Vírus? Možno

[Cibo]

Zdravím!

Všimol som si na svojom počítači (notebook) že aj keď je v Idle (teda nič nebezí) ventilátor fúka jak o život. To by teda nemohol , na koľko sa oňho dobre starám a fachčí na 5 hviezdičiek. Tak som teda spustil Správca Úloh a čo tam vidím: "Hostiteľ služby: lokálny systém" CPU od 20% do 40% usage. Keď rozkliknem aby som vedel viac zobrazí sa mi hneď Windows Update, Push notifications, managment, user manager, themes, rozpoznávanie hardvéru... blabla bla a podobné blbosti. Vypnúť to nerobí problém, Delete vyfajknúť "Neuložiť neuložené údaje a vypnúť". Hotovo, vypne sa to. Ale potom o X hodín neskôr to zase nabehne a už ma to docela začína štvať, tak som sa rozhodol že prídem sem, už som ti tu o tom prečítal, ak sa správne pamätám a pomohli ste mu.

Hocičo potrebujete, povedzte ja to obratom spravím, a doplním informácie ktoré potrebujete.

PS - SS s Správca Úloh

Kód: Vybrat vše

https://ctrlv.cz/1Sqr

PS PS: pridávam RSIT

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by User at 2017-04-11 16:04:03
Microsoft Windows 10 Home 
System drive C: has 52 GB (11%) free of 476 GB
Total RAM: 3965 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:04:16, on 11. 4. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HiSuite\HiSuite.exe
C:\Fraps\fraps.exe
C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\User\AppData\Roaming\uTorrent\updates\3.4.9_43388\utorrentie.exe
C:\Users\User\AppData\Roaming\uTorrent\updates\3.4.9_43388\utorrentie.exe
C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
C:\Program Files (x86)\Opera\43.0.2442.1144\opera_crashreporter.exe
C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
C:\Users\User\AppData\Local\HiSuite\userdata\hwtools\hdbtransport.exe
C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
C:\Program Files\trend micro\User.exe
C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
O4 - HKCU\..\Run: [BlueStacks Agent] C:\Program Files (x86)\Bluestacks\HD-Agent.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Overwolf] "C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe" -overwolfsilent
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{19643a15-59c4-4dd1-bca8-6591227bad58}: NameServer = 208.67.222.222,208.67.220.220,10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\..\{7431cb5a-3532-45c9-aa33-ba6c44bd73b8}: NameServer = 208.67.222.222,208.67.220.220,
O17 - HKLM\System\CCS\Services\Tcpip\..\{a3fb7b92-3669-4670-9d94-d228cc012fa8}: NameServer = 208.67.222.222,208.67.220.220,
O17 - HKLM\System\CCS\Services\Tcpip\..\{fe32a8a9-c808-4441-ab9e-bf148b2ac397}: NameServer = 208.67.222.222,208.67.220.220,
O17 - HKLM\System\CS1\Services\Tcpip\..\{19643a15-59c4-4dd1-bca8-6591227bad58}: NameServer = 208.67.222.222,208.67.220.220,10.0.0.138
O17 - HKLM\System\CS2\Services\Tcpip\..\{19643A15-59C4-4DD1-BCA8-6591227BAD58}: NameServer = 208.67.222.222,208.67.220.220,10.0.0.138
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Alcohol Virtual AHCI Controller Management Service (AxVirtualAHCISrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe
O23 - Service: BlueStacks Android Service  (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Plus Android Service  (BstHdPlusAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Heroes & Generals Steam Service (HnGSteamService) - Reto-Moto ApS - C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngservice.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11134 bytes

======Listing Processes======







winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\atiesrxx.exe
atieclxx
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
dashost.exe {43f451cf-e38f-4318-96ef76067cd77e35}
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe"
"C:\WINDOWS\system32\CxAudMsg64.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\SysWoW64\PnkBstrA.exe

C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
sihost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Elantech\ETDCtrlHelper.exe" 
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Elantech\ETDIntelligent.exe" 
igfxEM.exe 
igfxHK.exe 
igfxTray.exe 
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe" 
"C:\Windows\RTFTrack.exe" 
"C:\Program Files\Windows Defender\MSASCuiL.exe" 
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0

"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\Windows\System32\InstallAgent.exe -Embedding
C:\Windows\System32\InstallAgentUserBroker.exe -Embedding
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
taskhostw.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
StartupfromeHuaweiHiSuiteService
"C:\Fraps\fraps.exe" 
"C:\Fraps\fraps64.dat"
"C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe" 
"C:\Users\User\AppData\Roaming\uTorrent\updates\3.4.9_43388\utorrentie.exe" uTorrent_10792_03F3C900_78912553 µTorrent4823DF041B09 uTorrent
"C:\Users\User\AppData\Roaming\uTorrent\updates\3.4.9_43388\utorrentie.exe" uTorrent_10792_03F3CAC8_1180906745 µTorrent4823DF041B09 uTorrent
"C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\43.0.2442.1144\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=7116
"C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe" --type=gpu-process --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=10656 --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,16,19,20,23,26,40,71 --gpu-vendor-id=0x1002 --gpu-device-id=0x6600 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.200.1050.0 --gpu-driver-date=6-30-2015 --gpu-secondary-vendor-ids=0x8086 --gpu-secondary-device-ids=0x0166 --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=10656 --service-request-channel-token=E006CDFAE6A6A2765306EA8AA5FB42D8 --mojo-platform-channel-handle=1488 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --primordial-pipe-token=D999DBFA257B38AB4ECF8EFE2352F74C --lang=sk --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=10656 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=D999DBFA257B38AB4ECF8EFE2352F74C --renderer-client-id=3 --mojo-platform-channel-handle=1848 /prefetch:1
"C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --primordial-pipe-token=68A7787833B2C46C93D7B912C4462079 --lang=sk --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=10656 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=68A7787833B2C46C93D7B912C4462079 --renderer-client-id=5 --mojo-platform-channel-handle=2272 /prefetch:1
"C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --primordial-pipe-token=69F6C1E8184A6500DA0D225B02348DE7 --lang=sk --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=10656 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=69F6C1E8184A6500DA0D225B02348DE7 --renderer-client-id=7 --mojo-platform-channel-handle=3224 /prefetch:1
"C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --primordial-pipe-token=C0C3E711A6ABCC8F3273DFD53832A408 --lang=sk --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=10656 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=C0C3E711A6ABCC8F3273DFD53832A408 --renderer-client-id=8 --mojo-platform-channel-handle=4508 /prefetch:1
"C:\Users\User\AppData\Local\HiSuite\userdata\hwtools\hdbtransport.exe" fork-server server
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\WINDOWS\explorer.exe" 
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\system32\DllHost.exe /Processid:{49F6E667-6658-4BD1-9DE9-6AF87F9FAF85}
C:\WINDOWS\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --primordial-pipe-token=543FF00DCE7C05698E4E72D77A387BA6 --lang=sk --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=10656 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=543FF00DCE7C05698E4E72D77A387BA6 --renderer-client-id=40 --mojo-platform-channel-handle=7988 /prefetch:1
C:\WINDOWS\system32\AUDIODG.EXE 0x298
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-36b33cf2-453a-4798-9b2d-d6d6142e3105 -SystemEventPortName:HostProcess-ef1691a9-5d60-4fbf-ad1d-2bc59f947c6f -IoCancelEventPortName:HostProcess-1abfbea8-3b16-4f98-9855-a46851330f70 -NonStateChangingEventPortName:HostProcess-688f2415-f779-4292-918b-9f959f21d02b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:700cfb23-d090-4cd0-8ee0-0e539f8ace40 -DeviceGroupId:WudfDefaultDevicePool
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe168_ Global\UsGthrCtrlFltPipeMssGthrPipe168 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 632 640 648 8192 644 
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\User\AppData\Local\Temp\scoped_dir7116_2418\RSITx64.exe" 
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --primordial-pipe-token=9AE9A8E51FAD0E75CBD4D76B223007F9 --lang=sk --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=10656 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=9AE9A8E51FAD0E75CBD4D76B223007F9 --renderer-client-id=45 --mojo-platform-channel-handle=9956 /prefetch:1
"C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --primordial-pipe-token=C5E722FB8184A31DF9C441BA7200A41B --lang=sk --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --with-feature:installer-support-x64-download=on --crash-reporter-pid=10656 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=C5E722FB8184A31DF9C441BA7200A41B --renderer-client-id=46 --mojo-platform-channel-handle=9292 /prefetch:1

