45 - 000025392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-12-10 15:42 - 2009-07-14 05:45 - 000025392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-12-10 13:58 - 2018-01-09 15:55 - 000000000 ___RD C:\Users\Lukas\Disk Google
2018-12-10 13:56 - 2018-01-08 22:55 - 000000000 ____D C:\ProgramData\NVIDIA
2018-12-10 13:56 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-10 03:55 - 2018-01-10 20:37 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\uTorrent
2018-12-09 21:36 - 2018-01-13 01:05 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\vlc
2018-12-09 20:24 - 2018-01-17 03:04 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\.minecraft
2018-12-09 18:17 - 2018-01-09 18:19 - 000000000 ____D C:\Program Files (x86)\Steam
2018-12-09 14:12 - 2018-01-09 15:22 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\TS3Client
2018-12-09 05:28 - 2018-02-12 10:24 - 000000000 ____D C:\Users\Lukas\AppData\LocalLow\Mozilla
2018-12-08 10:22 - 2018-01-08 22:45 - 000000000 ____D C:\Users\Lukas
2018-12-08 03:45 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\GroupPolicy
2018-12-07 13:22 - 2018-02-27 14:50 - 000000000 ____D C:\Users\Lukas\.VirtualBox
2018-12-06 23:36 - 2018-02-16 00:30 - 000007624 _____ C:\Users\Lukas\AppData\Local\resmon.resmoncfg
2018-12-06 23:31 - 2018-01-30 12:50 - 000000000 ____D C:\Users\Lukas\AppData\Local\CrashDumps
2018-12-06 14:07 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-12-06 12:52 - 2018-02-27 14:52 - 000000000 ____D C:\Users\Lukas\VirtualBox VMs
2018-12-06 00:03 - 2018-04-26 23:33 - 000000000 ____D C:\Users\Lukas\AppData\LocalLow\Temp
2018-12-03 16:12 - 2018-09-04 16:08 - 000000000 ____D C:\Users\Lukas\Desktop\K roztrideni
2018-12-02 22:04 - 2018-01-09 02:04 - 000000000 ___RD C:\Users\Lukas\Desktop\Hry
2018-12-01 22:33 - 2018-01-15 19:11 - 000000000 ____D C:\Users\Lukas\AppData\Local\Arma 3 Launcher
2018-12-01 22:29 - 2018-01-10 01:58 - 000000600 _____ C:\Users\Lukas\AppData\Local\PUTTY.RND
2018-12-01 21:28 - 2018-01-15 20:32 - 000000000 ____D C:\Users\Lukas\AppData\Local\Arma 3
2018-12-01 21:19 - 2018-02-15 23:21 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\TeamViewer
2018-12-01 14:24 - 2018-02-17 00:42 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-12-01 14:02 - 2018-01-09 02:04 - 000000000 ___RD C:\Users\Lukas\Desktop\Bordel
2018-12-01 12:06 - 2018-07-22 01:46 - 000000000 ____D C:\Users\Lukas\AppData\Local\BattlEye
2018-11-28 15:51 - 2018-01-08 23:04 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-28 15:40 - 2018-03-09 00:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-28 15:40 - 2018-03-09 00:00 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-11-27 02:33 - 2018-03-10 17:58 - 000592416 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-11-25 00:08 - 2009-07-14 16:18 - 000668542 _____ C:\Windows\system32\perfh005.dat
2018-11-25 00:08 - 2009-07-14 16:18 - 000141202 _____ C:\Windows\system32\perfc005.dat
2018-11-25 00:08 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-21 20:58 - 2018-03-25 16:35 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2018-11-17 23:11 - 2018-06-29 14:04 - 000000167 _____ C:\Users\Lukas\Documents\ClownfishForTeamspeak.ini
2018-11-13 15:25 - 2018-10-10 18:25 - 000000000 ____D C:\Financni evidence
2018-11-11 05:49 - 2018-08-07 14:01 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\CodeBlocks
2018-11-10 10:45 - 2018-01-08 22:53 - 000000000 ____D C:\ProgramData\NVIDIA Corporation

==================== Files in the root of some directories =======

2018-03-17 17:25 - 2018-03-17 17:25 - 000038924 _____ () C:\Users\Lukas\AppData\Roaming\lc_cheaterlist_tf2
2018-03-17 17:25 - 2018-03-17 17:38 - 000014748 _____ () C:\Users\Lukas\AppData\Roaming\lc_public_tf2.ini
2002-08-29 18:33 - 2002-08-29 18:33 - 000319488 ____R () C:\Users\Lukas\AppData\Roaming\MafiaSetup.exe
2018-01-09 02:21 - 2018-05-12 18:22 - 000000600 _____ () C:\Users\Lukas\AppData\Roaming\winscp.rnd
2018-01-10 01:58 - 2018-12-01 22:29 - 000000600 _____ () C:\Users\Lukas\AppData\Local\PUTTY.RND
2018-02-16 00:30 - 2018-12-06 23:36 - 000007624 _____ () C:\Users\Lukas\AppData\Local\resmon.resmoncfg
2018-02-27 15:55 - 2018-02-27 17:12 - 000000452 _____ () C:\Users\Lukas\AppData\Local\zenmap.exe.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-12-07 13:40

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.12.2018
Ran by Lukas (10-12-2018 16:11:36)
Running from C:\Users\Lukas\Desktop\K roztrideni\Downloads\FRST-OlderVersion
Windows 7 Professional Service Pack 1 (X64) (2018-01-08 21:45:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3207589375-3262497780-921371487-500 - Administrator - Disabled)
Guest (S-1-5-21-3207589375-3262497780-921371487-501 - Limited - Enabled)
Lukas (S-1-5-21-3207589375-3262497780-921371487-1000 - Administrator - Enabled) => C:\Users\Lukas
VEŘEJNOST (S-1-5-21-3207589375-3262497780-921371487-1001 - Limited - Enabled) => C:\Users\VEŘEJNOST