=========Mozilla firefox=========

ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\uard2xia.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.101.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.101.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-06 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-06 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-10-07 3242696]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2014-11-25 935104]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2014-04-10 1830616]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2015-09-03 5060864]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe [2016-09-07 631808]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-03-01 1518304]
"uTorrent"=C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe [2017-03-15 2147520]
"BlueStacks Agent"=C:\Program Files (x86)\Bluestacks\HD-Agent.exe [2016-07-04 970264]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-12-20 27250144]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2017-01-19 2881824]
"Overwolf"=C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [2017-03-21 1058360]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-12-21 291280]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-11-18 767176]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22 598552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="0"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-04-11 16:04:03 ----D---- C:\Program Files\trend micro
2017-04-11 16:04:02 ----D---- C:\rsit
2017-04-09 15:16:55 ----D---- C:\ProgramData\boost_interprocess
2017-04-09 15:11:02 ----D---- C:\Users\User\AppData\Roaming\Wirecast Play
2017-04-09 15:11:00 ----D---- C:\ProgramData\Telestream
2017-04-09 15:10:59 ----D---- C:\Users\User\AppData\Roaming\Vara Software
2017-04-09 15:00:32 ----D---- C:\Program Files\Telestream
2017-04-04 14:00:45 ----D---- C:\ProgramData\Malwarebytes
2017-04-04 14:00:36 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-04-04 14:00:33 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2017-04-04 13:59:28 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2017-04-01 15:08:03 ----D---- C:\Program Files (x86)\Rockstar Games
2017-03-15 22:15:03 ----AD---- C:\Program Files (x86)\Cities in Motion 2 Collection
2017-03-15 03:08:24 ----D---- C:\Program Files\Rockstar Games
2017-03-15 03:06:17 ----D---- C:\ProgramData\Socialclub

======List of files/folders modified in the last 1 month======

2017-04-11 16:04:03 ----RD---- C:\Program Files
2017-04-11 16:04:02 ----D---- C:\WINDOWS\Prefetch
2017-04-11 16:03:04 ----D---- C:\Users\User\AppData\Roaming\uTorrent
2017-04-11 15:51:13 ----D---- C:\WINDOWS\System32
2017-04-11 15:51:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-11 15:51:00 ----D---- C:\WINDOWS\system32\sru
2017-04-11 14:50:05 ----D---- C:\WINDOWS\SysWOW64
2017-04-11 14:49:53 ----D---- C:\WINDOWS\system32\Macromed
2017-04-11 14:49:49 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-04-11 14:49:45 ----D---- C:\WINDOWS\Temp
2017-04-11 12:30:20 ----D---- C:\WINDOWS\system32\SleepStudy
2017-04-11 00:18:08 ----SHD---- C:\WINDOWS\Installer
2017-04-11 00:13:08 ----RD---- C:\Program Files (x86)
2017-04-10 12:58:15 ----D---- C:\WINDOWS\system32\config
2017-04-10 12:56:52 ----RD---- C:\WINDOWS\Microsoft.NET
2017-04-10 12:54:44 ----SHD---- C:\System Volume Information
2017-04-09 15:16:55 ----HD---- C:\ProgramData
2017-04-09 15:01:18 ----D---- C:\WINDOWS\WinSxS
2017-04-08 15:53:38 ----D---- C:\WINDOWS\AppReadiness
2017-04-08 11:17:49 ----D---- C:\Users\User\AppData\Roaming\.minecraft
2017-04-08 10:06:32 ----D---- C:\WINDOWS\system32\NDF
2017-04-05 14:27:46 ----D---- C:\Users\User\AppData\Roaming\.MesterMC.hu
2017-04-04 14:00:33 ----D---- C:\WINDOWS\system32\drivers
2017-04-01 15:40:50 ----RSD---- C:\WINDOWS\assembly
2017-04-01 00:16:37 ----D---- C:\Users\User\AppData\Roaming\vlc
2017-03-30 23:29:50 ----D---- C:\Program Files (x86)\Steam
2017-03-30 20:37:55 ----D---- C:\Windows
2017-03-30 19:45:44 ----AD---- C:\Program Files (x86)\Battlefield 3
2017-03-30 11:09:41 ----D---- C:\Hry
2017-03-28 01:12:44 ----D---- C:\Filmy
2017-03-24 12:27:25 ----D---- C:\WINDOWS\INF
2017-03-23 17:35:00 ----AD---- C:\Program Files (x86)\Overwolf
2017-03-17 17:43:11 ----D---- C:\WINDOWS\LiveKernelReports
2017-03-15 03:06:16 ----RSD---- C:\WINDOWS\Fonts
2017-03-14 16:14:24 ----D---- C:\WINDOWS\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem17.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2015-06-04 73976]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-05-29 646408]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R0 sptd2;sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [2016-06-09 203832]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2016-07-16 78336]
R3 ACPIVPC;@oem14.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2014-04-27 34552]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-07-10 21625880]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-07-10 673304]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2016-07-16 4233728]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-12-10 601624]
R3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth Stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2016-09-15 168448]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-08-20 114176]
R3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth Hands-Free; C:\WINDOWS\System32\drivers\BthHfAud.sys [2016-07-16 37376]
R3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-09-15 249856]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-10-05 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-08-20 84992]
R3 CnxtHdAudService;@oem26.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2015-05-15 1536528]
R3 cykbfltrService;@oem2.inf,%Filter.SvcDesc%;Cypress Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\cykbfltr.sys [2012-06-15 16896]
R3 ETD;@oem8.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-10-07 525512]
R3 ew_usbccgpfilter;@oem47.inf,%busupper.SVCDESC%;HwHandSet_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [2016-05-25 18816]
R3 ICCWDT;@oem21.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\WINDOWS\System32\drivers\ICCWDT.sys [2010-08-18 26136]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-05-03 3811288]
R3 int0800;@oem4.inf,%Flashud_svcdesc%;Intel 28F320C3 Flash Update Device Driver v6.4; C:\WINDOWS\System32\drivers\flashud.sys [2009-09-09 51712]
R3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-09-09 454416]
R3 iwdbus;@oem30.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 38896]
R3 L1C;@oem5.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C62x64.sys [2013-11-29 129224]
R3 MEIx64;@oem34.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-07-28 184608]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2016-10-22 175616]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
R3 RTSUER;@oem37.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2015-05-27 402136]
R3 rtsuvc;@oem10.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2015-09-03 3077888]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-07-02 33960]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2016-07-16 32096]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [2016-07-04 152672]
S3 BstkDrv;BlueStacks Plus Hypervisor; \??\C:\Program Files (x86)\Bluestacks\BstkDrv.sys [2016-07-04 270904]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2016-11-11 967168]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-09-10 118272]
S3 dg_ssudbus;@oem18.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-04-25 129152]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-08-06 73568]
S3 HWHandSet;HWUSBSERSP; C:\WINDOWS\system32\DRIVERS\hw_quusbmdm.sys [2016-11-25 223232]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-12-01 50160]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 ssudmdm;@oem19.inf,%ssud.Service.Name%;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-04-25 221824]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-07-10 254488]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 AxVirtualAHCISrv;Alcohol Virtual AHCI Controller Management Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe [2015-12-30 99712]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [2016-07-04 421400]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_3628e;CDPUserSvc_3628e; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-10-07 144072]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2016-11-25 192200]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-05-03 337888]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2016-10-22 26112]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
R2 OneSyncSvc_3628e;Sync Host_3628e; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2016-09-27 76152]
R3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2015-03-12 39376]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-07 152216]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 SAService;Conexant SmartAudio service; C:\WINDOWS\system32\SAsrv.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-11 271448]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 BstHdAndroidSvc;BlueStacks Android Service ; C:\Program Files (x86)\Bluestacks\HD-Service.exe [2016-07-04 441880]
S3 BstHdPlusAndroidSvc;BlueStacks Plus Android Service ; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [2016-07-04 458264]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-05-03 299488]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-07 152216]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 HnGSteamService;Heroes & Generals Steam Service; C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngservice.exe [2017-02-20 533288]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_3628e;MessagingService_3628e; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-06-24 146888]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-03-21 1325384]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc_3628e;Kontaktné údaje_3628e; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2016-09-07 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-01-19 1464096]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-07-16 52920]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]

-----------------EOF-----------------

UPDATE 3
občas keď zapínam Task Manager (Správca) tak mi vyskočí tento error

Kód: Vybrat vše

https://ctrlv.sk/xARr

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[Cibo]

Nech sa páči

Kód: Vybrat vše

# AdwCleaner v6.045 - *Logfile created 11/04/2017 *at 22:08:33
# *Updated on 28/03/2017 by Malwarebytes
# *Database : 2017-04-11.1 [*Server]
# *Operating System : Windows 10 Home  (X64)
# *Username : User - USER-PC
# *Running from : C:\Users\User\Desktop\adwcleaner_6.045.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support



***** [ *Services ] *****



***** [ *Folders ] *****



***** [ *Files ] *****

[-] *File deleted: C:\END


***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****



***** [ *Registry ] *****

[-] *Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] *Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] *Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] *Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com


***** [ *Browsers ] *****

[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: search.babylon.com
[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: mysites123
[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: home.sweetim.com
[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] *Deleted: hxxp://www.mysites123.com/?type=hp&ts=1451664472&z=04f5e2bfe5f81d48a95cd36g3z7w6gdq4qbz9zam1o&from=amt&uid=st500lm000-1ej162_w370dnk0xxxxw370dnk0
[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default] [homepage] *Deleted: hxxp://www.mysites123.com/?type=hp&ts=1451664472&z=04f5e2bfe5f81d48a95cd36g3z7w6gdq4qbz9zam1o&from=amt&uid=st500lm000-1ej162_w370dnk0xxxxw370dnk0


*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2506 *Bytes] - [11/04/2017 22:08:33]
C:\AdwCleaner\AdwCleaner[S0].txt - [2658 *Bytes] - [11/04/2017 22:08:09]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2654 *Bytes] ##########

[Rudy]

Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[Cibo]

Stiahol som si to, mám to uložené na pracovnej ploche no nejde mi to spustiť. Bežím na OS Win 10 a vždy mi vypíše (aj keď spustím ako správca) že viď. link

Kód: Vybrat vše

https://ctrlv.cz/MYYz

[Rudy]

Zkuste ho přesunout do jiného adresáře a pak spustit.