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
1.1 (HKLM-x32\...\{87179B53-AFC2-4F12-977D-2FF23293DC8A}_is1) (Version: 1.1 - EASIS GmbH)
A3Launcher version 0.1.5.8 (HKLM-x32\...\{1E29A86E-9AE2-4CD8-74C8-6B170ED3C4D2}_is1) (Version: 0.1.5.8 - Maca134)
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.0 - Adobe Systems Incorporated)
Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.126 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
AIDA64 Extreme v5.95 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.95 - FinalWire Ltd.)
AMD Catalyst Install Manager (HKLM\...\{04E14C12-EAB9-9B07-5A25-CAF2D10B2579}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Application Verifier x64 External Package (HKLM\...\{62CB44B2-8007-DBB2-1CBA-5CB7309EB3C3}) (Version: 10.1.17134.12 - Microsoft) Hidden
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Autorun Organizer (HKLM\...\{B2086A6F-AAD2-43C0-8DAF-2E216EBD784B}) (Version: 3.0.0 - ChemTable)
Avidemux 2.7 - 64 bits (HKLM-x32\...\Avidemux 2.7 - 64 bits (64-bit)) (Version: 2.7.0.170814 - )
Backup and Sync from Google (HKLM\...\{608EBDC6-D18A-4CF6-AD54-EE6B71D29065}) (Version: 3.43.1584.4446 - Google, Inc.)
Bulk Rename Utility 3.0.0.1 (64-bit) (HKLM\...\Bulk Rename Utility Installation_is1) (Version: - TGRMN Software)
Camtasia Studio 8 (HKLM-x32\...\{474DFABF-E55B-4905-ABAA-40791A6AC77F}) (Version: 8.4.4.1859 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CodeBlocks (HKU\S-1-5-21-3207589375-3262497780-921371487-1000\...\CodeBlocks) (Version: 17.12 - The Code::Blocks Team)
CodeBlocks (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\CodeBlocks) (Version: 17.12 - The Code::Blocks Team)
CodeBlocks (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\CodeBlocks) (Version: 17.12 - The Code::Blocks Team)
Counter-Strike 1.6 (HKU\S-1-5-21-3207589375-3262497780-921371487-1000\...\Counter-Strike 1.6) (Version: - )
Counter-Strike 1.6 (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\Counter-Strike 1.6) (Version: - )
Counter-Strike 1.6 (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\Counter-Strike 1.6) (Version: - )
Counter-Strike 1.6 v43g (HKU\S-1-5-21-3207589375-3262497780-921371487-1000\...\Counter-Strike 1.6_is1) (Version: - Valve)
Counter-Strike 1.6 v43g (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\Counter-Strike 1.6_is1) (Version: - Valve)
Counter-Strike 1.6 v43g (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\Counter-Strike 1.6_is1) (Version: - Valve)
Counter-Strike Source v34 by eXpandedCS (HKLM-x32\...\{AF6FC179-862F-4ECE-94CE-E9125128A7BB}}_is1) (Version: v34 by eXpandedCS - eXpandedCS.com)
CrystalDiskInfo 7.7.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.7.0 - Crystal Dew World)
DC Universe Online Live (HKU\S-1-5-21-3207589375-3262497780-921371487-1000\...\DG0-DC Universe Online Live) (Version: - Sony Online Entertainment)
DC Universe Online Live (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\DG0-DC Universe Online Live) (Version: - Sony Online Entertainment)
DC Universe Online Live (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\DG0-DC Universe Online Live) (Version: - Sony Online Entertainment)
DiagnosticsHub_CollectionService (HKLM\...\{E81C8BD9-158A-4E0F-AE0D-8C797C0E8112}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-3207589375-3262497780-921371487-1000\...\Discord) (Version: 0.0.301 - Discord Inc.)
Discord (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\Discord) (Version: 0.0.301 - Discord Inc.)
Discord (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\Discord) (Version: 0.0.301 - Discord Inc.)
EAX Unified (HKLM-x32\...\EAX Unified) (Version: - )
Epic Games Launcher (HKLM-x32\...\{CA3B6D8B-2437-4C7C-84A3-97AF21EDBE20}) (Version: 1.1.144.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.114 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.114 - Etron Technology)
FileZilla Client 3.35.2 (HKLM-x32\...\FileZilla Client) (Version: 3.35.2 - Tim Kosse)
FirestormOS-Releasex64 (HKLM\...\FirestormOS-Releasex64) (Version: 5.0.11.53634 - The Phoenix Firestorm Project, Inc.)
FormatFactory 4.2.5.0 (HKLM-x32\...\FormatFactory) (Version: 4.2.5.0 - Free Time)
Geeks3D FurMark 1.20.0.1 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.0.0.11" - Rockstar Games)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Chicken Invaders: Revenge of the Yolk v3.51 (HKLM-x32\...\Chicken Invaders: Revenge of the Yolk_is1) (Version: - InterAction studios)
icecap_collection_neutral (HKLM-x32\...\{A3B4D258-74E1-49D6-9A86-2DFEFEE48DEC}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{E524832A-C567-499A-8872-0D79596E4DEE}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{7F104712-BE1D-4359-B8EA-8003E9721001}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{99A768BB-C508-44E5-AE78-72ABE55728CF}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
Java 10 (64-bit) (HKLM\...\{E9726856-DB00-5543-B792-70AFD18EA482}) (Version: 10.0.0.0 - Oracle Corporation)
Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java(TM) SE Development Kit 10 (64-bit) (HKLM\...\{564A1AEB-44AC-5E04-A56D-B296D9865A66}) (Version: 10.0.0.0 - Oracle Corporation)
Kits Configuration Installer (HKLM-x32\...\{6F502640-B753-C101-FFA5-B38C3FA5B29A}) (Version: 10.1.17134.12 - Microsoft) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
LibreOffice 5.4.4.2 (HKLM\...\{36E72E7B-9992-4C69-88B1-5E466E4A1386}) (Version: 5.4.4.2 - The Document Foundation)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Macromedia Flash 8 Video Encoder (HKLM-x32\...\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}) (Version: 1.00.0000 - Macromedia)
Macromedia Flash Player 8 (HKLM-x32\...\{885A63EA-382B-4DD4-A755-14809B8557D6}) (Version: 8.0.22.0 - Macromedia)
Macromedia Flash Player 8 Plugin (HKLM-x32\...\{91057632-CA70-413C-B628-2D3CDBBB906B}) (Version: 8.0.22.0 - Macromedia)
Mafia (HKLM-x32\...\1595659240_is1) (Version: 1.3 - GOG.com)
Mafia Compatibility Database (HKLM\...\{481dc351-bab0-4f86-b085-87a5626fe6dc}.sdb) (Version: - )
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Mass Effect (HKLM-x32\...\Mass Effect_is1) (Version: - )
Mass Effect 2 (HKLM-x32\...\Mass Effect 2_is1) (Version: - )
Mass Effect 3 (HKLM-x32\...\Mass Effect 3_is1) (Version: - )
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM\...\{98DD6908-C582-452A-954D-E79E6DF0310A}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM-x32\...\{640EECB8-1962-4D23-ACB2-310107EC7ED9}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.17.1296.827 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 63.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 63.0.3 (x64 en-US)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
MSI Development Tools (HKLM-x32\...\{1E406B46-65F4-91CE-65DA-DB66D5443B68}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
NetBeans IDE 8.2 (HKLM\...\nbi-nb-base-8.2.0.0.201610071157) (Version: 8.2 - NetBeans.org)
Nmap 7.60 (HKLM-x32\...\Nmap) (Version: 7.60 - )
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.4 - Notepad++ Team)
Npcap 0.93 (HKLM-x32\...\NpcapInst) (Version: 0.93 - Nmap Project)