[Cibo]

Podarilo sa mi to spustiť (nepýtajte sa ako, som autista)
Dostal som nejaké error počas scanu ale spravilo to.

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017 ([color=red]ATTENTION: ====> FRSTversion is 31 days old and could be outdated[/color])
Ran by User (administrator) on USER-PC (15-04-2017 18:50:44)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Alcohol Soft Development Team) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
(BitTorrent Inc.) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\User\AppData\Roaming\uTorrent\updates\3.5.0_43580\utorrentie.exe
(BitTorrent Inc.) C:\Users\User\AppData\Roaming\uTorrent\updates\3.5.0_43580\utorrentie.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5060864 2015-09-03] (Realtek semiconductor)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291280 2012-12-21] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\Run: [uTorrent] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe [2144448 2017-04-11] (BitTorrent Inc.)
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [970264 2016-07-04] (BlueStack Systems, Inc.)
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-03-23] (Valve Corporation)
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1058360 2017-04-09] ()
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\MountPoints2: {2aab4417-d44b-11e6-bbaa-208984f6fdef} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\MountPoints2: {2f0c46d3-9f91-11e6-bb91-9cb70dfc57ea} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\MountPoints2: {a645bf84-2e1e-11e6-bb4e-9cb70dfc57ea} - "F:\setup.exe" 
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\MountPoints2: {f97e1c71-9e95-11e6-bb91-9cb70dfc57ea} - "D:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\MountPoints2: {fd6f999a-5834-11e6-bb66-9cb70dfc57ea} - "G:\setup.exe" 
AppInit_DLLs: 0 => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{19643a15-59c4-4dd1-bca8-6591227bad58}: [NameServer] 208.67.222.222,208.67.220.220,10.0.0.138
Tcpip\..\Interfaces\{19643a15-59c4-4dd1-bca8-6591227bad58}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{7431cb5a-3532-45c9-aa33-ba6c44bd73b8}: [NameServer] 208.67.222.222,208.67.220.220,
Tcpip\..\Interfaces\{a3fb7b92-3669-4670-9d94-d228cc012fa8}: [NameServer] 208.67.222.222,208.67.220.220,
Tcpip\..\Interfaces\{fe32a8a9-c808-4441-ab9e-bf148b2ac397}: [NameServer] 208.67.222.222,208.67.220.220,

Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-06] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-06] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: uard2xia.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\uard2xia.default [2017-03-08]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-06] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxp://iron-start.com/"
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2017-04-11]
CHR Extension: (Prezentácie Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-07]
CHR Extension: (Dokumenty Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-07]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-07]
CHR Extension: (FB Refresh) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdlfdaajmclngiomogmleihllaejcnni [2016-07-08]
CHR Extension: (Authenticator) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2016-07-08]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-07]
CHR Extension: (New York theme) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcnjoilngpclpbpopnnfbjelpbpamign [2016-07-08]
CHR Extension: (Tabuľky Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-07]
CHR Extension: (Stylish - Custom themes for any website) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2017-03-15]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-08]
CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-09]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-04-09]
CHR Extension: (JavaScript Popup Blocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiajdlfgbgnnjakkbnpdhmhfhklkbiol [2016-07-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-15]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-07]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-06]

Opera: 
=======
OPR Extension: (AdBlock) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-06-08]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
R2 AxVirtualAHCISrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe [99712 2015-12-30] (Alcohol Soft Development Team)
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [441880 2016-07-04] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [421400 2016-07-04] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [458264 2016-07-04] (BlueStack Systems, Inc.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
S3 HnGSteamService; C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngservice.exe [537896 2017-04-12] (Reto-Moto ApS)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-11-25] ()
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1325896 2017-04-09] (Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-09-27] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-06-04] (Advanced Micro Devices, Inc.)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-07-04] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-07-04] (Bluestack System Inc. )
R3 cykbfltrService; C:\WINDOWS\system32\DRIVERS\cykbfltr.sys [16896 2012-06-15] (Cypress Semiconductor, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18816 2016-05-25] (Huawei Technologies Co., Ltd.)
S3 HWHandSet; C:\WINDOWS\system32\DRIVERS\hw_quusbmdm.sys [223232 2016-11-25] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [51712 2009-09-09] (Intel Corporation)
R3 L1C; C:\WINDOWS\System32\drivers\L1C62x64.sys [129224 2013-11-29] (Qualcomm Atheros Co., Ltd.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3077888 2015-09-03] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-07-02] (Synaptics Incorporated)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [203832 2016-06-09] (Duplex Secure Ltd)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U0 aswVmm; no ImagePath
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-15 18:50 - 2017-04-15 18:52 - 00017044 _____ C:\Users\User\Desktop\FRST.txt
2017-04-15 18:50 - 2017-04-15 18:50 - 02424832 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2017-04-15 18:50 - 2017-04-15 18:50 - 00000000 ____D C:\FRST
2017-04-15 18:08 - 2017-04-15 18:08 - 00000000 ____D C:\Users\User\AppData\LocalLow\uTorrent
2017-04-15 11:30 - 2017-04-15 11:30 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
2017-04-11 22:06 - 2017-04-11 22:08 - 00000000 ____D C:\AdwCleaner
2017-04-11 22:04 - 2017-04-11 22:05 - 04089296 _____ C:\Users\User\Desktop\adwcleaner_6.045.exe
2017-04-11 16:04 - 2017-04-11 16:04 - 00000000 ____D C:\rsit
2017-04-11 16:04 - 2017-04-11 16:04 - 00000000 ____D C:\Program Files\trend micro
2017-04-11 16:03 - 2017-04-11 16:03 - 01222144 _____ C:\Users\User\Desktop\RSITx64.exe
2017-04-09 15:17 - 2017-04-09 15:17 - 00000000 ____D C:\Users\User\AppData\Local\IsolatedStorage
2017-04-09 15:16 - 2017-04-12 17:58 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-04-09 15:11 - 2017-04-09 15:15 - 00000000 ____D C:\Users\User\AppData\Roaming\Wirecast Play
2017-04-09 15:11 - 2017-04-09 15:11 - 00000000 ____D C:\ProgramData\Telestream
2017-04-09 15:10 - 2017-04-09 15:24 - 00033973 _____ C:\Users\User\AppData\Roaming\net.telestream.wirecast.xml
2017-04-09 15:10 - 2017-04-09 15:10 - 00000000 ____D C:\Users\User\AppData\Roaming\Vara Software
2017-04-09 15:00 - 2017-04-09 15:00 - 00002049 _____ C:\Users\Public\Desktop\Wirecast.lnk
2017-04-09 15:00 - 2017-04-09 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telestream
2017-04-09 15:00 - 2017-04-09 15:00 - 00000000 ____D C:\Program Files\Telestream
2017-04-09 14:50 - 2017-04-09 14:53 - 156071875 _____ C:\Users\User\Downloads\Wirecast-Play-6.0.7.zip
2017-04-07 16:02 - 2017-04-07 16:02 - 00000000 ____D C:\Users\User\Desktop\Nový priečinok (3)
2017-04-04 14:00 - 2017-04-11 22:09 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-04-04 14:00 - 2017-04-04 14:00 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-04 14:00 - 2017-04-04 14:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-04 13:59 - 2017-04-04 18:35 - 00000000 ____D C:\Users\User\Desktop\mbar
2017-04-04 13:59 - 2017-04-04 13:59 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-04-01 15:39 - 2017-04-01 15:39 - 00001397 _____ C:\Users\Public\Desktop\L.A. Noire - Complete Edition.lnk
2017-04-01 15:39 - 2017-04-01 15:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2017-04-01 15:08 - 2017-04-01 15:08 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-04-01 15:05 - 2017-04-01 15:05 - 00000000 ____D C:\Users\User\AppData\Local\Chromium
2017-04-01 15:03 - 2017-04-01 15:40 - 1574973639 _____ C:\Users\User\Downloads\Starcraft+1.18+PTR+1202.zip
2017-04-01 15:01 - 2017-04-01 15:01 - 00170812 _____ C:\Users\User\Downloads\Game Error Fixer(2) (1).rar
2017-04-01 14:54 - 2017-04-01 14:55 - 08164915 _____ C:\Users\User\Downloads\L.A.NOIRE.V1.3.2613.ALL.RELOADED.NODVD.ZIPd
2017-03-30 23:33 - 2017-03-30 23:33 - 00170812 _____ C:\Users\User\Downloads\Game Error Fixer(2).rar
2017-03-29 22:49 - 2017-03-29 22:49 - 00033517 _____ C:\Users\User\Downloads\[eStone]L.A.Noire.Complete.Edition.MULTi6-PROPHET.torrent
2017-03-28 09:05 - 2017-03-29 17:03 - 00000000 ____D C:\Users\User\Desktop\Starcraft
2017-03-28 00:27 - 2017-03-28 00:27 - 00012953 _____ C:\Users\User\Downloads\[eStone]Doctor.Strange.2016.IMAX.BDRip.XviD.HuN-VPS.torrent
2017-03-25 03:56 - 2017-03-25 03:56 - 00018951 _____ C:\Users\User\Downloads\[eStone]Fantastic.Beasts.and.Where.to.Find.Them.CUSTOM.2016.BDRiP.XviD.HUN-GS88.torrent
2017-03-17 18:09 - 2017-03-17 18:11 - 00000000 ____D C:\Users\User\Desktop\Real

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-15 18:50 - 2016-06-08 15:45 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2017-04-15 18:41 - 2016-10-22 03:26 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-15 11:10 - 2016-06-08 20:20 - 00000000 __SHD C:\Users\User\IntelGraphicsProfiles
2017-04-14 20:36 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-14 20:35 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-14 05:26 - 2016-06-08 19:46 - 00000000 ____D C:\Hry
2017-04-13 17:35 - 2016-09-25 17:33 - 00000000 ____D C:\Program Files (x86)\Overwolf
2017-04-12 14:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-12 14:00 - 2016-11-12 03:17 - 00908250 _____ C:\WINDOWS\system32\perfh01B.dat
2017-04-12 14:00 - 2016-11-12 03:17 - 00271580 _____ C:\WINDOWS\system32\perfc01B.dat
2017-04-12 14:00 - 2016-10-22 03:42 - 02913540 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-12 13:54 - 2016-10-22 04:04 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-12 12:12 - 2016-09-15 16:38 - 00000000 ____D C:\Program Files (x86)\Steam
2017-04-12 12:00 - 2017-02-07 13:01 - 00000000 ____D C:\Users\User\AppData\LocalLow\Heroes and Generals
2017-04-11 22:53 - 2010-11-21 05:27 - 00532136 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-04-11 22:09 - 2016-07-16 08:04 - 01310720 _____ C:\WINDOWS\system32\config\BBI
2017-04-11 21:37 - 2016-09-27 00:30 - 00000000 ____D C:\Program Files (x86)\Battlefield 3
2017-04-11 14:50 - 2016-10-22 04:04 - 00004534 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-04-11 14:50 - 2016-10-22 04:04 - 00004386 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-04-11 14:49 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-04-11 14:49 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-04-11 00:13 - 2016-10-22 04:04 - 00003454 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-11 00:13 - 2016-10-22 04:04 - 00003330 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-08 11:17 - 2016-07-29 22:46 - 00000000 ____D C:\Users\User\AppData\Roaming\.minecraft
2017-04-07 16:10 - 2016-10-29 20:34 - 00000000 ____D C:\Users\User\Desktop\Nový priečinok
2017-04-06 16:41 - 2016-08-14 16:52 - 00000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics
2017-04-06 12:57 - 2016-06-07 10:55 - 00002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-05 14:27 - 2016-06-12 16:39 - 00000000 ____D C:\Users\User\AppData\Roaming\.MesterMC.hu
2017-04-01 15:39 - 2017-03-15 03:06 - 00000000 ____D C:\Users\User\Documents\Rockstar Games
2017-04-01 00:16 - 2016-06-08 20:19 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
2017-03-30 23:34 - 2016-07-06 11:29 - 00000000 ____D C:\Users\User\AppData\Local\SKIDROW
2017-03-30 19:54 - 2016-06-09 10:53 - 00002709 _____ C:\Users\User\Documents\ax_files.xml
2017-03-28 01:12 - 2016-06-08 15:47 - 00000000 ____D C:\Filmy
2017-03-24 12:27 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-17 17:43 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-16 14:25 - 2016-10-22 03:26 - 00259856 _____ C:\WINDOWS\system32\FNTCACHE.DAT

==================== Files in the root of some directories =======

2017-04-09 15:10 - 2017-04-09 15:24 - 0033973 _____ () C:\Users\User\AppData\Roaming\net.telestream.wirecast.xml
2016-10-30 13:40 - 2016-10-30 13:40 - 0000000 _____ () C:\Users\User\AppData\Local\{ADE444A4-AD4B-4112-AA08-0079180C04BE}
2016-10-22 03:37 - 2016-10-22 03:37 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
2016-11-18 13:43 - 2016-11-18 13:43 - 1851607 _____ () C:\Users\User\AppData\Local\Temp\ads.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\User\Desktop" je 9825 MB.
 
 
***** Startup Programs *****
 
 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    DisableNotifications    REG_DWORD    0x0
    EnableFirewall    REG_DWORD    0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    DisableNotifications    REG_DWORD    0x0
    EnableFirewall    REG_DWORD    0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