NVIDIA Ovladač HD audia 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{D9559CE2-9C58-F414-43EA-F908FEA13BB8}) (Version: 1.00.0000 - Název společnosti:)
OpenVPN 2.4.6-I602 (HKLM\...\OpenVPN) (Version: 2.4.6-I602 - OpenVPN Technologies, Inc.)
Oracle VM VirtualBox 5.2.6 (HKLM\...\{EA9602E3-0184-45B9-9E15-028776CD7A6E}) (Version: 5.2.6 - Oracle Corporation)
Ovládací panel NVIDIA 399.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 399.07 - NVIDIA Corporation) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Roblox Player for Lukas (HKU\S-1-5-21-3207589375-3262497780-921371487-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Roblox Player for Lukas (HKU\S-1-5-21-3207589375-3262497780-921371487-1000\...\roblox-player) (Version: - Roblox Corporation)
Roblox Player for Lukas (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Roblox Player for Lukas (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\roblox-player) (Version: - Roblox Corporation)
Roblox Player for Lukas (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Roblox Player for Lukas (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\roblox-player) (Version: - Roblox Corporation)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
SDK ARM Additions (HKLM-x32\...\{346B2C02-CC0D-6E09-8B9D-CAA2821473CF}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{825784BB-114D-ADB3-B65F-E1EB2A63C3BC}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
STORMWARE POHODA Start CZ (HKLM-x32\...\{149CB128-BA0D-466E-AB83-AA79026502A0}) (Version: 11901.14 - STORMWARE)
Sublime Text Build 3176 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Super Mario 3 : Mario Forever (HKLM-x32\...\Super Mario 3 : Mario Forever) (Version: - )
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.10 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-3207589375-3262497780-921371487-1000\...\TeamSpeak 3 Client) (Version: 3.1.10 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\TeamSpeak 3 Client) (Version: 3.1.10 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\TeamSpeak 3 Client) (Version: 3.1.10 - TeamSpeak Systems GmbH)
Universal CRT Extension SDK (HKLM-x32\...\{18ABFDF6-23D9-87E6-015E-FFE3C7F153D5}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{0D6B41AF-D117-8944-A059-3F9346A896C5}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{B6273353-8B54-1F89-1A16-5940925104CE}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{BA6F1D53-C3F2-F9D5-80CE-CEF608E36AD3}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{6E43CA0C-046E-4F38-A0A2-3B1BA139B661}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{775886B8-DEE1-CB20-8A94-FC09FA54ECF6}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)
vcpp_crt.redist.clickonce (HKLM-x32\...\{8C49092E-8F56-41A6-87C9-94A6956E990A}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
VeNCrypt 0.2.6 (HKLM-x32\...\{D3FDCF37-1BDF-437A-9D95-5F5DBEE3E865}}_is1) (Version: 0.2.6 - OCCAM Financial Technology)
Visual Studio Community 2017 (HKLM-x32\...\2735d9d9) (Version: 15.8.28010.2016 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{54FBC9A9-CCA1-417E-ACA6-203A32A39F37}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{4B816AD0-D12B-498A-8148-7CBE3ED328DE}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{8B657335-3813-4CF4-A6FE-2AA44BE23F94}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{4C60D242-B039-4DBB-A202-BE55478E8500}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{226CCDB6-96F9-4DE6-9CCC-DB49D0A0A971}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{DC4F558F-90E2-4B9C-8A2B-5DD92EF71F84}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{31312BFA-5D30-4B56-BACB-BFE26CE2E285}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{8EB2C670-04C2-482D-BACD-B4095E27FD39}) (Version: 15.6.27309 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx64 (HKLM\...\{B6BAC9A6-A70D-4E4D-B90A-7EE2B336E090}) (Version: 15.8.27729 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx86 (HKLM-x32\...\{3161DA68-DD37-4798-82DB-B3A0BD6BA233}) (Version: 15.8.27729 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{082DBA20-8C1E-4D4C-85F4-A813283B7849}) (Version: 15.8.28010 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{B8B65A93-F72B-42C2-AE1A-FF440B44BB67}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinAppDeploy (HKLM-x32\...\{5AD4A604-B476-1578-2A20-6B02FC6258BE}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Mobile Connectivity Tools 10.0.15254.0 - Desktop x86 (HKLM-x32\...\{833F02C5-2C39-49F6-BD64-91D351081274}) (Version: 10.1.15254.1 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{E77C2F78-6089-48F8-89DF-DDF2850DFFD9}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.17134.12 (HKLM-x32\...\{5f83ccda-0498-4b97-a298-16a642bf49f2}) (Version: 10.1.17134.12 - Microsoft Corporation)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{389D182F-0ADA-5C7E-FF32-2573A821592C}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{C3776B36-B34E-00E2-3009-95A6F1870B58}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{965D1746-D94A-49B9-2A48-A14914CA3B57}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{84C6B91B-67DA-DDE3-86F1-87A3E307E8C1}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{3755CD99-C62E-3312-DDD3-29A4F259270D}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{729DA966-8590-2C1F-2178-16C1D32FD7FD}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{F1C18506-3168-A9D9-E2D9-D23A512A326E}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{4095D263-6A13-78D3-DEDA-AA3452011F6E}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{C3243E23-2EB6-4419-2692-40944923B112}) (Version: 10.1.17134.12 - Microsoft Corporation) Hidden
WinSCP 5.11.3 (HKLM-x32\...\winscp3_is1) (Version: 5.11.3 - Martin Prikryl)
Wireshark 2.4.5 64-bit (HKLM-x32\...\Wireshark) (Version: 2.4.5 - The Wireshark developer community, hxxps://www.wireshark.org)
XAMPP (HKLM-x32\...\xampp) (Version: 7.2.9-0 - Bitnami)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-01-01] ()
ContextMenuHandlers1: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2016-02-04] (Bulk Rename Utility)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft Development Team)
ContextMenuHandlers2-x32: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft Development Team)
ContextMenuHandlers2-x32: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2016-02-04] (Bulk Rename Utility)
ContextMenuHandlers2-x32: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2016-02-04] (Bulk Rename Utility)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-08-21] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12976B00-E0F5-4822-9A7A-1517B3CCE0B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-08] (Google Inc.)
Task: {2C9509C8-38D7-4C42-88BB-32EB85831168} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-10] (Piriform Ltd)
Task: {2D7C6095-E7BD-4444-9CD5-36C29754CED7} - System32\Tasks\DecLukas => C:\Users\Lukas\AppData\Local\Temp\nobypass.exe <==== ATTENTION
Task: {44423C65-E3A6-41B7-8E25-96004E927132} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-07] (Oracle Corporation)
Task: {8391C563-3181-4C4F-B6D7-5F77287E88B0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd)
Task: {AE072E02-A608-431E-B5BC-FE9ADC2A37CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-08] (Google Inc.)
Task: {C3E57929-7871-4AC2-B059-E396961FE1BB} - System32\Tasks\spusti cti.txt => C:\Users\VEŘEJNOST\Desktop\cti.txt [2018-09-04] ()
Task: {EB0F0C21-39A6-40D6-AD87-F1425CC0C265} - System32\Tasks\AdobeAAMUpdater-1.0-Lukas-PC-Lukas => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-04-28] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-12-10 13:50 - 2018-11-15 11:01 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-12-10 13:50 - 2018-11-21 11:07 - 002842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-08-06 09:11 - 2018-08-06 09:11 - 000054440 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 000020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2018-01-01 02:07 - 2018-01-01 02:07 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2018-10-04 19:44 - 2018-10-04 19:44 - 046459080 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2018-12-10 13:57 - 2018-12-10 13:57 - 000113664 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\_ctypes.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000080896 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\bz2.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 001792512 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\_hashlib.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000128512 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32api.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000137728 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\pywintypes27.dll
2018-12-10 13:57 - 2018-12-10 13:57 - 000548864 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\pythoncom27.dll
2018-12-10 13:57 - 2018-12-10 13:57 - 000689664 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\unicodedata.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000438784 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32com.shell.shell.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 001489408 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\wx._core_.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 001007104 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\wx._gdi_.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 001039872 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\wx._windows_.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 001325056 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\wx._controls_.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000916992 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\wx._misc_.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 001084416 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\pysqlite2._sqlite.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000149504 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32file.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000136192 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32security.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000007680 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\hashobjs_ext.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000020992 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\thumbnails_ext.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000118784 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\usb_ext.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000047616 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\_socket.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 002224640 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\_ssl.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000014848 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\common.time34.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000023040 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32event.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000034304 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\windows.conditional.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000020480 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\windows.winwrap.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000110080 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\windows.volumes.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000223232 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32gui.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000173568 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\_elementtree.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000169472 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\pyexpat.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000048128 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32inet.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000103424 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\wx._html2.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000046080 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\_psutil_windows.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000633272 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\windows._cacheinvalidation.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000011776 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32crypt.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000301568 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\PIL._imaging.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000032256 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\_multiprocessing.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 005752320 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\cello.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000026112 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\_yappi.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000044032 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32process.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000027648 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32pipe.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000010752 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\select.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000029696 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32pdh.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000038400 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\windows.connectivity.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000073216 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\windows.device_monitor.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000020480 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32profile.pyd
2018-12-10 13:57 - 2018-12-10 13:57 - 000026624 _____ () C:\Users\Lukas\AppData\Local\Temp\_MEI40122\win32ts.pyd
2018-11-28 15:51 - 2018-11-16 06:43 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libglesv2.dll
2018-11-28 15:51 - 2018-11-16 06:43 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2018-12-07 10:47 - 000000488 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 activation.cloud.techsmith.com
127.0.0.1 oscount.techsmith.com
127.0.0.1 updater.techsmith.com
127.0.0.1 camtasiatudi.techsmith.com