 
==================== End Of Log ==============================

Pridávam aj additional txt

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by User (15-04-2017 18:53:09)
Running from C:\Users\User\Desktop
Windows 10 Home Version 1607 (X64) (2016-10-22 02:10:36)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1387504986-1140448117-892960123-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1387504986-1140448117-892960123-503 - Limited - Disabled)
Guest (S-1-5-21-1387504986-1140448117-892960123-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1387504986-1140448117-892960123-1002 - Limited - Enabled)
User (S-1-5-21-1387504986-1140448117-892960123-1000 - Administrator - Enabled) => C:\Users\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.)
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Alcohol 120% (HKLM-x32\...\Alcohol 120%) (Version:  - Alcohol Soft Development Team)
AMD Catalyst Install Manager (HKLM\...\{F564317A-AB84-BEE8-A670-B6C09BC08AFB}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Asistent pri inovácii na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17361 - Microsoft Corporation)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.18.170105 - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3 version 1.6.0.0 (HKLM-x32\...\{9DC9BEA7-1E84-42A7-BB3B-A64F3E1E95EA}_is1) (Version: 1.6.0.0 - DWORD)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.3.37.6239 - BlueStack Systems, Inc.)
Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision)
Call of Duty(R) - World at War(TM) (x32 Version: 1.0 - Activision) Hidden
Cities in Motion 2 Collection (HKLM-x32\...\Cities in Motion 2 Collection_is1) (Version: 1.0 - PLAZA)
Cities Skylines After Dark (HKLM-x32\...\Cities Skylines After Dark_is1) (Version:  - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.0 - Conexant)
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Creation Master 15.0 (HKLM-x32\...\Creation Master 15_is1) (Version:  - FIFA MASTER)
CSGO WaRzOnE (HKLM-x32\...\CSGO WaRzOnE 1.35.6.3) (Version: 1.35.6.3 - Warzone)
CSGO WaRzOnE (x32 Version: 1.35.6.3 - Warzone) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Empire Total War version 1.5 (HKLM-x32\...\Empire Total War_is1) (Version: 1.5 - Sega)
Euro Truck Simulator 2 v1.24.4.3 (40 DLC) (HKLM-x32\...\Euro Truck Simulator 2 v1.24.4.3 (40 DLC)1.24.4.3) (Version: 1.24.4.3 - Friends in War)
Far Cry Primal (HKLM-x32\...\{80BD47AF-CF13-49B2-99BF-7E78FBA26124}_is1) (Version:  - Ubisoft)
Farming Simulator 15 Gold Edition version 1.4.2.0 (HKLM-x32\...\Farming Simulator 15 Gold Edition_is1) (Version: 1.4.2.0 - Mr DJ)
FIFA 15 (HKLM-x32\...\FIFA 15_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, ProZorg_tm)
FileZilla Client 3.17.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.17.0.1 - Tim Kosse)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\{1B1804FD-E82B-3F90-BF06-C790151AA7EB}) (Version: 57.0.2987.133 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
Heroes & Generals (HKLM\...\Steam App 227940) (Version:  - Reto-Moto)
Heroes of Might & Magic III - HD Edition (HKLM-x32\...\Heroes of Might & Magic III - HD Edition_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.7.248 - Intel Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
L.A. Noire - Complete Edition (HKLM-x32\...\L.A. Noire - Complete Edition_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 4.1.1) (Version: 4.1.1 - Riot Games)
League of Legends (x32 Version: 4.1.1 - Riot Games) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10240.11126 - Realtek Semiconductor Corp.)
LibreOffice 5.1.3.2 (HKLM\...\{71F78D59-795A-47AC-8876-7D795967E65A}) (Version: 5.1.3.2 - The Document Foundation)
Mafia II (HKLM-x32\...\Mafia II_is1) (Version:  - )
Men of War: Assault Squad 2 (HKLM-x32\...\TWVub2ZXYXJBc3NhdWx0U3F1YWQy_is1) (Version: 1 - )
Microsoft OneDrive (HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24516 (HKLM\...\{6B66663C-055F-3A2E-A09D-168840A82362}) (Version: 14.0.24516 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24516 (HKLM\...\{EE6E34BF-D825-384C-AFF5-305DF5CFAF5A}) (Version: 14.0.24516 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24516 (HKLM-x32\...\{B4EB15A2-6582-346E-8501-B6E907F23B80}) (Version: 14.0.24516 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24516 (HKLM-x32\...\{7B82F823-A226-3463-B438-AF4DDDE2B810}) (Version: 14.0.24516 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{FD9D64F4-CAF5-3D23-845A-B843C78CC1A5}) (Version: 10.0.60830 - Microsoft Corporation)
Minecraft1.8 (HKLM-x32\...\Minecraft1.8) (Version:  - )
Mount and Blade Warband - Viking Conquest (HKLM-x32\...\Mount and Blade Warband - Viking Conquest_is1) (Version:  - )
Mozilla Firefox 47.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 en-US)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1 - Mozilla)
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version:  - Native Instruments)
No Mans Sky (HKLM-x32\...\No Mans Sky_is1) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.15.4 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 43.0.2442.1144 (HKLM-x32\...\Opera 43.0.2442.1144) (Version: 43.0.2442.1144 - Opera Software)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.103.232.0 - Overwolf Ltd.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
RollerCoaster Tycoon World version 1.0.0.0 (HKLM-x32\...\RollerCoaster Tycoon World_is1) (Version: 1.0.0.0 - Mr DJ)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Sniper Elite 3 (HKLM-x32\...\U25pcGVyRWxpdGUz_is1) (Version: 1 - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
The Sims 4 - Get to Work (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 beta 7 - Ghisler Software GmbH)
Total War WARHAMMER (HKLM-x32\...\{9025551B-0922-4884-833E-8F8BC9D38413}_is1) (Version: 1.0.0.0 - SEGA)
Train Simulator 2016 version v53.9b (HKLM-x32\...\Train Simulator 2016_is1) (Version: v53.9b - Dovetail Games)
Transport Fever (HKLM-x32\...\Transport Fever_is1) (Version:  - )
Uplay (HKLM-x32\...\Uplay) (Version: 22.2 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
War Thunder Launcher 1.0.1.693 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Wirecast (HKLM\...\{13CCAC84-0C34-4D13-8C99-02D9F8B4C714}) (Version: 6.0.6 - Telestream LLC)
World in Conflict  1.1 (HKLM-x32\...\World in Conflict_is1) (Version: 1.1 - )
Worms Armageddon (HKLM-x32\...\Worms Armageddon) (Version: 3.7.2.1 - Jimbo)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1387504986-1140448117-892960123-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04B378E8-EF23-486E-A57D-31D73CA3EFDE} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe 
Task: {18FC7012-CB71-45B6-9103-5B4632E6CDB0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {1B60DD60-ECB7-4B15-85D3-7FE06077CE70} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {363B52F5-E298-488D-B27F-73785617A6EF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {432BB081-BBE7-4FFB-921B-9908EB02780B} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {48D6BDF6-97DB-4F91-9582-362EB48A0E4B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe 
Task: {50011C0D-489C-4FA8-BACB-E3AA6A4A1B71} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {56BC88EE-D5FC-4A92-9651-33315F241520} - System32\Tasks\Opera scheduled Autoupdate 1465392047 => C:\Program Files (x86)\Opera\launcher.exe [2017-02-27] (Opera Software)
Task: {56E15918-0F77-44C6-8141-4F508D20C4BD} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {5A360E08-40E1-4968-8DAA-633A4A4C2227} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-07] (Google Inc.)
Task: {5EDE3E6B-7AF8-4661-9A1E-E1A07CA67177} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {6102193F-E25E-4A82-9AD7-3DB6D25B4300} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-07] (Google Inc.)
Task: {62AEEE01-1DBF-40F7-89A1-B4BB5DCD5FB0} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-04-09] (Overwolf LTD)
Task: {7047A6BB-1BB4-4E8A-85E5-51147333F362} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {7753ACAA-F3B6-4174-9A97-C4E4D06A0BA9} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {7B02593B-2309-4D2F-80FF-0E2F38055D3B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {8E451099-1146-4A9C-908A-E294F3B205B2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {92BB4B95-B945-440F-ABB4-209826442AD4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe [2017-04-11] (Adobe Systems Incorporated)
Task: {AB19AE32-BE0E-4AB8-8E41-2F1E7BE1ACE1} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {AE2F5AAD-024B-4688-947C-57023864A24D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {B545AD67-D8FA-4AEE-BAE6-7F94B700E7AE} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {C1CDF430-34F9-4A2E-B105-18DED7EED552} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-11] (Adobe Systems Incorporated)
Task: {C3EB3CFE-1CAE-44A9-B86A-B995C4310233} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe 
Task: {D1AED916-15B1-45D2-9B32-3EBF09DF59C4} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {D845FCE5-B8C5-4E6A-8A6E-EDFEF52CB2FF} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {DFC91A38-24B7-4991-B3BC-C13905950ABE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {E507A4B8-ECE6-4F9A-94A1-05BDAC5ED7EA} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {F02D0368-1987-4F0F-B04F-A154419FC0BB} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {F20FCD8E-3429-464C-9B27-709551CE0641} - System32\Tasks\InstallShield Update Service => C:\Users\User\AppData\Local\Ubisoft\ISSCH\issch.exe 
Task: {F32AA9B6-64C5-4DE4-9197-486D2B3D598A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {F8E06D8F-FB7A-4229-95DF-5C4D043B216F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\User\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()