127.0.0.1 tsccloud.cloudapp.net
127.0.0.1 assets.cloud.techsmith.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3207589375-3262497780-921371487-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\Control Panel\Desktop\\Wallpaper -> C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\Control Panel\Desktop\\Wallpaper -> C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3207589375-3262497780-921371487-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141830166\Control Panel\Desktop\\Wallpaper -> C:\Users\VEŘEJNOST\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3207589375-3262497780-921371487-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143517525\Control Panel\Desktop\\Wallpaper -> C:\Users\VEŘEJNOST\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.88.1 - 185.162.24.54
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Run VeNCrypt Listening Viewer.lnk => C:\Windows\pss\Run VeNCrypt Listening Viewer.lnk.CommonStartup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: EpicGamesLauncher => "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: OPENVPN-GUI => C:\Program Files\OpenVPN\bin\openvpn-gui.exe
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{7D08A41C-FE11-4444-BF61-65CE7AE0CB98}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E9ACA8C9-2C1C-4671-A0F1-7886FC1DC779}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1E7F85AF-176A-4237-8A2D-9E145B0B3417}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{275F9784-4789-4172-B601-4A79945B744D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{DCC19108-B4F8-4AA9-B4E8-7EED9FAEB080}C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{4D957E3A-072B-47E5-869D-7B32060C8AE7}C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [{070B2313-EA33-4DF0-B458-42859D2852E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{C7051CA5-B229-47CE-8ABA-94574123C8AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{CB25E593-0F1B-4E28-AA65-933A2A4A2AE0}] => (Allow) C:\Users\Lukas\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{6775CF16-E620-4714-9656-7C5194E34F06}] => (Allow) C:\Users\Lukas\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [TCP Query User{F054BA8F-FFDB-412B-8526-E76449F199B1}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [UDP Query User{D6AFD76D-8A69-4C38-9129-8BB7E21C1687}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [TCP Query User{CB7EF4E9-F3FE-4B26-A752-DF8B0A32860A}C:\program files\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [UDP Query User{11017E5A-5B88-4AFE-B366-42DD2F3C766B}C:\program files\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [TCP Query User{4E6C8030-42B1-46F0-86C4-F3C92D35FD55}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{F7F296A6-B476-486E-99BD-5928DF8BF473}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{F955AF51-83BB-4863-AA26-3C6DC1F014B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{52EF02A6-F9D5-42B9-83E9-95988130C13E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{14CDF807-5A3A-407A-9241-557E1E45F6FA}C:\counter-strike\hl.exe] => (Allow) C:\counter-strike\hl.exe
FirewallRules: [UDP Query User{579F899F-7DC9-4CE5-8538-2D619F016833}C:\counter-strike\hl.exe] => (Allow) C:\counter-strike\hl.exe
FirewallRules: [TCP Query User{13E1A2AC-B62A-4A78-8FDD-45B0849184AD}C:\program files (x86)\vencrypt-0.2.6\vencviewer.exe] => (Block) C:\program files (x86)\vencrypt-0.2.6\vencviewer.exe
FirewallRules: [UDP Query User{1A8CB319-03CF-4A1A-83F0-2717700FFC91}C:\program files (x86)\vencrypt-0.2.6\vencviewer.exe] => (Block) C:\program files (x86)\vencrypt-0.2.6\vencviewer.exe
FirewallRules: [{F219E474-E35A-439A-88D5-1DBA71B0848A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{168121F3-7EA1-41AD-80F9-9F8F0873B36D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{110F69AB-58F7-47F6-9729-68D619C25F23}C:\program files (x86)\chickeninvadersroty\ci3.exe] => (Allow) C:\program files (x86)\chickeninvadersroty\ci3.exe
FirewallRules: [UDP Query User{CE0FDDF4-B290-463C-8879-3018FD04EF73}C:\program files (x86)\chickeninvadersroty\ci3.exe] => (Allow) C:\program files (x86)\chickeninvadersroty\ci3.exe
FirewallRules: [TCP Query User{EEE39ACC-D0A2-44F8-A487-91BDB9EE046D}C:\program files (x86)\nmap\nmap.exe] => (Allow) C:\program files (x86)\nmap\nmap.exe
FirewallRules: [UDP Query User{F7607DAE-B945-430D-A4CB-346B11EF2575}C:\program files (x86)\nmap\nmap.exe] => (Allow) C:\program files (x86)\nmap\nmap.exe
FirewallRules: [TCP Query User{6ABFD96B-2D5B-4A71-8C59-59DC0E5BAC36}C:\users\lukas\counter-strike 1.6\hl.exe] => (Allow) C:\users\lukas\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{41520519-04E9-4426-B91D-E6DA79F0576C}C:\users\lukas\counter-strike 1.6\hl.exe] => (Allow) C:\users\lukas\counter-strike 1.6\hl.exe
FirewallRules: [{3FDEFE4A-F158-4694-8DC3-BAA5205EAE57}] => (Allow) LPort=8317
FirewallRules: [{C993BE8E-90BA-4417-9F77-3A8ADF74F5A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\H1Z1_BE.exe
FirewallRules: [{82D3A5BE-C9F4-4053-BDDC-DD78F07813F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\H1Z1_BE.exe
FirewallRules: [TCP Query User{17685A4A-0E1F-468A-AE53-67A1C3C307CD}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{8011219E-3A96-4AF5-971F-73BE88B3D1CB}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{286BA6E4-0462-4F2C-A66A-5DAA5F42B272}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{865DF2D0-9DD5-489D-9A9F-8AF333E40F52}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{831F78C2-A320-40BE-AC24-2B6F536FCCAD}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{DAAE2BD2-93E3-4CDD-8235-3486D3E0829E}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{7B281794-FCF6-4FCA-A8C9-98D04EDEFAD4}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{C3572AFB-0FAA-435A-9FFE-F1ABCBCC6825}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{36D69DC6-6956-41D7-8197-CCD90D205C6D}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{FA8396B2-9251-4B19-863D-03B69CC42C96}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{8AED3002-3547-453A-BC86-6DD2706DF2E8}] => (Block) %ProgramFiles%\Adobe\Adobe After Effects CC 2015\Support Files\AfterFX.exe
FirewallRules: [TCP Query User{9331734D-6E90-491E-9512-E3AD22117B62}C:\users\lukas\desktop\temp srv\ts3server.exe] => (Allow) C:\users\lukas\desktop\temp srv\ts3server.exe
FirewallRules: [UDP Query User{0AB62A0B-C9A6-4AFF-83C2-04C52FC0341D}C:\users\lukas\desktop\temp srv\ts3server.exe] => (Allow) C:\users\lukas\desktop\temp srv\ts3server.exe
FirewallRules: [{CCB65902-921C-48AF-8269-D5C8BBFFC97E}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{AFAADAFA-29F3-4850-9863-875E72860ED4}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [TCP Query User{212F2C11-355D-418E-86B8-48A7BBAF94BB}C:\program files\java\jdk-10\bin\jmc.exe] => (Allow) C:\program files\java\jdk-10\bin\jmc.exe
FirewallRules: [UDP Query User{033C4517-D593-47CA-B62E-6C479D1EA8B0}C:\program files\java\jdk-10\bin\jmc.exe] => (Allow) C:\program files\java\jdk-10\bin\jmc.exe
FirewallRules: [TCP Query User{3A174430-615E-4C70-842C-4D23C1A6E82A}C:\games\diablo ii\game.exe] => (Allow) C:\games\diablo ii\game.exe