==================== Loaded Modules (Whitelisted) ==============

2016-11-25 08:16 - 2016-11-25 08:16 - 00192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2016-09-27 11:42 - 2016-09-27 11:42 - 00076152 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-01-21 06:28 - 2016-12-09 12:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-01-21 06:28 - 2016-12-09 12:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-01-21 06:28 - 2016-12-09 12:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-11-09 20:24 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-21 06:30 - 2016-12-21 09:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-21 06:28 - 2016-12-21 08:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-21 06:28 - 2016-12-21 08:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-21 06:28 - 2016-12-21 08:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-21 06:28 - 2016-12-21 08:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-21 06:28 - 2016-12-21 08:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-22 18:09 - 2017-02-22 18:09 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-22 18:09 - 2017-02-22 18:09 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-22 18:09 - 2017-02-22 18:10 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 15:59 - 2017-02-06 16:00 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2017-03-02 00:19 - 2017-03-02 00:18 - 39821912 _____ () C:\Program Files (x86)\Opera\43.0.2442.1144\opera_browser.dll
2016-02-09 11:16 - 2016-02-09 11:16 - 00259584 _____ () C:\Program Files\Telestream\Wirecast\filters\WirecastVirtualCamera.ax
2017-03-02 00:19 - 2017-03-02 00:18 - 45842008 _____ () C:\Program Files (x86)\Opera\43.0.2442.1144\opera_child.dll
2017-03-02 00:19 - 2017-03-02 00:18 - 01930328 _____ () C:\Program Files (x86)\Opera\43.0.2442.1144\libglesv2.dll
2017-03-02 00:19 - 2017-03-02 00:18 - 00087640 _____ () C:\Program Files (x86)\Opera\43.0.2442.1144\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\User:Heroes & Generals [38]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1387504986-1140448117-892960123-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\Downloads\2017_assassins_wallpaper_1920x1080.jpg
DNS Servers: 208.67.222.222 - 208.67.220.220
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run32: => "USB3MON"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\StartupApproved\Run: => "AlcoholAutomount"
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\StartupApproved\Run: => "Overwolf"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{DA731D66-B5AA-4CA6-98BA-E004B952438A}] => (Allow) C:\Program Files (x86)\Mr DJ\Farming Simulator 15 Gold Edition\x64\FarmingSimulator2015Game.exe
FirewallRules: [{1A076F93-B7F5-446B-A3D6-85AFC807E37A}] => (Allow) C:\Program Files (x86)\Mr DJ\Farming Simulator 15 Gold Edition\x64\FarmingSimulator2015Game.exe
FirewallRules: [{F5F7DC93-BB42-40E7-A64E-68D246D04527}] => (Allow) C:\Program Files (x86)\Mr DJ\Farming Simulator 15 Gold Edition\x86\FarmingSimulator2015Game.exe
FirewallRules: [{D313D99F-5BD7-4BDF-906C-E18FD262CA3E}] => (Allow) C:\Program Files (x86)\Mr DJ\Farming Simulator 15 Gold Edition\x86\FarmingSimulator2015Game.exe
FirewallRules: [UDP Query User{D37A885C-4F47-48D1-8AA8-98C00C7812A7}C:\program files (x86)\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\battlefield 3\bf3.exe
FirewallRules: [TCP Query User{12DB7732-0961-447E-9A3B-94943D516F5F}C:\program files (x86)\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\battlefield 3\bf3.exe
FirewallRules: [UDP Query User{225B0D1E-5DD8-4A84-80B5-BEB14ECFDAA1}C:\program files (x86)\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\battlefield 3\bf3.exe
FirewallRules: [TCP Query User{220F693E-6E8F-4BDB-A305-F7433062B37E}C:\program files (x86)\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\battlefield 3\bf3.exe
FirewallRules: [UDP Query User{2B82124C-02F0-4453-91B8-92A71273F61A}C:\users\user\appdata\roaming\.mestermc.hu\minecraft.exe] => (Block) C:\users\user\appdata\roaming\.mestermc.hu\minecraft.exe
FirewallRules: [TCP Query User{823688A0-E084-49BC-883E-317055E42CFE}C:\users\user\appdata\roaming\.mestermc.hu\minecraft.exe] => (Block) C:\users\user\appdata\roaming\.mestermc.hu\minecraft.exe
FirewallRules: [UDP Query User{9BE94AE8-5604-4772-B738-9DA1D5796496}C:\hry\warthunder\win64\aces.exe] => (Allow) C:\hry\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{D83426E9-BAE8-4B47-9132-1F9A2392E5BC}C:\hry\warthunder\win64\aces.exe] => (Allow) C:\hry\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{49857E19-4CFA-4887-A57B-9B54EAB3AA38}C:\hry\warthunder\win64\aces.exe] => (Allow) C:\hry\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{AF544D08-4493-46CD-9230-09EB3A32E208}C:\hry\warthunder\win64\aces.exe] => (Allow) C:\hry\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{7D7CC930-563B-4BDB-A464-5A73D6C30937}C:\hry\warthunder\launcher.exe] => (Allow) C:\hry\warthunder\launcher.exe
FirewallRules: [TCP Query User{844B810A-0EC9-4F95-B85C-8D420D7DFFB8}C:\hry\warthunder\launcher.exe] => (Allow) C:\hry\warthunder\launcher.exe
FirewallRules: [{7985CC22-DF92-424B-8590-2CC2E9A0A6B2}] => (Allow) C:\Hry\WarThunder\run.exe
FirewallRules: [{8B1FE918-F746-4038-A7A6-AA0D254AD596}] => (Allow) C:\Hry\WarThunder\run.exe
FirewallRules: [{4A132444-06B7-4C96-9BA2-ACC309542EA7}] => (Allow) C:\Hry\WarThunder\launcher.exe
FirewallRules: [{1F8ECA18-7CE8-49B4-A9F4-B533EE05E717}] => (Allow) C:\Hry\WarThunder\launcher.exe
FirewallRules: [{3717B137-556D-4567-A794-8B3BC7E2FD91}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7129788D-FFBF-4DE3-96A7-D26D2F2B1F87}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{95D39CC0-A6F5-4B3D-AEE0-56E5625E04D2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{504B875C-389A-4876-974C-5C4A9DCB75B1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{2888A0BA-F2ED-45CC-83DF-4AF22E7021A9}C:\program files (x86)\ubisoft\ubisoft game launcher\games\the crew (worldwide)\thecrew.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\the crew (worldwide)\thecrew.exe
FirewallRules: [TCP Query User{D0BD40B9-B372-4B18-9E2F-0625DC9E2F0B}C:\program files (x86)\ubisoft\ubisoft game launcher\games\the crew (worldwide)\thecrew.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\the crew (worldwide)\thecrew.exe
FirewallRules: [{FFCA5A59-26F2-4DF1-89D1-6DBC7DB0BAC2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{2B168324-F38A-4D1B-8517-E63E77D222D0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [UDP Query User{8E357552-C66B-4EE4-BBB1-4C6573C8F9E3}C:\program files (x86)\r.g. catalyst\world in conflict\wic.exe] => (Allow) C:\program files (x86)\r.g. catalyst\world in conflict\wic.exe
FirewallRules: [TCP Query User{FC672DA1-FB32-44C9-8F93-ABAD7F111609}C:\program files (x86)\r.g. catalyst\world in conflict\wic.exe] => (Allow) C:\program files (x86)\r.g. catalyst\world in conflict\wic.exe
FirewallRules: [UDP Query User{CBFB449E-81CE-4A18-B4D6-026B74754D53}C:\program files (x86)\r.g. catalyst\world in conflict\wic.exe] => (Allow) C:\program files (x86)\r.g. catalyst\world in conflict\wic.exe
FirewallRules: [TCP Query User{8246E9C3-0B8E-4041-94B4-DBA38BD5EF67}C:\program files (x86)\r.g. catalyst\world in conflict\wic.exe] => (Allow) C:\program files (x86)\r.g. catalyst\world in conflict\wic.exe
FirewallRules: [UDP Query User{5D6B03CA-EE11-418F-8811-79763B4E81ED}C:\program files (x86)\taleworlds entertainment\mount and blade warband - viking conquest\mb_warband.exe] => (Allow) C:\program files (x86)\taleworlds entertainment\mount and blade warband - viking conquest\mb_warband.exe
FirewallRules: [TCP Query User{2E7D588B-701B-42F5-AF9E-71BB82F5031B}C:\program files (x86)\taleworlds entertainment\mount and blade warband - viking conquest\mb_warband.exe] => (Allow) C:\program files (x86)\taleworlds entertainment\mount and blade warband - viking conquest\mb_warband.exe
FirewallRules: [UDP Query User{E47AB67B-E510-42FA-8500-1C78226DFF14}C:\program files\strogino cs portal\counter-strike source\hl2.exe] => (Allow) C:\program files\strogino cs portal\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{CD387C23-D2BE-43D1-9BB5-3E7978026AF8}C:\program files\strogino cs portal\counter-strike source\hl2.exe] => (Allow) C:\program files\strogino cs portal\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{FF243530-DFC9-46F2-A281-4165D9780DEE}C:\program files (x86)\activision\call of duty - world at war\codwaw.exe] => (Block) C:\program files (x86)\activision\call of duty - world at war\codwaw.exe
FirewallRules: [TCP Query User{BD093B0A-904D-4C97-B7A6-E3F5226BBA97}C:\program files (x86)\activision\call of duty - world at war\codwaw.exe] => (Block) C:\program files (x86)\activision\call of duty - world at war\codwaw.exe
FirewallRules: [{E1935E20-7F03-41BA-9787-C20959F9070C}] => (Block) C:\program files (x86)\java\jre1.8.0_101\bin\jp2launcher.exe
FirewallRules: [{42838818-4FEF-47E5-81AF-BA08601CC7CC}] => (Block) C:\program files (x86)\java\jre1.8.0_101\bin\jp2launcher.exe
FirewallRules: [UDP Query User{A3E15207-4425-421D-B96E-85937AAAD48C}C:\program files (x86)\java\jre1.8.0_101\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\jp2launcher.exe
FirewallRules: [TCP Query User{685662AE-CD25-4A94-88D0-3488768165C4}C:\program files (x86)\java\jre1.8.0_101\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\jp2launcher.exe
FirewallRules: [{35910404-88A3-433A-8761-0F23D543BF73}] => (Allow) C:\Hry\bf4\Battlefield 4\bf4.exe
FirewallRules: [{D3E53321-3872-4C90-9EE0-87B054E83FEB}] => (Allow) C:\Hry\bf4\Battlefield 4\bf4.exe
FirewallRules: [{08B276F7-13BD-48EA-B3A4-A0A33ABD8331}] => (Allow) C:\Hry\bf4\Battlefield 4\bf4_x86.exe
FirewallRules: [{14403695-3745-4695-A006-96BA1163AC28}] => (Allow) C:\Hry\bf4\Battlefield 4\bf4_x86.exe
FirewallRules: [{940599A7-5BF4-4174-B30D-050AA5533B62}] => (Block) C:\totalcmd\totalcmd64.exe
FirewallRules: [{01BC9305-17C0-4D5C-94C3-4909117840F1}] => (Block) C:\totalcmd\totalcmd64.exe