FirewallRules: [UDP Query User{B562FC6E-F274-405E-9509-374E5DE13D67}C:\games\diablo ii\game.exe] => (Allow) C:\games\diablo ii\game.exe
FirewallRules: [TCP Query User{1DBA58DE-32D7-4955-B2FA-0B67C6C24C80}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe
FirewallRules: [UDP Query User{7363A53C-37B7-4EF2-AEE6-D28F7992D620}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.137\deploy\leagueclient.exe
FirewallRules: [TCP Query User{2D70DBE8-7085-414F-8C75-40E60312B05E}C:\program files\firestormos-releasex64\slvoice.exe] => (Allow) C:\program files\firestormos-releasex64\slvoice.exe
FirewallRules: [UDP Query User{AD1CC4B0-2FF4-49CB-A772-BC5064865A34}C:\program files\firestormos-releasex64\slvoice.exe] => (Allow) C:\program files\firestormos-releasex64\slvoice.exe
FirewallRules: [TCP Query User{CB21F66C-7919-4E41-ADB0-33E53492236C}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [UDP Query User{8834B20A-FE7C-4024-85CB-E2FD20135BED}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.138\deploy\leagueclient.exe
FirewallRules: [{AEB8F3D9-6E93-46E9-AD14-73BD3265B380}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{91D7A36B-33C1-41CB-B42C-64E339BE79CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{F1B829E0-F124-41B6-9AA1-17F71F694263}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{52221CD6-C2B1-4483-8C20-01F22EA53837}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [TCP Query User{753EAAE9-32F8-42ED-A05D-3ACB3423EF84}C:\users\lukas\downloads\flatout2\flatout2.exe] => (Block) C:\users\lukas\downloads\flatout2\flatout2.exe
FirewallRules: [UDP Query User{2E3233AC-6FEF-4866-A636-D24E980B7620}C:\users\lukas\downloads\flatout2\flatout2.exe] => (Block) C:\users\lukas\downloads\flatout2\flatout2.exe
FirewallRules: [TCP Query User{B173B3E6-DC20-4132-93B4-0152665A8CD5}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe
FirewallRules: [UDP Query User{9AD26DC2-1E04-47E2-B158-2995509BBB63}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.141\deploy\leagueclient.exe
FirewallRules: [TCP Query User{1E32D277-19A5-455F-85A0-600D54C161F3}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [UDP Query User{57EC07E6-27C0-46AA-BE18-FBD297284F15}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.151\deploy\leagueclient.exe
FirewallRules: [TCP Query User{03E457AF-3997-495B-BF61-BC38A016EF07}C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe
FirewallRules: [UDP Query User{25855364-2036-4835-9551-477FEF001F66}C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe
FirewallRules: [{1E69C33A-D21D-46D4-B68B-E8F3B63C918F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe
FirewallRules: [{3B03DA3F-67BA-4535-AA5D-6D569C5221AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe
FirewallRules: [TCP Query User{A8EF2686-9763-4710-8838-302FB18412FC}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe
FirewallRules: [UDP Query User{BEDE4A59-E692-44FC-9E01-C99C6005442F}C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\insurgency2\insurgency_x64.exe
FirewallRules: [TCP Query User{F2EFDC75-DDE8-4BD6-9233-F379073D0744}C:\users\veřejnost\appdata\local\temp\rar$exa0.207\utorrent.exe] => (Block) C:\users\veřejnost\appdata\local\temp\rar$exa0.207\utorrent.exe
FirewallRules: [UDP Query User{7B40A566-DC03-45CF-8832-701963E484EE}C:\users\veřejnost\appdata\local\temp\rar$exa0.207\utorrent.exe] => (Block) C:\users\veřejnost\appdata\local\temp\rar$exa0.207\utorrent.exe
FirewallRules: [{637B2E4B-F2A2-41AF-AACC-D604FE345326}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{41DEB775-7706-42E3-B543-38CB4C162AAB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [TCP Query User{EFBE60E2-40FD-43F0-8E77-183CC57A3216}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{F24CAF11-FE82-4EBC-9C37-ECD0980ECD60}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{BB201F44-17C7-4052-A434-28BC34368459}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{691BB679-7D2B-4C25-B253-DB28F8E47C66}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{C1044EE5-435A-499B-AD9E-13756D4FD825}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{4CE0FA38-DFC1-467D-A937-37F473CA8C06}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{D3A373D2-385A-45EB-801A-914AFCAFFD93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe
FirewallRules: [{038B83E0-D6A5-489C-B9F9-E8E52E7D6137}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe
FirewallRules: [TCP Query User{F331BCB2-D915-4511-B9AB-19EAD44B7700}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{30C4032C-990C-4B8C-892A-9CBD573CF63D}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe
FirewallRules: [{67E67CA8-F3CD-4785-A43F-47AFE2849F2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DC Universe Online\LaunchPad.exe
FirewallRules: [{462BAA90-A8D0-4700-A5B6-EFA5FF199434}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DC Universe Online\LaunchPad.exe
FirewallRules: [{967E61DA-BA80-4C4E-A611-8974AB1EE572}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{8BF9A505-E6BC-4389-9C2B-6BC4149578C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [TCP Query User{6F3B0D27-33FB-4E91-8DF3-9E3D4DC8EB5D}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe
FirewallRules: [UDP Query User{9EE5433D-3F62-45B8-96B9-A08632171366}C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dc universe online\unreal3\binaries\win32\dcgame.exe
FirewallRules: [TCP Query User{3DFE69E4-EB2C-4467-A667-8462282FF94E}C:\program files (x86)\css v34 expandedcs\hl2.exe] => (Allow) C:\program files (x86)\css v34 expandedcs\hl2.exe
FirewallRules: [UDP Query User{6B5319A6-9624-4650-81B8-617C444A1672}C:\program files (x86)\css v34 expandedcs\hl2.exe] => (Allow) C:\program files (x86)\css v34 expandedcs\hl2.exe
FirewallRules: [TCP Query User{420D8311-3369-4CD3-AEEE-D851A6066130}C:\program files (x86)\mass effect 2\binaries\masseffect2.exe] => (Block) C:\program files (x86)\mass effect 2\binaries\masseffect2.exe
FirewallRules: [UDP Query User{C13397D7-7419-4333-9A7E-681D458A9C6D}C:\program files (x86)\mass effect 2\binaries\masseffect2.exe] => (Block) C:\program files (x86)\mass effect 2\binaries\masseffect2.exe
FirewallRules: [{80FC6129-301D-491C-8688-AB0DE06FF640}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2C177123-B417-426E-83BC-77174AFA0B81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{79C08B65-13CE-4C75-984A-CFDE81FE0A28}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{93867405-07F8-4AB6-9C2F-6C4302350B13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ring of Elysium\SLauncher.exe
FirewallRules: [{EB2B6862-A3CF-4733-ACED-25EB49230D53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ring of Elysium\SLauncher.exe
FirewallRules: [TCP Query User{7649C137-FE71-4F2C-BADA-79982B1C51A4}C:\program files (x86)\mass effect 3\binaries\win32\masseffect3.exe] => (Allow) C:\program files (x86)\mass effect 3\binaries\win32\masseffect3.exe
FirewallRules: [UDP Query User{12C02448-58F6-4FE8-9944-28A154E85DB8}C:\program files (x86)\mass effect 3\binaries\win32\masseffect3.exe] => (Allow) C:\program files (x86)\mass effect 3\binaries\win32\masseffect3.exe
FirewallRules: [{BEA15655-36ED-4D00-9F73-C79F2B42FFC3}] => (Block) %USERPROFILE%\Desktop\K roztrideni\ts3 starsi\ts3client_win64.exe

==================== Restore Points =========================

06-12-2018 23:21:01 Removed Sophos Virus Removal Tool.
08-12-2018 02:41:43 Removed Autorun Organizer
08-12-2018 03:40:48 Microsoft Antimalware Checkpoint
08-12-2018 10:25:04 Removed Autorun Organizer
08-12-2018 10:33:33 Windows Update
09-12-2018 17:32:27 Microsoft Antimalware Checkpoint
10-12-2018 16:10:14 Removed Autorun Organizer

==================== Faulty Device Manager Devices =============

Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/09/2018 05:32:27 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {dbb72ce0-8c75-4832-9b02-87a7bdd09e8e}

Error: (12/08/2018 11:30:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program steamwebhelper.exe verze 4.83.53.91 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: c80

Čas spuštění: 01d48edfd849c94c

Čas ukončení: 9

Cesta k aplikaci: C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

ID hlášení: 3bb4ef7b-fad4-11e8-a016-d050997efc59

Error: (12/08/2018 11:29:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program csgo.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1738

Čas spuštění: 01d48ee012da4062

Čas ukončení: 100

Cesta k aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

ID hlášení: 3576f195-fad4-11e8-a016-d050997efc59

Error: (12/08/2018 11:29:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Steam.exe verze 4.83.53.91 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 694

Čas spuštění: 01d48edfd7cd6b89

Čas ukončení: 88

Cesta k aplikaci: C:\Program Files (x86)\Steam\Steam.exe

ID hlášení: 22404c00-fad4-11e8-a016-d050997efc59

Error: (12/08/2018 02:45:37 AM) (Source: MsiInstaller) (EventID: 11721) (User: Lukas-PC)
Description: Product: Autorun Organizer -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: AutorunOrganizer.exe, location: C:\Program Files (x86)\Autorun Organizer\AutorunOrganizer.exe, command:

Error: (12/06/2018 11:31:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Uninstaller-6056.exe, verze: 1.0.3.159, časové razítko: 0x4f07bdef
Název chybujícího modulu: Uninstaller-6056.exe, verze: 1.0.3.159, časové razítko: 0x4f07bdef
Kód výjimky: 0x40000015
Posun chyby: 0x0002dd8f
ID chybujícího procesu: 0xd18
Čas spuštění chybující aplikace: 0x01d48db2fbd12061
Cesta k chybující aplikaci: C:\Users\Lukas\AppData\Local\Temp\Uninstaller-6056.exe
Cesta k chybujícímu modulu: C:\Users\Lukas\AppData\Local\Temp\Uninstaller-6056.exe
ID zprávy: 9d23bb58-f9a6-11e8-be03-d050997efc59

Error: (12/06/2018 11:21:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary 30273018.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (12/06/2018 11:21:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary 9681803drv.

System Error:
Systém nemůže nalézt uvedený soubor.
.


System errors:
=============
Error: (12/10/2018 01:47:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (12/10/2018 01:47:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (12/10/2018 01:47:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (12/10/2018 01:47:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba StarWind AE Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/10/2018 01:47:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba VeNCrypt byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/10/2018 01:38:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (12/06/2018 11:21:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ZAM Controller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/06/2018 08:00:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2018-03-10 17:49:24.080
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{114DD013-CE6D-4A0E-86C4-DDBAF162FF38}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:Lukas-PC\Lukas

CodeIntegrity:
===================================

Date: 2018-04-25 23:57:53.022
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: AMD Athlon(tm) X4 860K Quad Core Processor
Percentage of memory in use: 62%
Total physical RAM: 8127.3 MB
Available physical RAM: 3025.01 MB
Total Virtual: 16252.78 MB
Available Virtual: 10390.71 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:224.39 GB) NTFS

\\?\Volume{131f1b9f-f4bc-11e7-ac6f-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: FD779FBC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Využití procesoru obrovské, bitcoin miner

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3207589375-3262497780-921371487-1000\...\Run: [syscheck] => C:\Users\Lukas\AppData\Local\Temp\nobypass.exe <==== ATTENTION
C:\Users\Lukas\AppData\Local\Temp
HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\Run: [syscheck] => C:\Users\Lukas\AppData\Local\Temp\nobypass.exe <==== ATTENTION
HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\Run: [syscheck] => C:\Users\Lukas\AppData\Local\Temp\nobypass.exe <==== ATTENTION
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
S2 hkzjeotg; C:\Windows\SysWOW64\hkzjeotg\kagzaiyh.exe [0 ] () <==== ATTENTION (zero byte File/Folder)
U3 adx8fbsu; C:\Windows\System32\Drivers\adx8fbsu.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
C:\ProgramData\hafyaffv
C:\Program Files (x86)\Zemana AntiMalware
C:\Windows\ZAM_Guard.krnl.trace
C:\Windows\ZAM.krnl.trace
Task: {2D7C6095-E7BD-4444-9CD5-36C29754CED7} - System32\Tasks\DecLukas => C:\Users\Lukas\AppData\Local\Temp\nobypass.exe <==== ATTENTION
Task: {12976B00-E0F5-4822-9A7A-1517B3CCE0B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-08] (Google Inc.)
Task: {44423C65-E3A6-41B7-8E25-96004E927132} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-07] (Oracle Corporation)
Task: {AE072E02-A608-431E-B5BC-FE9ADC2A37CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-08] (Google Inc.)
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