FirewallRules: [UDP Query User{D4DD0795-13EB-40A8-9297-9C64947374ED}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [TCP Query User{E3CA3A77-86DC-40DB-84F5-5CDE4E306CCF}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [{0B55E55A-EFEE-419C-8E56-F0B6178817E2}] => (Block) C:\program files (x86)\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [{04B106D7-9F42-4D6B-9C95-05655FA7C9CD}] => (Block) C:\program files (x86)\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [UDP Query User{7A160B8F-864C-4ED8-B570-A965556B21F6}C:\program files (x86)\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Allow) C:\program files (x86)\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [TCP Query User{1C6A0B3C-9A21-4BF5-BB2C-0DBE99D9DE38}C:\program files (x86)\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe] => (Allow) C:\program files (x86)\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe
FirewallRules: [{708BFD52-33DD-4454-BD5E-5AC22B418CCD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FA555B5A-3665-4ABD-8D0D-6251CF69E7B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{00DAA2DD-F982-4073-9FE1-E3440F9F7FD9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{999B0363-36B0-4ABD-97D4-B98B1121F805}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{3D63906E-E943-4668-BD30-35A913C0EC3B}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{93BE5859-1C8B-4914-8D0C-500F0829578D}C:\program files\strogino cs portal\counter-strike global offensive\csgo.exe] => (Allow) C:\program files\strogino cs portal\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{E5EDA1E3-54BD-403D-BE8B-0F00AABB0288}C:\program files\strogino cs portal\counter-strike global offensive\csgo.exe] => (Allow) C:\program files\strogino cs portal\counter-strike global offensive\csgo.exe
FirewallRules: [{DE5C45D0-2A48-40B5-8E1A-34ED34A3ED39}] => (Block) C:\hry\w3\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe
FirewallRules: [{70A79C49-43EA-490D-B79C-3044DE063332}] => (Block) C:\hry\w3\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe
FirewallRules: [UDP Query User{1DB6C731-DAD4-4C83-B894-E5F0E45AB8FC}C:\hry\w3\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe] => (Allow) C:\hry\w3\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe
FirewallRules: [TCP Query User{9D71DE7B-78C0-49A1-966E-AA8C6035DF0E}C:\hry\w3\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe] => (Allow) C:\hry\w3\warcraft 3 + frozen throne cz full patched 1.26\warcraft iii\war3.exe
FirewallRules: [UDP Query User{0AFC7B20-5BE9-411B-AA3B-114A7F0D9F09}C:\hry\nový priečinok\youtuberslife.exe] => (Block) C:\hry\nový priečinok\youtuberslife.exe
FirewallRules: [TCP Query User{F0D6B6B5-210C-4D6C-AC73-154D3CD7FBD8}C:\hry\nový priečinok\youtuberslife.exe] => (Block) C:\hry\nový priečinok\youtuberslife.exe
FirewallRules: [UDP Query User{EC414DA2-B024-4D26-ADB9-A1C1C53AA9E2}C:\program files (x86)\men of war assault squad 2\mowas_2.exe] => (Allow) C:\program files (x86)\men of war assault squad 2\mowas_2.exe
FirewallRules: [TCP Query User{73165CE6-2406-44B9-9847-50E838C98ED6}C:\program files (x86)\men of war assault squad 2\mowas_2.exe] => (Allow) C:\program files (x86)\men of war assault squad 2\mowas_2.exe
FirewallRules: [UDP Query User{BB000C23-DF58-4F94-9E51-95BD047F2889}C:\users\user\appdata\roaming\.mestermc.hu\minecraft.exe] => (Block) C:\users\user\appdata\roaming\.mestermc.hu\minecraft.exe
FirewallRules: [TCP Query User{5D0C81D0-086C-4E46-87C3-C3ACC39E17EC}C:\users\user\appdata\roaming\.mestermc.hu\minecraft.exe] => (Block) C:\users\user\appdata\roaming\.mestermc.hu\minecraft.exe
FirewallRules: [{5DD15D59-F73E-44A5-9E14-85F597C943F9}] => (Allow) C:\Program Files (x86)\Mr DJ\RollerCoaster Tycoon World\RollerCoaster Tycoon World.exe
FirewallRules: [{75A40C0B-6C15-4BB5-8C7C-930F1ED5CA2D}] => (Allow) C:\Program Files (x86)\Mr DJ\RollerCoaster Tycoon World\RollerCoaster Tycoon World.exe
FirewallRules: [{11E290A2-C1B7-4D0B-B39D-5A0265E38225}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [{9E630961-26F0-4EC6-9E73-F4BB6DBE80D5}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [{66978BAD-21F7-4013-B60B-A3C025387820}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [{2C378851-E0F3-44F7-8ABA-65DBA8DCB91F}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [{87956DB0-1FE0-4A6F-9A22-3AB2886F2469}] => (Allow) C:\Program Files (x86)\R.G. Mechanics\SimCity\SimCity\SimCity.exe
FirewallRules: [{0BAAC279-269F-47D5-8BF3-101EF17B412F}] => (Allow) C:\Program Files (x86)\R.G. Mechanics\SimCity\SimCity\SimCity.exe
FirewallRules: [UDP Query User{093124FF-505E-42DD-B178-9C3C0C2687BD}C:\program files\strogino cs portal\counter-strike global offensive\csgo.exe] => (Allow) C:\program files\strogino cs portal\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{9928A269-B0A2-4E41-AEBD-333B8BAAAD70}C:\program files\strogino cs portal\counter-strike global offensive\csgo.exe] => (Allow) C:\program files\strogino cs portal\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{0E6A6F35-06CA-47BE-AC34-54D8E2FFA762}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{C17D3E75-4F4F-4AAC-9C50-DC80E1175651}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{4869A5DE-5475-4CF0-9CA2-7226967936D8}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{E9BB5976-4C63-4C19-ACB0-FF57BD6232FC}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{4419A58B-FA4D-4E18-921E-6DEBB05741C4}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{459A4DD6-9354-4B80-B1F0-F9BA7A814A23}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{F0268526-6AA7-4B1F-A396-0695011E0C8C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{803348AB-6225-4451-9A75-FA959B8E5F1B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{C25D3466-01BE-4B92-A5EC-766E3C65BF48}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5FFABF06-9D8B-48C6-8E15-FF5F29C670D9}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0C226233-A43F-438F-AB55-878B72BBCB3E}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D67D3CED-D3EA-4035-9BD1-E0F1C1620762}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{568C0802-B539-4451-A06C-554AA8A5512C}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{764321AC-0998-4DA1-95D8-89326D492EAD}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{CEE7455C-9CD5-4B5A-8118-6AC840236790}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{965336F3-5DB1-49BE-A3A6-434E05315576}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [{EE3EDC0D-0D0C-468F-A62F-FE38879C8B7F}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{2DB32939-5CAE-4FD1-9FFD-751D2875CDD4}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [TCP Query User{FCD1D3BA-924B-449A-AB25-FBEBDACFBCFD}C:\program files (x86)\far cry primal\bin\fcprimal.exe] => (Allow) C:\program files (x86)\far cry primal\bin\fcprimal.exe
FirewallRules: [UDP Query User{399FA05F-0A79-469F-9A46-8947006AD832}C:\program files (x86)\far cry primal\bin\fcprimal.exe] => (Allow) C:\program files (x86)\far cry primal\bin\fcprimal.exe
FirewallRules: [TCP Query User{A335EF71-9238-467C-836F-17C2C5FAFFA7}C:\program files (x86)\far cry primal\bin\fcprimal.exe] => (Block) C:\program files (x86)\far cry primal\bin\fcprimal.exe
FirewallRules: [UDP Query User{F07D9E72-666C-457D-865B-465B4DCCC4F4}C:\program files (x86)\far cry primal\bin\fcprimal.exe] => (Block) C:\program files (x86)\far cry primal\bin\fcprimal.exe
FirewallRules: [{3D5ABB52-3CDF-40E0-8C02-7D4A6764487C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{75E43C26-5197-4C43-B514-26089D57F45D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{930C9DDA-6056-4F94-A1C2-9963FD3DAD4D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A264DE3A-A48B-48E2-93BA-A63423C987C7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C7DB090B-61EE-4574-B1CB-C03849E31C99}] => (Allow) C:\Program Files (x86)\Warzone\CSGO WaRzOnE\csgo_launcher.exe
FirewallRules: [{8C4F9E1E-BA6C-41B8-B25D-F2A381C1D167}] => (Allow) C:\Program Files (x86)\Warzone\CSGO WaRzOnE\Loader.exe
FirewallRules: [TCP Query User{8A1EC7F2-ECD9-4026-80C8-35E7ED8378A1}C:\program files (x86)\warzone\csgo warzone\csgo.exe] => (Allow) C:\program files (x86)\warzone\csgo warzone\csgo.exe
FirewallRules: [UDP Query User{E3244F0F-1274-43A0-A65F-8FA4716F4AF5}C:\program files (x86)\warzone\csgo warzone\csgo.exe] => (Allow) C:\program files (x86)\warzone\csgo warzone\csgo.exe
FirewallRules: [TCP Query User{74072D41-B8C0-4C3A-A2CD-53EFE13BB44E}C:\program files (x86)\warzone\csgo warzone\csgo.exe] => (Block) C:\program files (x86)\warzone\csgo warzone\csgo.exe
FirewallRules: [UDP Query User{3D7773E0-1FC5-494C-831B-4CE55BFE6426}C:\program files (x86)\warzone\csgo warzone\csgo.exe] => (Block) C:\program files (x86)\warzone\csgo warzone\csgo.exe
FirewallRules: [{B46525E9-6AAF-4ACF-A4A6-188B0BC7D7EE}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
FirewallRules: [{E52FB93C-C7EA-4409-B321-D421B4E8E029}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
FirewallRules: [TCP Query User{27F16751-75B2-490F-87E8-E562ED76C77F}C:\hry\grand theft auto v\gta5.exe] => (Block) C:\hry\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{F2B97875-FDF3-412A-B2C0-94D78BDD8A73}C:\hry\grand theft auto v\gta5.exe] => (Block) C:\hry\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{4518C2F6-2C01-4A3E-A696-9BF4CB3DED0B}C:\program files (x86)\warzone\csgo warzone\launcher\tools\steamcmd.exe] => (Allow) C:\program files (x86)\warzone\csgo warzone\launcher\tools\steamcmd.exe
FirewallRules: [UDP Query User{83DD080E-0731-4928-A768-9D1C4D332E93}C:\program files (x86)\warzone\csgo warzone\launcher\tools\steamcmd.exe] => (Allow) C:\program files (x86)\warzone\csgo warzone\launcher\tools\steamcmd.exe
FirewallRules: [{21A89522-4609-46F6-B60B-E60B3234C85F}] => (Block) %ProgramFiles% (x86)\Rockstar Games\L.A. Noire - Complete Edition\LANPatcher.exe
FirewallRules: [{F570853B-6259-486A-9B31-4610DBA91250}] => (Block) %ProgramFiles% (x86)\Rockstar Games\L.A. Noire - Complete Edition\LANPatcher.exe
FirewallRules: [{64AF8C90-05BD-414E-AADF-EDD046A14331}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

09-04-2017 14:59:38 Nainštalované Wirecast

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/15/2017 02:24:02 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (04/15/2017 02:23:46 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (04/15/2017 02:23:45 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (04/14/2017 12:08:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: User-PC)
Description: Aktivácia aplikácie Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge zlyhala pre chybu: -2144927141 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error: (04/13/2017 10:42:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: CoDWaW.exe, verzia: 1.0.0.1, časová značka: 0x48f00000
Názov chybujúceho modulu: CoDWaW.exe, verzia: 1.0.0.1, časová značka: 0x48f00000
Kód výnimky: 0xc0000005
Odstup chyby: 0x002e9b07
Identifikácia chybujúceho procesu: 0x23f0
Čas spustenia chybujúcej aplikácie: 0x01d2b46805110525
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe
Cesta chybujúceho modulu: C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe
Identifikácia hlásenia: 34d480bf-4470-481e-a896-c58edee275e8
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (04/12/2017 12:12:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: hngservice.exe, verzia: 1.0.13.1232, časová značka: 0x58ec5bf7
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.14393.479, časová značka: 0x58256ca0
Kód výnimky: 0xc0000005
Odstup chyby: 0x000491dd
Identifikácia chybujúceho procesu: 0x184c
Čas spustenia chybujúcej aplikácie: 0x01d2b37335d3ea0c
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngservice.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 9d65d0b2-42cc-4db0-affe-77be72923cdb
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (04/12/2017 10:35:09 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Windows Defender status to SECURITY_PRODUCT_STATE_ON (error %3).

Error: (04/12/2017 10:35:09 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Windows Defender status to SECURITY_PRODUCT_STATE_ON (error %3).

Error: (04/12/2017 10:35:07 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Windows Defender status to SECURITY_PRODUCT_STATE_ON (error %3).

Error: (04/12/2017 10:35:07 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Windows Defender status to SECURITY_PRODUCT_STATE_ON (error %3).


System errors:
=============
Error: (04/15/2017 11:10:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/15/2017 11:10:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/15/2017 11:10:09 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/14/2017 12:08:44 PM) (Source: DCOM) (EventID: 10010) (User: User-PC)
Description: The server MicrosoftEdge did not register with DCOM within the required timeout.

Error: (04/12/2017 01:59:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/12/2017 01:54:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/12/2017 01:54:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/12/2017 01:54:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby SAService zlyhalo kvôli nasledujúcej chybe: 
The system cannot find the file specified.

Error: (04/12/2017 01:54:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby NetTcpPortSharing, od ktorej závisí služba NetTcpActivator, zlyhalo kvôli nasledujúcej chybe: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (04/12/2017 01:54:16 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 13:30:08 on ‎12.‎4.‎2017 was unexpected.


CodeIntegrity:
===================================
  Date: 2017-04-13 22:47:34.892
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-12 10:35:16.256
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-08 16:06:49.724
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-04 12:30:01.397
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-02 12:21:56.975
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-16 13:45:32.516
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-03 22:19:35.144
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-02 11:51:40.377
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-27 09:20:46.538
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-26 09:21:49.380
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 67%
Total physical RAM: 3964.85 MB
Available physical RAM: 1300.05 MB
Total Virtual: 8060.85 MB
Available Virtual: 4935.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.19 GB) (Free:40.43 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 85329290)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=486 MB) - (Type=27)

==================== End of Addition.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\MountPoints2: {2aab4417-d44b-11e6-bbaa-208984f6fdef} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\MountPoints2: {2f0c46d3-9f91-11e6-bb91-9cb70dfc57ea} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\MountPoints2: {a645bf84-2e1e-11e6-bb4e-9cb70dfc57ea} - "F:\setup.exe"
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\MountPoints2: {f97e1c71-9e95-11e6-bb91-9cb70dfc57ea} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\MountPoints2: {fd6f999a-5834-11e6-bb66-9cb70dfc57ea} - "G:\setup.exe"
AppInit_DLLs: 0 => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
U0 aswVmm; no ImagePath
U3 idsvc; no ImagePath
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\Users\User\AppData\Local\Temp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\User\Desktop" je 9825 MB.

To je příliš mnoho a může to způsobovat zpomalení startu systému. Vytvořte v C:\Users\User novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.

[Cibo]

Hotovo, počítač sa reštartoval a prikladám nasledujúci fixlog

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by User (15-04-2017 22:08:24) Run:1
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\MountPoints2: {2aab4417-d44b-11e6-bbaa-208984f6fdef} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\MountPoints2: {2f0c46d3-9f91-11e6-bb91-9cb70dfc57ea} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\MountPoints2: {a645bf84-2e1e-11e6-bb4e-9cb70dfc57ea} - "F:\setup.exe"
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\MountPoints2: {f97e1c71-9e95-11e6-bb91-9cb70dfc57ea} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\...\MountPoints2: {fd6f999a-5834-11e6-bb66-9cb70dfc57ea} - "G:\setup.exe"
AppInit_DLLs: 0 => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
U0 aswVmm; no ImagePath
U3 idsvc; no ImagePath
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\Users\User\AppData\Local\Temp

EmptyTemp:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2aab4417-d44b-11e6-bbaa-208984f6fdef} => key removed successfully
HKCR\CLSID\{2aab4417-d44b-11e6-bbaa-208984f6fdef} => key not found. 
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f0c46d3-9f91-11e6-bb91-9cb70dfc57ea} => key removed successfully
HKCR\CLSID\{2f0c46d3-9f91-11e6-bb91-9cb70dfc57ea} => key not found. 
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a645bf84-2e1e-11e6-bb4e-9cb70dfc57ea} => key removed successfully
HKCR\CLSID\{a645bf84-2e1e-11e6-bb4e-9cb70dfc57ea} => key not found. 
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f97e1c71-9e95-11e6-bb91-9cb70dfc57ea} => key removed successfully
HKCR\CLSID\{f97e1c71-9e95-11e6-bb91-9cb70dfc57ea} => key not found. 
HKU\S-1-5-21-1387504986-1140448117-892960123-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd6f999a-5834-11e6-bb66-9cb70dfc57ea} => key removed successfully
HKCR\CLSID\{fd6f999a-5834-11e6-bb66-9cb70dfc57ea} => key not found. 
"0" => Value data removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. 
HKLM\System\CurrentControlSet\Services\aswVmm => key removed successfully
aswVmm => service removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully
idsvc => service removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.

"C:\Users\User\AppData\Local\Temp" folder move:

Could not move "C:\Users\User\AppData\Local\Temp" => Scheduled to move on reboot.


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 63082210 B
Java, Flash, Steam htmlcache => 58586682 B
Windows/system/drivers => 353758630 B
Edge => 14460903 B
Chrome => 532681162 B
Firefox => 39236742 B
Opera => 443645370 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 74886 B
NetworkService => 787584 B
User => 1310342839 B
DefaultAppPool => 0 B

RecycleBin => 49889414 B
EmptyTemp: => 2.7 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 15-04-2017 22:16:44)

C:\ProgramData\DP45977C.lfl => Is moved successfully
C:\Users\User\AppData\Local\Temp => moved successfully

==== End of Fixlog 22:16:48 ====

Pomohlo, ďakujem. Už mi nič nespomaluje CPU.

Chcel by som sa ešte opýtať na Notebook môjho kamaráta. Lenovo Z50-75, má tam integrovanú grafickú kartu, tá mu funguje (žial bohu, ako jediná). GPU-Z zobrazuje AMD R7 M260DX, ale ani raz sa nespustí. Ani pri hraní hier. Je nastavená individuálne v AMD programe konkrétne Catalyst na vysoký výkon to znamená že ide tá druhá. (Vlastním podobný počítač kde to treba nastaviť) No jemu to nechce ani za svet fungovať. Na internete som našiel že počítač má v sebe zabudovaný nejaký Safe Modul ktorý zabraňuje použitiu tej grafickej karty. Nedá sa to nejako obísť?

Screen od GPU-Z

Kód: Vybrat vše

https://ctrlv.cz/0IIM

[Rudy]

OK. To dost speciální otázka, na kterou vám tu asi nikdo neodpoví. Osobně si myslím, že to nejde, ale lepší odpověď vám dá některé hardwarové fórum. Nemáte zač!

[Cibo]

BUMP

Nepomohlo to ..

Kód: Vybrat vše

https://ctrlv.cz/BGg6

[Rudy]

Na zkoušku vypněte aut. aktualizace a antivir.

[Cibo]

Ouki, antivírus k dispozícií mám len Windows Defender, po vypnutí ochrani reálneho času sa nič nezmenilo. Aut. aktualizácie na Windows 10 sa nedajú vypnúť, mám nastavaný Methered connection, teda nesťahuje mi žiadne aktualizácie lebo sú "platené MB".

Alebo, ak sa dá vypnúť nejako aktualizácie, rád by som vedel ako.

[Rudy]

Návod zde: http://www.servispckupka.cz/jak_vypnout ... ows_10.php .