EmptyTemp:
Hosts:
End
Uložte do C:\Users\Lukas\Desktop\K roztrideni\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Storno
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 03 pro 2018 15:18

Re: Využití procesoru obrovské, bitcoin miner

#7 Příspěvek od Storno »

Fix result of Farbar Recovery Scan Tool (x64) Version: 09.12.2018
Ran by Lukas (10-12-2018 17:08:01) Run:1
Running from C:\Users\Lukas\Desktop\K roztrideni\Downloads\FRST-OlderVersion\FRST-OlderVersion
Loaded Profiles: Lukas & (Available Profiles: Lukas & VEŘEJNOST)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3207589375-3262497780-921371487-1000\...\Run: [syscheck] => C:\Users\Lukas\AppData\Local\Temp\nobypass.exe <==== ATTENTION
C:\Users\Lukas\AppData\Local\Temp
HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\Run: [syscheck] => C:\Users\Lukas\AppData\Local\Temp\nobypass.exe <==== ATTENTION
HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\Run: [syscheck] => C:\Users\Lukas\AppData\Local\Temp\nobypass.exe <==== ATTENTION
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
S2 hkzjeotg; C:\Windows\SysWOW64\hkzjeotg\kagzaiyh.exe [0 ] () <==== ATTENTION (zero byte File/Folder)
U3 adx8fbsu; C:\Windows\System32\Drivers\adx8fbsu.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
C:\ProgramData\hafyaffv
C:\Program Files (x86)\Zemana AntiMalware
C:\Windows\ZAM_Guard.krnl.trace
C:\Windows\ZAM.krnl.trace
Task: {2D7C6095-E7BD-4444-9CD5-36C29754CED7} - System32\Tasks\DecLukas => C:\Users\Lukas\AppData\Local\Temp\nobypass.exe <==== ATTENTION
Task: {12976B00-E0F5-4822-9A7A-1517B3CCE0B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-08] (Google Inc.)
Task: {44423C65-E3A6-41B7-8E25-96004E927132} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-07] (Oracle Corporation)
Task: {AE072E02-A608-431E-B5BC-FE9ADC2A37CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-08] (Google Inc.)
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-3207589375-3262497780-921371487-1000\Software\Microsoft\Windows\CurrentVersion\Run\\syscheck" => removed successfully

"C:\Users\Lukas\AppData\Local\Temp" folder move:

Could not move "C:\Users\Lukas\AppData\Local\Temp" => Scheduled to move on reboot.

HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018141829163\...\Run: [syscheck] => C:\Users\Lukas\AppData\Local\Temp\nobypass.exe <==== ATTENTION => Error: No automatic fix found for this entry.
HKU\S-1-5-21-3207589375-3262497780-921371487-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12102018143515911\...\Run: [syscheck] => C:\Users\Lukas\AppData\Local\Temp\nobypass.exe <==== ATTENTION => Error: No automatic fix found for this entry.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\System\CurrentControlSet\Services\hkzjeotg => removed successfully
hkzjeotg => service removed successfully
HKLM\System\CurrentControlSet\Services\adx8fbsu => removed successfully
adx8fbsu => service removed successfully
HKLM\System\CurrentControlSet\Services\ZAM => removed successfully
ZAM => service removed successfully
HKLM\System\CurrentControlSet\Services\ZAM_Guard => removed successfully
ZAM_Guard => service removed successfully
C:\ProgramData\hafyaffv => moved successfully
C:\Program Files (x86)\Zemana AntiMalware => moved successfully
C:\Windows\ZAM_Guard.krnl.trace => moved successfully
C:\Windows\ZAM.krnl.trace => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2D7C6095-E7BD-4444-9CD5-36C29754CED7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D7C6095-E7BD-4444-9CD5-36C29754CED7}" => removed successfully
C:\Windows\System32\Tasks\DecLukas => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DecLukas" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12976B00-E0F5-4822-9A7A-1517B3CCE0B9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12976B00-E0F5-4822-9A7A-1517B3CCE0B9}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{44423C65-E3A6-41B7-8E25-96004E927132}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44423C65-E3A6-41B7-8E25-96004E927132}" => removed successfully
C:\Windows\System32\Tasks\JavaUpdateSched => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\JavaUpdateSched" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AE072E02-A608-431E-B5BC-FE9ADC2A37CE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE072E02-A608-431E-B5BC-FE9ADC2A37CE}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 26687038 B
Java, Flash, Steam htmlcache => 70579009 B
Windows/system/drivers => 818 B
Edge => 0 B
Chrome => 623675996 B
Firefox => 622592 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 424 B
systemprofile32 => 33058 B
LocalService => 66228 B
NetworkService => 17642 B
Lukas => 84753675 B
VEŘEJNOST => 0 B

RecycleBin => 389152 B
EmptyTemp: => 777.4 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 10-12-2018 17:10:09)

C:\Users\Lukas\AppData\Local\Temp => moved successfully

==== End of Fixlog 17:10:10 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Využití procesoru obrovské, bitcoin miner

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Storno
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 03 pro 2018 15:18

Re: Využití procesoru obrovské, bitcoin miner

#9 Příspěvek od Storno »

Paráda, výborná práce! Vyčíst z logů bych také chtěl umět :D. Využití procesoru znatelně kleslo. Děkuji za pomoc.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Využití procesoru obrovské, bitcoin miner

#10 Příspěvek od Rudy »

:D Je to otázka cviku. Odstraní se to, co tam buď nepatří, nebo je zbytečné. Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět